Борьба с парсингом сертификатов

docs/Port mbedtls

@@ -0,0 +1,12 @@
+1. Добавил папку mbedtls_api для сторонних файлов mbedtls.
+1.1 В файле hardware_rng изменил реализацию mbedtls_hardware_poll.
+
+2. Сокеты
+2.1 В файле radius_config открыл #include "sockets.h" и убрал объявление struct sockaddr_storage.
+2.2 В файле lwip sockets.h открыл определение структуры sockaddr_storage.
+2.3 В файле config.c закрыл внутреннюю реализацию функции rc_add_config(...). Похоже она у нас не вызывается.
+2.4 В файле убрал объявление struct addrinfo. 
+2.5 В lwipopts.h добавил следующие дефайны:
+		#define LWIP_DNS 1 (понадобился для сборки net_sockets.c)
+		#define SO_REUSE 1 (так было в примере)
+

modules/Ethernet/lwipopts.h

@@ -226,7 +226,9 @@ The STM32F4x7 allows computing and verifying the IP, UDP, TCP and ICMP checksums
  * LWIP_SOCKET==1: Enable Socket API (require to use sockets.c)
  */
 #define LWIP_SOCKET                     1
-
+#define LWIP_DNS                        1
+#define SO_REUSE                        1
+   
 /*
    -----------------------------------
    ---------- DEBUG options ----------

modules/HTTP_Server/http_server.c

@@ -2786,4 +2786,304 @@ void HTTPS_Init()
 
 
 
+
+
+
 // -----------------------------------------------------------------------------
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdio.h>
+#define mbedtls_time       time
+#define mbedtls_time_t     time_t 
+#define mbedtls_fprintf    fprintf
+#define mbedtls_printf     printf
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/certs.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/ssl.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/error.h"
+#include "mbedtls/debug.h"
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+#include "mbedtls/ssl_cache.h"
+#endif
+
+#define HTTP_RESPONSE \
+    "HTTP/1.0 200 OK\r\nContent-Type: text/html\r\n\r\n" \
+    "<h2>mbed TLS Test Server</h2>\r\n" \
+    "<p>Successful connection using: %s</p>\r\n"
+
+static mbedtls_net_context listen_fd, client_fd;
+static const uint8_t *pers = (uint8_t *)("ssl_server");
+mbedtls_entropy_context entropy;
+mbedtls_ctr_drbg_context ctr_drbg;
+mbedtls_ssl_context ssl;
+mbedtls_ssl_config conf;
+mbedtls_x509_crt srvcert;
+mbedtls_pk_context pkey;
+
+void ssl_server(void *pvParameters)
+{
+  int ret, len;
+  
+#ifdef MBEDTLS_MEMORY_BUFFER_ALLOC_C
+  mbedtls_memory_buffer_alloc_init(memory_buf, sizeof(memory_buf));
+#endif
+  mbedtls_net_init( &listen_fd );
+  mbedtls_net_init( &client_fd );
+  
+  mbedtls_ssl_init( &ssl );
+  mbedtls_ssl_config_init( &conf );
+#if defined(MBEDTLS_SSL_CACHE_C)
+  mbedtls_ssl_cache_init( &cache );
+#endif
+  mbedtls_x509_crt_init( &srvcert );
+  mbedtls_pk_init( &pkey );
+  mbedtls_entropy_init( &entropy );
+  mbedtls_ctr_drbg_init( &ctr_drbg );
+  
+#if defined(MBEDTLS_DEBUG_C)
+  mbedtls_debug_set_threshold( DEBUG_LEVEL );
+#endif
+  
+  // 1. Load the certificates and private RSA key
+  mbedtls_printf( "\r\n  . Loading the server cert. and key..." );
+  
+   // This demonstration program uses embedded test certificates.
+   // Instead, you may want to use mbedtls_x509_crt_parse_file() to read the
+   // server and CA certificates, as well as mbedtls_pk_parse_keyfile().
+  //ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_srv_crt, mbedtls_test_srv_crt_len );
+  ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) sSettings.our_srv_crt, strlen(sSettings.our_srv_crt) );
+  if( ret != 0 )
+  {
+    mbedtls_printf( " failed\r\n  !  mbedtls_x509_crt_parse returned %d\r\n", ret );
+    goto exit;
+  }
+/*  
+  ret = mbedtls_x509_crt_parse( &srvcert, (const unsigned char *) mbedtls_test_cas_pem, mbedtls_test_cas_pem_len );
+  if( ret != 0 )
+  {
+    mbedtls_printf( " failed\r\n  !  mbedtls_x509_crt_parse returned %d\r\n", ret );
+    goto exit;
+  }
+ */ 
+  //ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key, mbedtls_test_srv_key_len, NULL, 0 );
+  ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) test_srv_key, strlen(test_srv_key), NULL, 0 );
+  if( ret != 0 )
+  {
+    mbedtls_printf( " failed\r\n  !  mbedtls_pk_parse_key returned %d\r\n", ret );
+    goto exit;
+  }
+
+  mbedtls_printf( " ok\r\n" );
+  
+  // 2. Setup the listening TCP socket
+  mbedtls_printf( "  . Bind on https://localhost:443/ ..." );
+
+  if((ret = mbedtls_net_bind(&listen_fd, NULL, "443", MBEDTLS_NET_PROTO_TCP )) != 0)
+  {
+    mbedtls_printf( " failed\n  ! mbedtls_net_bind returned %d\r\n", ret );
+    goto exit;
+  }
+
+  mbedtls_printf( " ok\r\n" );
+  
+  // 3. Seed the RNG
+  mbedtls_printf( "  . Seeding the random number generator..." );
+
+  if((ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy, (const unsigned char *) pers, strlen( (char *)pers))) != 0)
+  {
+    mbedtls_printf( " failed\r\n  ! mbedtls_ctr_drbg_seed returned %d\r\n", ret );
+    goto exit;
+  }
+
+  mbedtls_printf( " ok\r\n" );
+  
+  // 4. Setup stuff
+  mbedtls_printf( "  . Setting up the SSL data...." );
+
+  if( ( ret = mbedtls_ssl_config_defaults(&conf, MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT)) != 0)
+  {
+    mbedtls_printf( " failed\r\n  ! mbedtls_ssl_config_defaults returned %d\r\n", ret );
+    goto exit;
+  }
+
+  mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &ctr_drbg);
+
+#if defined(MBEDTLS_SSL_CACHE_C)
+  mbedtls_ssl_conf_session_cache(&conf, &cache, mbedtls_ssl_cache_get, mbedtls_ssl_cache_set);
+#endif
+
+  mbedtls_ssl_conf_ca_chain(&conf, srvcert.next, NULL);
+  if( ( ret = mbedtls_ssl_conf_own_cert(&conf, &srvcert, &pkey ) ) != 0)
+  {
+    mbedtls_printf( " failed\r\n  ! mbedtls_ssl_conf_own_cert returned %d\r\n", ret );
+    goto exit;
+  }
+
+  if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
+  {
+    mbedtls_printf( " failed\r\n  ! mbedtls_ssl_setup returned %d\r\n", ret );
+    goto exit;
+  }
+
+  mbedtls_printf( " ok\r\n" );
+  
+reset:
+#ifdef MBEDTLS_ERROR_C
+  if( ret != 0 )
+  {
+    uint8_t error_buf[100];
+    mbedtls_strerror( ret, (char *)error_buf, 100 );
+    mbedtls_printf("Last error was: %d - %s\r\n", ret, error_buf );
+  }
+#endif  
+  
+  mbedtls_net_free( &client_fd );
+  mbedtls_ssl_session_reset( &ssl );
+  
+  // 5. Wait until a client connects
+  mbedtls_printf( "  . Waiting for a remote connection ..." );
+
+  if((ret = mbedtls_net_accept(&listen_fd, &client_fd, NULL, 0, NULL)) != 0)
+  {
+    mbedtls_printf( " failed\r\n  ! mbedtls_net_accept returned %d\r\n", ret );
+    goto exit;
+  }
+
+  mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
+
+  mbedtls_printf( " ok\r\n" );
+  
+  // 6. Handshake
+  mbedtls_printf( "  . Performing the SSL/TLS handshake..." );
+
+  while( ( ret = mbedtls_ssl_handshake( &ssl ) ) != 0 )
+  {
+    if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+    {
+      mbedtls_printf( " failed\r\n  ! mbedtls_ssl_handshake returned %d\r\n", ret );
+      goto reset;
+    }
+  }
+
+  mbedtls_printf( " ok\r\n" );
+  
+  /*
+   * 7. Read the HTTP Request
+   */
+  mbedtls_printf( "  < Read from client:" );
+  do
+  {
+    len = sizeof( receiveBuf ) - 1;
+    memset( receiveBuf, 0, sizeof( receiveBuf ) );
+    ret = mbedtls_ssl_read( &ssl, receiveBuf, len );
+
+    if( ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE )
+	{
+      continue;
+    }
+    if( ret <= 0 )
+    {
+      switch( ret )
+      {
+        case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
+          mbedtls_printf( " connection was closed gracefully\r\n" );
+          break;
+
+        case MBEDTLS_ERR_NET_CONN_RESET:
+          mbedtls_printf( " connection was reset by peer\r\n" );
+          break;
+
+        default:
+          mbedtls_printf( " mbedtls_ssl_read returned -0x%x\r\n", -ret );
+          break;
+      }
+
+      break;
+    }
+
+    len = ret;
+    mbedtls_printf( " %d bytes read\r\n%s", len, (char *) receiveBuf );
+
+    if( ret > 0 )
+	{
+      break;
+	}
+  } while(1);  
+  
+  // 8. Write the 200 Response
+  mbedtls_printf( "  > Write to client:" );
+  len = sprintf( (char *) receiveBuf, HTTP_RESPONSE, mbedtls_ssl_get_ciphersuite( &ssl ) );
+
+  while( ( ret = mbedtls_ssl_write( &ssl, receiveBuf, len ) ) <= 0 )
+  {
+    if( ret == MBEDTLS_ERR_NET_CONN_RESET )
+    {
+      mbedtls_printf( " failed\r\n  ! peer closed the connection\r\n" );
+      goto reset;
+    }
+
+    if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+    {
+      mbedtls_printf( " failed\r\n  ! mbedtls_ssl_write returned %d\r\n", ret );
+      goto exit;
+    }
+  }
+
+  len = ret;
+  mbedtls_printf( " %d bytes written\n\n%s\n", len, (char *) receiveBuf );
+
+  mbedtls_printf( "  . Closing the connection..." );
+
+  while( ( ret = mbedtls_ssl_close_notify( &ssl ) ) < 0 )
+  {
+    if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE )
+    {
+      mbedtls_printf( " failed\r\n  ! mbedtls_ssl_close_notify returned %d\r\n", ret );
+      goto reset;
+    }
+  }
+
+  mbedtls_printf( " ok\r\n" );
+
+  ret = 0;
+  goto reset;  
+  
+  
+  
+  vTaskDelete(NULL);
+  
+exit:
+  //mbedtls_net_free( &client_fd );
+  //mbedtls_net_free( &listen_fd );
+
+  mbedtls_x509_crt_free( &srvcert );
+  mbedtls_pk_free( &pkey );
+  mbedtls_ssl_free( &ssl );
+  mbedtls_ssl_config_free( &conf );
+#if defined(MBEDTLS_SSL_CACHE_C)
+  mbedtls_ssl_cache_free( &cache );
+#endif
+  mbedtls_ctr_drbg_free( &ctr_drbg );
+  mbedtls_entropy_free( &entropy );
+
+  
+  vTaskDelete(NULL);
+}
+
+
+
+
+
+
+

modules/mbedtls_api/hardware_rng.c

@@ -0,0 +1,54 @@
+/**
+  ******************************************************************************
+  * @file    hardware_rng.c
+  * @author  MCD Application Team
+  * @version V1.1.0
+  * @date    17-February-2017
+  * @brief   mbedtls entropy data generator using the HAL_RNG API.
+  ******************************************************************************
+  * @attention
+  *
+  * <h2><center>&copy; COPYRIGHT(c) 2017 STMicroelectronics</center></h2>
+  *
+  * Licensed under MCD-ST Liberty SW License Agreement V2, (the "License");
+  * You may not use this file except in compliance with the License.
+  * You may obtain a copy of the License at:
+  *
+  *        http://www.st.com/software_license_agreement_liberty_v2
+  *
+  * Unless required by applicable law or agreed to in writing, software 
+  * distributed under the License is distributed on an "AS IS" BASIS, 
+  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  * See the License for the specific language governing permissions and
+  * limitations under the License.
+  *
+  ******************************************************************************
+  */
+#include "mbedtls_config.h"
+#include "rng.h"
+
+#ifdef MBEDTLS_ENTROPY_HARDWARE_ALT
+
+#include "main.h"
+#include <string.h>
+
+#include "mbedtls/entropy_poll.h"
+
+
+int mbedtls_hardware_poll( void *Data, unsigned char *Output, size_t Len, size_t *oLen )
+{
+  uint32_t index;
+  uint32_t randomValue;
+		
+  for (index = 0; index < Len/4; index++)
+  {
+    randomValue = GetRandomNumber();
+    *oLen += 4;
+    memset(&(Output[index * 4]), (int)randomValue, 4);
+  }
+  
+  return 0;
+}
+
+
+#endif /*MBEDTLS_ENTROPY_HARDWARE_ALT*/

user/mbedtls_config.h → modules/mbedtls_api/mbedtls_config.h

@@ -1,135 +1,150 @@
-/** 
-  *
-  *  Portions COPYRIGHT 2016 STMicroelectronics
-  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
-  *
-  ******************************************************************************
-  * @file    mbedtls_config.h 
-  * @author  MCD Application Team
-  * @version V1.1.0
-  * @date    17-February-2017
-  * @brief   the mbedtls custom config header file.
-  ******************************************************************************
-  * @attention
-  *
-  * <h2><center>&copy; COPYRIGHT(c) 2017 STMicroelectronics</center></h2>
-  *
-  * Redistribution and use in source and binary forms, with or without modification,
-  * are permitted provided that the following conditions are met:
-  *   1. Redistributions of source code must retain the above copyright notice,
-  *      this list of conditions and the following disclaimer.
-  *   2. Redistributions in binary form must reproduce the above copyright notice,
-  *      this list of conditions and the following disclaimer in the documentation
-  *      and/or other materials provided with the distribution.
-  *   3. Neither the name of STMicroelectronics nor the names of its contributors
-  *      may be used to endorse or promote products derived from this software
-  *      without specific prior written permission.
-  *
-  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-  * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-  *
-  ******************************************************************************
-  */ 
-
-#ifndef MBEDTLS_CONFIG_H
-#define MBEDTLS_CONFIG_H
-
-/* System support */
-#define MBEDTLS_HAVE_ASM
-#define MBEDTLS_HAVE_TIME
-
-/* mbed TLS feature support */
-#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
-#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
-#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
-#define MBEDTLS_SSL_PROTO_TLS1_2
-
-/* mbed TLS modules */
-#define MBEDTLS_AES_C
-#define MBEDTLS_ASN1_PARSE_C
-#define MBEDTLS_ASN1_WRITE_C
-#define MBEDTLS_BIGNUM_C
-#define MBEDTLS_CIPHER_C
-#define MBEDTLS_CTR_DRBG_C
-#define MBEDTLS_ECDH_C
-#define MBEDTLS_ECDSA_C
-#define MBEDTLS_ECP_C
-#define MBEDTLS_ENTROPY_C
-#define MBEDTLS_GCM_C
-#define MBEDTLS_MD_C
-#define MBEDTLS_NET_C
-#define MBEDTLS_OID_C
-#define MBEDTLS_PK_C
-#define MBEDTLS_PK_PARSE_C
-#define MBEDTLS_SHA256_C
-#define MBEDTLS_SHA512_C
-#define MBEDTLS_SSL_CLI_C
-#define MBEDTLS_SSL_SRV_C
-#define MBEDTLS_SSL_TLS_C
-#define MBEDTLS_X509_CRT_PARSE_C
-#define MBEDTLS_X509_USE_C
-
-/* For test certificates */
-#define MBEDTLS_BASE64_C
-#define MBEDTLS_CERTS_C
-#define MBEDTLS_PEM_PARSE_C
-
-/* Save RAM at the expense of ROM */
-#define MBEDTLS_AES_ROM_TABLES
-
-/* Save RAM by adjusting to our exact needs */
-#define MBEDTLS_ECP_MAX_BITS   384
-#define MBEDTLS_MPI_MAX_SIZE    48 // 384 bits is 48 bytes
-
-/* Save RAM at the expense of speed, see ecp.h */
-#define MBEDTLS_ECP_WINDOW_SIZE        2
-#define MBEDTLS_ECP_FIXED_POINT_OPTIM  0
-
-/* Significant speed benefit at the expense of some ROM */
-#define MBEDTLS_ECP_NIST_OPTIM
-
-/*
- * You should adjust this to the exact number of sources you're using: default
- * is the "mbedtls_platform_entropy_poll" source, but you may want to add other ones.
- * Minimum is 2 for the entropy test suite.
- */
-#define MBEDTLS_ENTROPY_MAX_SOURCES 2
-
-/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
-#define MBEDTLS_SSL_CIPHERSUITES                        \
-    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,    \
-    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
-
-/*
- * Save RAM at the expense of interoperability: do this only if you control
- * both ends of the connection!  (See coments in "mbedtls/ssl.h".)
- * The minimum size here depends on the certificate chain used as well as the
- * typical size of records.
- */
-#define MBEDTLS_SSL_MAX_CONTENT_LEN             2048
-
-#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
-#define MBEDTLS_CAMELLIA_C
-
-
-#ifdef USE_LCD
-#include "lcd_log.h"
-#define MBEDTLS_PLATFORM_C
-#define MBEDTLS_PLATFORM_PRINTF_MACRO LCD_UsrLog
-#endif
-
-/* Customize the entropy data generation */
-#define MBEDTLS_NO_PLATFORM_ENTROPY
-#define MBEDTLS_ENTROPY_HARDWARE_ALT
-
-#include "mbedtls/check_config.h"
-
-#endif /* MBEDTLS_CONFIG_H */
+/** 
+  *
+  *  Portions COPYRIGHT 2016 STMicroelectronics
+  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+  *
+  ******************************************************************************
+  * @file    mbedtls_config.h 
+  * @author  MCD Application Team
+  * @version V1.1.0
+  * @date    17-February-2017
+  * @brief   the mbedtls custom config header file.
+  ******************************************************************************
+  * @attention
+  *
+  * <h2><center>&copy; COPYRIGHT(c) 2017 STMicroelectronics</center></h2>
+  *
+  * Redistribution and use in source and binary forms, with or without modification,
+  * are permitted provided that the following conditions are met:
+  *   1. Redistributions of source code must retain the above copyright notice,
+  *      this list of conditions and the following disclaimer.
+  *   2. Redistributions in binary form must reproduce the above copyright notice,
+  *      this list of conditions and the following disclaimer in the documentation
+  *      and/or other materials provided with the distribution.
+  *   3. Neither the name of STMicroelectronics nor the names of its contributors
+  *      may be used to endorse or promote products derived from this software
+  *      without specific prior written permission.
+  *
+  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+  * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+  *
+  ******************************************************************************
+  */ 
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+/* System support */
+#define MBEDTLS_HAVE_ASM
+#define MBEDTLS_HAVE_TIME
+
+/* mbed TLS feature support */
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+#define MBEDTLS_SSL_PROTO_TLS1_2
+
+/* mbed TLS modules */
+#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_CTR_DRBG_C
+#define MBEDTLS_ECDH_C
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ENTROPY_C
+#define MBEDTLS_GCM_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_NET_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA512_C
+#define MBEDTLS_SSL_CLI_C
+#define MBEDTLS_SSL_SRV_C
+#define MBEDTLS_SSL_TLS_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_USE_C
+
+// User
+#define MBEDTLS_RSA_C
+#define MBEDTLS_PKCS1_V21
+
+/* For test certificates */
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_CERTS_C
+#define MBEDTLS_PEM_PARSE_C
+
+/* Save RAM at the expense of ROM */
+#define MBEDTLS_AES_ROM_TABLES
+
+/* Save RAM by adjusting to our exact needs */
+#define MBEDTLS_ECP_MAX_BITS   384
+#define MBEDTLS_MPI_MAX_SIZE    48 // 384 bits is 48 bytes
+
+/* Save RAM at the expense of speed, see ecp.h */
+#define MBEDTLS_ECP_WINDOW_SIZE        2
+#define MBEDTLS_ECP_FIXED_POINT_OPTIM  0
+
+/* Significant speed benefit at the expense of some ROM */
+#define MBEDTLS_ECP_NIST_OPTIM
+
+/*
+ * You should adjust this to the exact number of sources you're using: default
+ * is the "mbedtls_platform_entropy_poll" source, but you may want to add other ones.
+ * Minimum is 2 for the entropy test suite.
+ */
+#define MBEDTLS_ENTROPY_MAX_SOURCES 2
+
+/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
+#define MBEDTLS_SSL_CIPHERSUITES                        \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,    \
+    MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+
+/*
+ * Save RAM at the expense of interoperability: do this only if you control
+ * both ends of the connection!  (See coments in "mbedtls/ssl.h".)
+ * The minimum size here depends on the certificate chain used as well as the
+ * typical size of records.
+ */
+#define MBEDTLS_SSL_MAX_CONTENT_LEN             2048
+
+#define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
+#define MBEDTLS_CAMELLIA_C
+
+
+#ifdef USE_LCD
+//#include "lcd_log.h"
+#define MBEDTLS_PLATFORM_C
+//#define MBEDTLS_PLATFORM_PRINTF_MACRO LCD_UsrLog
+#define MBEDTLS_PLATFORM_PRINTF_MACRO printf
+#endif
+
+/* Customize the entropy data generation */
+#define MBEDTLS_NO_PLATFORM_ENTROPY
+#define MBEDTLS_ENTROPY_HARDWARE_ALT
+
+// User debug options
+#define MBEDTLS_DEBUG_C
+#define DEBUG_LEVEL   3  // 0 No debug
+                         // 1 Error
+                         // 2 State change
+                         // 3 Informational
+                         // 4 Verbose
+
+#define UNUSED(x) ((void)(x))      
+      
+#include "mbedtls/check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */

modules/mbedtls_api/net_sockets.c

@@ -0,0 +1,521 @@
+/** 
+  *  Portions COPYRIGHT 2016 STMicroelectronics
+  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+  *
+  ******************************************************************************
+  * @file    net_sockets.c
+  * @author  MCD Application Team
+  * @version V1.1.0
+  * @date    17-February-2017
+  * @brief   TCP/IP or UDP/IP networking functions iplementation based on LwIP API
+             see the file "mbedTLS/library/net_socket_template.c" for the standard
+			 implmentation
+  ******************************************************************************
+  * @attention
+  *
+  * <h2><center>&copy; COPYRIGHT(c) 2017 STMicroelectronics</center></h2>
+  *
+  * Redistribution and use in source and binary forms, with or without modification,
+  * are permitted provided that the following conditions are met:
+  *   1. Redistributions of source code must retain the above copyright notice,
+  *      this list of conditions and the following disclaimer.
+  *   2. Redistributions in binary form must reproduce the above copyright notice,
+  *      this list of conditions and the following disclaimer in the documentation
+  *      and/or other materials provided with the distribution.
+  *   3. Neither the name of STMicroelectronics nor the names of its contributors
+  *      may be used to endorse or promote products derived from this software
+  *      without specific prior written permission.
+  *
+  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+  * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+  *
+  ******************************************************************************
+  */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#if defined(MBEDTLS_NET_C)
+
+#if defined(MBEDTLS_PLATFORM_C)
+#include "mbedtls/platform.h"
+#else
+#include <stdlib.h>
+#endif
+
+#include "mbedtls/net_sockets.h"
+
+#include "lwip/dhcp.h"
+#include "lwip/tcpip.h"
+#include "lwip/ip_addr.h"
+#include "lwip/netdb.h"
+#include "lwip/sockets.h"
+   
+#include "netif/ethernet.h"
+
+#include "ethernetif.h"
+#include "stm32f4xx.h"  
+
+#include "main.h"
+
+static struct netif netif;
+static int initialized = 0;
+struct sockaddr_storage client_addr;
+
+static int net_would_block( const mbedtls_net_context *ctx );
+/*
+ * Initialize LwIP stack and get a dynamic IP address.
+ */
+void mbedtls_net_init( mbedtls_net_context *ctx )
+{
+  ip4_addr_t addr;
+  ip4_addr_t netmask;
+  ip4_addr_t gw;
+  uint32_t start;
+ 
+  ctx->fd = -1;
+# if 0 
+  if (initialized != 0)
+    return;
+  
+  tcpip_init(NULL, NULL);
+
+  /* IP default settings, to be overridden by DHCP */  
+
+  IP4_ADDR(&addr, IP_ADDR0, IP_ADDR1, IP_ADDR2, IP_ADDR3);
+  IP4_ADDR(&gw, GW_ADDR0, GW_ADDR1, GW_ADDR2, GW_ADDR3);
+  IP4_ADDR(&netmask, MASK_ADDR0, MASK_ADDR1, MASK_ADDR2, MASK_ADDR3);
+  
+  /* add the network interface */    
+  netif_add(&netif, &addr, &netmask, &gw, NULL, &ethernetif_init, &ethernet_input);
+  
+  /* register the default network interface. */
+  netif_set_default(&netif);
+ 
+  if (netif_is_link_up(&netif))
+  {
+    netif_set_up(&netif);
+  }
+  else
+  {
+    netif_set_down(&netif);
+  }
+#ifdef USE_DHCP
+  dhcp_start(&netif);
+#endif
+  osDelay(500);
+
+  start = HAL_GetTick();
+  
+  while((netif.ip_addr.addr == 0) && (HAL_GetTick() - start < 10000))
+  {
+  }
+  
+  if (netif.ip_addr.addr == 0)
+  {
+    printf(" Failed to get ip address! Please check your network configuration.\n");
+    Error_Handler();
+  }
+  else
+  {
+     printf("\nIpAdress = %lu.%lu.%lu.%lu\n", (netif.ip_addr.addr & 0xff), ((netif.ip_addr.addr >> 8) & 0xff)
+                                        , ((netif.ip_addr.addr >> 16) & 0xff), ((netif.ip_addr.addr >> 24)& 0xff));
+#ifdef USE_DHCP
+    dhcp_stop(&netif);
+#endif
+    initialized = 1;
+  }
+#endif  
+}
+
+/*
+ * Initiate a TCP connection with host:port and the given protocol
+ */
+int mbedtls_net_connect( mbedtls_net_context *ctx, const char *host, const char *port, int proto )
+{
+  int ret;
+  struct addrinfo hints;
+  struct addrinfo *list;
+  struct addrinfo *current;
+
+  /* Do name resolution with both IPv6 and IPv4 */
+  memset(&hints, 0, sizeof(hints));
+  hints.ai_family = AF_UNSPEC;
+  hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
+  hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
+
+  if(getaddrinfo(host, port, &hints, &list) != 0)
+    return MBEDTLS_ERR_NET_UNKNOWN_HOST;
+
+  /* Try the sockaddrs until a connection succeeds */
+  ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
+  for( current = list; current != NULL; current = current->ai_next)
+  {
+    ctx->fd = (int) socket(current->ai_family, current->ai_socktype, current->ai_protocol);
+    if(ctx->fd < 0)
+    {
+      ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+      continue;
+    }
+
+    if(connect(ctx->fd, current->ai_addr, (uint32_t)current->ai_addrlen) == 0)
+    {
+      ret = 0;
+      break;
+    }
+
+    close( ctx->fd );
+    ret = MBEDTLS_ERR_NET_CONNECT_FAILED;
+  }
+
+  freeaddrinfo(list);
+
+  return ret;
+}
+
+/*
+ * Create a listening socket on bind_ip:port
+ */
+int mbedtls_net_bind( mbedtls_net_context *ctx, const char *bind_ip, const char *port, int proto )
+{
+    int n, ret;
+    struct addrinfo hints, *addr_list, *cur;
+
+    /* Bind to IPv6 and/or IPv4, but only in the desired protocol */
+    memset( &hints, 0, sizeof( hints ) );
+    hints.ai_family = AF_UNSPEC;
+    hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
+    hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
+    if( bind_ip == NULL )
+        hints.ai_flags = AI_PASSIVE;
+
+    if( getaddrinfo( bind_ip, port, &hints, &addr_list ) != 0 )
+        return( MBEDTLS_ERR_NET_UNKNOWN_HOST );
+
+    /* Try the sockaddrs until a binding succeeds */
+    ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
+    for( cur = addr_list; cur != NULL; cur = cur->ai_next )
+    {
+        ctx->fd = (int) socket( cur->ai_family, cur->ai_socktype,
+                            cur->ai_protocol );
+        if( ctx->fd < 0 )
+        {
+            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+            continue;
+        }
+
+        n = 1;
+        if( setsockopt( ctx->fd, SOL_SOCKET, SO_REUSEADDR,
+                        (const char *) &n, sizeof( n ) ) != 0 )
+        {
+            close( ctx->fd );
+            ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
+            continue;
+        }
+
+        if( bind( ctx->fd, cur->ai_addr, (socklen_t)cur->ai_addrlen ) != 0 )
+        {
+            close( ctx->fd );
+            ret = MBEDTLS_ERR_NET_BIND_FAILED;
+            continue;
+        }
+
+        /* Listen only makes sense for TCP */
+        if( proto == MBEDTLS_NET_PROTO_TCP )
+        {
+            if( listen( ctx->fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 )
+            {
+                close( ctx->fd );
+                ret = MBEDTLS_ERR_NET_LISTEN_FAILED;
+                continue;
+            }
+    }
+
+    /* I we ever get there, it's a success */
+    ret = 0;
+    break;
+  }
+
+  freeaddrinfo( addr_list );
+
+  return ret;
+}
+
+/*
+ * Accept a connection from a remote client
+ */
+int mbedtls_net_accept( mbedtls_net_context *bind_ctx,
+                        mbedtls_net_context *client_ctx,
+                        void *client_ip, size_t buf_size, size_t *ip_len )
+{
+
+  int ret;
+  int type;
+
+#if defined(__socklen_t_defined) || defined(_SOCKLEN_T) ||  \
+    defined(_SOCKLEN_T_DECLARED) || defined(__DEFINED_socklen_t)
+#error _SOCKLEN_T
+	
+    socklen_t n = (socklen_t) sizeof( client_addr );
+    socklen_t type_len = (socklen_t) sizeof( type );
+#else
+    int n = (int) sizeof( client_addr );
+    int type_len = (int) sizeof( type );
+#endif
+
+  /* Is this a TCP or UDP socket? */
+  if(getsockopt(bind_ctx->fd, SOL_SOCKET, SO_TYPE, (void *) &type, (u32_t *)(&type_len) ) != 0 ||
+               (type != SOCK_STREAM && type != SOCK_DGRAM))
+  {
+    return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
+  }
+
+  if( type == SOCK_STREAM )
+  {
+    /* TCP: actual accept() */
+    ret = client_ctx->fd = (int) accept( bind_ctx->fd, (struct sockaddr *) &client_addr, (u32_t *)(&n) );
+  }
+  else
+  {
+    /* UDP: wait for a message, but keep it in the queue */
+    char buf[1] = { 0 };
+    ret = (int) recvfrom( bind_ctx->fd, buf, sizeof( buf ), MSG_PEEK, (struct sockaddr *) &client_addr, (u32_t *)(&n) );
+  }
+
+  if( ret < 0 )
+  {
+    if( net_would_block( bind_ctx ) != 0 )
+      return( MBEDTLS_ERR_SSL_WANT_READ );
+
+    return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
+  }
+
+  /* UDP: hijack the listening socket to communicate with the client,
+   * then bind a new socket to accept new connections */
+  if( type != SOCK_STREAM )
+  {
+    struct sockaddr_storage local_addr;
+    int one = 1;
+
+    if( connect( bind_ctx->fd, (struct sockaddr *) &client_addr, n ) != 0 )
+    {
+      return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
+    }
+
+    client_ctx->fd = bind_ctx->fd;
+    bind_ctx->fd   = -1; /* In case we exit early */
+
+    n = sizeof( struct sockaddr_storage );
+    if( getsockname(client_ctx->fd, (struct sockaddr *) &local_addr, (u32_t*)(&n) ) != 0 ||
+                    (bind_ctx->fd = (int) socket( local_addr.ss_family, SOCK_DGRAM, IPPROTO_UDP ) ) < 0 ||
+                     setsockopt( bind_ctx->fd, SOL_SOCKET, SO_REUSEADDR, (const char *) &one, sizeof( one ) ) != 0 )
+    {
+      return( MBEDTLS_ERR_NET_SOCKET_FAILED );
+    }
+
+    if( bind( bind_ctx->fd, (struct sockaddr *) &local_addr, n ) != 0 )
+    {
+      return( MBEDTLS_ERR_NET_BIND_FAILED );
+    }
+  }
+
+  if( client_ip != NULL )
+  {
+
+    if( client_addr.ss_family == AF_INET )
+    {
+#if LWIP_IPV4
+      struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr;
+      *ip_len = sizeof( addr4->sin_addr.s_addr );
+
+      if( buf_size < *ip_len )
+      {
+        return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL );
+	  }
+      memcpy( client_ip, &addr4->sin_addr.s_addr, *ip_len );
+#endif
+    }
+    else
+    {
+#if LWIP_IPV6
+      struct sockaddr_in6 *addr6 = (struct sockaddr_in6 *) &client_addr;
+      *ip_len = sizeof( addr6->sin6_addr.s6_addr );
+
+      if( buf_size < *ip_len )
+	  {
+        return( MBEDTLS_ERR_NET_BUFFER_TOO_SMALL );
+	  }
+      memcpy( client_ip, &addr6->sin6_addr.s6_addr, *ip_len);
+#endif
+    }
+  }
+
+  return( 0 );
+}
+
+/*
+ * Set the socket blocking or non-blocking
+ */
+int mbedtls_net_set_block( mbedtls_net_context *ctx )
+{
+  mbedtls_printf ("%s() NOT IMPLEMENTED!!\n", __FUNCTION__);
+  return 0;
+}
+
+int mbedtls_net_set_nonblock( mbedtls_net_context *ctx )
+{
+  mbedtls_printf ("%s() NOT IMPLEMENTED!!\n", __FUNCTION__);
+  return 0;
+}
+
+/*
+ * Portable usleep helper
+ */
+void mbedtls_net_usleep( unsigned long usec )
+{
+  mbedtls_printf ("%s() NOT IMPLEMENTED!!\n", __FUNCTION__);
+}
+
+/*
+ * Read at most 'len' characters
+ */
+int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len )
+{
+  int32_t ret;
+  int32_t fd = ((mbedtls_net_context *) ctx)->fd;
+
+  if( fd < 0 )
+  {
+    return MBEDTLS_ERR_NET_INVALID_CONTEXT;
+  }
+ 
+  ret = (int32_t) read( fd, buf, len );
+
+  if( ret < 0 )
+  {
+    if(net_would_block(ctx) != 0)
+    {
+      return MBEDTLS_ERR_SSL_WANT_READ;
+    }
+    
+    if(errno == EPIPE || errno == ECONNRESET)
+    {
+      return MBEDTLS_ERR_NET_CONN_RESET;
+    }
+
+    if(errno == EINTR)
+    {
+      return MBEDTLS_ERR_SSL_WANT_READ;
+    }
+
+    return MBEDTLS_ERR_NET_RECV_FAILED;
+  }
+
+  return ret;
+}
+
+/*
+ * Read at most 'len' characters, blocking for at most 'timeout' ms
+ */
+int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
+                      uint32_t timeout )
+{
+  mbedtls_printf ("%s() NOT IMPLEMENTED!!\n", __FUNCTION__);
+  return mbedtls_net_recv( ctx, buf, len );
+}
+
+
+static int net_would_block( const mbedtls_net_context *ctx )
+{
+  /*
+   * Do not return 'WOULD BLOCK' on a non-blocking socket
+   */
+
+  int val = 0;
+  UNUSED(val);
+
+  if( ( fcntl( ctx->fd, F_GETFL, val) & O_NONBLOCK ) != O_NONBLOCK )
+    return( 0 );
+
+  switch( errno )
+  {
+#if defined EAGAIN
+    case EAGAIN:
+#endif
+#if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN
+    case EWOULDBLOCK:
+#endif
+    return( 1 );
+  }
+
+  return( 0 );
+}
+
+/*
+ * Write at most 'len' characters
+ */
+int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len )
+{
+  int32_t ret;
+  int fd = ((mbedtls_net_context *) ctx)->fd;
+
+  if( fd < 0 )
+  {
+    return MBEDTLS_ERR_NET_INVALID_CONTEXT;
+  }
+  
+  ret = (int32_t) write(fd, buf, len);
+
+  if( ret < 0 )
+  {
+    if(net_would_block(ctx) != 0)
+    {
+      return MBEDTLS_ERR_SSL_WANT_WRITE;
+    }
+    
+    if(errno == EPIPE || errno == ECONNRESET)
+    {
+      return MBEDTLS_ERR_NET_CONN_RESET;
+    }
+    
+    if(errno == EINTR)
+    {
+      return MBEDTLS_ERR_SSL_WANT_WRITE;
+    }
+
+    return MBEDTLS_ERR_NET_SEND_FAILED;
+  }
+
+  return ret;
+}
+
+/*
+ * Gracefully close the connection
+ */
+void mbedtls_net_free( mbedtls_net_context *ctx )
+{
+  if( ctx->fd == -1 )
+    return;
+
+  shutdown( ctx->fd, 2 );
+  close( ctx->fd );
+
+  ctx->fd = -1;
+
+  initialized = 0;
+ }
+
+#endif /* MBEDTLS_NET_C */

modules/settings_api.c

@@ -25,6 +25,7 @@
 #include "semphr.h"
 #include "main.h"
 
+#include "mbedtls/certs.h"
 
 #include <string.h>
 #include <stdlib.h>
@@ -202,11 +203,11 @@ void SETTINGS_SetRADIUSDef(void)
   * @brief  Установить параметры сертификата сервера по умолчанию
   */
 void SETTINGS_SetSSLcrtDef(void){
-/*  
+ 
 	memset(sSettings.our_srv_crt, 0, sizeof(sSettings.our_srv_crt));
 	memcpy(sSettings.our_srv_crt, (unsigned char *) test_srv_crt, strlen(test_srv_crt));
 	//memcpy(sSettings.our_srv_key, (unsigned char *) test_srv_key, strlen(test_srv_key));
-*/  
+  
 }
   
 /**

modules/settings_api.h

@@ -192,8 +192,8 @@ typedef struct
   SNTP_t        sSNTP;
   INOUTS_t		sInOuts;
   RADIUS_t		sRADIUS;
-  char			our_srv_crt[1205];
-//  char			our_srv_key[1705];
+  //char			our_srv_crt[1205];
+  char			our_srv_crt[1705];
   uint32_t      controlWorld;  // Слово для контроля целостности структуры настроек
   
 } SETTINGS_t;

projects/iar/bt-670x.ewp

@@ -191,6 +191,7 @@
           <state>OS_FREERTOS</state>
           <state>PRINTF_STDLIB</state>
           <state>MBEDTLS_CONFIG_FILE=&lt;mbedtls_config.h&gt;</state>
+          <state>USE_LCD</state>
         </option>
         <option>
           <name>CCPreprocFile</name>
@@ -338,6 +339,7 @@
           <state>$PROJ_DIR$\..\..\modules\log</state>
           <state>$PROJ_DIR$\..\..\modules\testing</state>
           <state>$PROJ_DIR$\..\..\modules\radius</state>
+          <state>$PROJ_DIR$\..\..\modules\mbedtls_api</state>
           <state>$PROJ_DIR$\..\..\thirdparty\FreeRTOS\include</state>
           <state>$PROJ_DIR$\..\..\thirdparty\FreeRTOS\portable\IAR\ARM_CM4F</state>
           <state>$PROJ_DIR$\..\..\thirdparty\lwip\src\include\</state>
@@ -2049,6 +2051,18 @@
         <name>$PROJ_DIR$\..\..\modules\log\ringfs.c</name>
       </file>
     </group>
+    <group>
+      <name>mbedtls_api</name>
+      <file>
+        <name>$PROJ_DIR$\..\..\modules\mbedtls_api\hardware_rng.c</name>
+      </file>
+      <file>
+        <name>$PROJ_DIR$\..\..\modules\mbedtls_api\mbedtls_config.h</name>
+      </file>
+      <file>
+        <name>$PROJ_DIR$\..\..\modules\mbedtls_api\net_sockets.c</name>
+      </file>
+    </group>
     <group>
       <name>megatec</name>
       <file>
@@ -2712,9 +2726,6 @@
     <file>
       <name>$PROJ_DIR$\..\..\user\main.c</name>
     </file>
-    <file>
-      <name>$PROJ_DIR$\..\..\user\mbedtls_config.h</name>
-    </file>
     <file>
       <name>$PROJ_DIR$\..\..\user\stm32f4xx_it.c</name>
     </file>

thirdparty/FreeRadius/lib/config.c

@@ -289,6 +289,7 @@ static int set_option_auo(char const *filename, int line, OPTION *option, char c
  */
 int rc_add_config(rc_handle *rh, char const *option_name, char const *option_val, char const *source, int line)
 {
+/*  
 	OPTION *option;
 
 	if ((option = find_option(rh, option_name, OT_ANY)) == NULL)
@@ -335,8 +336,9 @@ int rc_add_config(rc_handle *rh, char const *option_name, char const *option_val
 		rc_own_bind_addr(rh, &rh->own_bind_addr);
 		rh->own_bind_addr_set = 1;
 	}
-
+*/
 	return 0;
+
 }
 
 /** Initialise a configuration structure

thirdparty/FreeRadius/radius_config.h

@@ -17,7 +17,7 @@
 #include <stdint.h>
 #include <string.h>
 
-//#include "sockets.h"
+#include "sockets.h"
 
 //#define RC_LOG
 #define STDC_HEADERS
@@ -55,13 +55,6 @@ struct __kernel_sockaddr_storage {
 typedef __kernel_sa_family_t	sa_family_t2;
 
 // -----------------------------------------------------------------------------
-/*
-struct sockaddr {
-	char	sa_len;			// total length 
-	char	sa_family;		// address family 
-	char	sa_data[14];	// actually longer; address value 
-};
-*/
 
 #define _SS_MAXSIZE    128  /* Implementation specific max size */
 #define _SS_ALIGNSIZE  (sizeof (int64_t))
@@ -69,6 +62,7 @@ struct sockaddr {
 #define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof(sa_family_t2))
 #define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof(sa_family_t2)+ \
                       _SS_PAD1SIZE + _SS_ALIGNSIZE))
+#if 0
 struct sockaddr_storage {
     sa_family_t2  ss_family;  /* Address family. */
 /*
@@ -85,8 +79,8 @@ struct sockaddr_storage {
            _SS_MAXSIZE value minus size of ss_family
            __ss_pad1, __ss_align fields is 112. */
 };
-
-
+#endif
+#if 0
 struct addrinfo {
     int              ai_flags;     // AI_PASSIVE, AI_CANONNAME, etc.
     int              ai_family;    // AF_INET, AF_INET6, AF_UNSPEC
@@ -98,7 +92,7 @@ struct addrinfo {
 
     struct addrinfo *ai_next;      // linked list, next node
 };
-
+#endif
 
 #endif /* #ifndef __RADIUS_CONFIG_H */
 

thirdparty/lwip/src/include/lwip/sockets.h

@@ -91,7 +91,7 @@ struct sockaddr {
   sa_family_t sa_family;
   char        sa_data[14];
 };
-#if 0
+
 struct sockaddr_storage {
   u8_t        s2_len;
   sa_family_t ss_family;
@@ -101,7 +101,7 @@ struct sockaddr_storage {
   u32_t       s2_data3[3];
 #endif /* LWIP_IPV6 */
 };
-#endif
+
 
 /* If your port already typedef's socklen_t, define SOCKLEN_T_DEFINED
    to prevent this code from redefining it. */

thirdparty/mbedTLS/include/mbedtls/certs.h

@@ -1,99 +1,102 @@
-/**
- * \file certs.h
- *
- * \brief Sample certificates and DHM parameters for testing
- *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- *  This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_CERTS_H
-#define MBEDTLS_CERTS_H
-
-#include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-/* Concatenation of all CA certificates in PEM format if available */
-extern const char   mbedtls_test_cas_pem[];
-extern const size_t mbedtls_test_cas_pem_len;
-#endif
-
-/* List of all CA certificates, terminated by NULL */
-extern const char * mbedtls_test_cas[];
-extern const size_t mbedtls_test_cas_len[];
-
-/*
- * Convenience for users who just want a certificate:
- * RSA by default, or ECDSA if RSA is not available
- */
-extern const char * mbedtls_test_ca_crt;
-extern const size_t mbedtls_test_ca_crt_len;
-extern const char * mbedtls_test_ca_key;
-extern const size_t mbedtls_test_ca_key_len;
-extern const char * mbedtls_test_ca_pwd;
-extern const size_t mbedtls_test_ca_pwd_len;
-extern const char * mbedtls_test_srv_crt;
-extern const size_t mbedtls_test_srv_crt_len;
-extern const char * mbedtls_test_srv_key;
-extern const size_t mbedtls_test_srv_key_len;
-extern const char * mbedtls_test_cli_crt;
-extern const size_t mbedtls_test_cli_crt_len;
-extern const char * mbedtls_test_cli_key;
-extern const size_t mbedtls_test_cli_key_len;
-
-#if defined(MBEDTLS_ECDSA_C)
-extern const char   mbedtls_test_ca_crt_ec[];
-extern const size_t mbedtls_test_ca_crt_ec_len;
-extern const char   mbedtls_test_ca_key_ec[];
-extern const size_t mbedtls_test_ca_key_ec_len;
-extern const char   mbedtls_test_ca_pwd_ec[];
-extern const size_t mbedtls_test_ca_pwd_ec_len;
-extern const char   mbedtls_test_srv_crt_ec[];
-extern const size_t mbedtls_test_srv_crt_ec_len;
-extern const char   mbedtls_test_srv_key_ec[];
-extern const size_t mbedtls_test_srv_key_ec_len;
-extern const char   mbedtls_test_cli_crt_ec[];
-extern const size_t mbedtls_test_cli_crt_ec_len;
-extern const char   mbedtls_test_cli_key_ec[];
-extern const size_t mbedtls_test_cli_key_ec_len;
-#endif
-
-#if defined(MBEDTLS_RSA_C)
-extern const char   mbedtls_test_ca_crt_rsa[];
-extern const size_t mbedtls_test_ca_crt_rsa_len;
-extern const char   mbedtls_test_ca_key_rsa[];
-extern const size_t mbedtls_test_ca_key_rsa_len;
-extern const char   mbedtls_test_ca_pwd_rsa[];
-extern const size_t mbedtls_test_ca_pwd_rsa_len;
-extern const char   mbedtls_test_srv_crt_rsa[];
-extern const size_t mbedtls_test_srv_crt_rsa_len;
-extern const char   mbedtls_test_srv_key_rsa[];
-extern const size_t mbedtls_test_srv_key_rsa_len;
-extern const char   mbedtls_test_cli_crt_rsa[];
-extern const size_t mbedtls_test_cli_crt_rsa_len;
-extern const char   mbedtls_test_cli_key_rsa[];
-extern const size_t mbedtls_test_cli_key_rsa_len;
-#endif
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* certs.h */
+/**
+ * \file certs.h
+ *
+ * \brief Sample certificates and DHM parameters for testing
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+#ifndef MBEDTLS_CERTS_H
+#define MBEDTLS_CERTS_H
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern const char test_srv_crt[];
+extern const char test_srv_key[];  
+  
+#if defined(MBEDTLS_PEM_PARSE_C)
+/* Concatenation of all CA certificates in PEM format if available */
+extern const char   mbedtls_test_cas_pem[];
+extern const size_t mbedtls_test_cas_pem_len;
+#endif
+
+/* List of all CA certificates, terminated by NULL */
+extern const char * mbedtls_test_cas[];
+extern const size_t mbedtls_test_cas_len[];
+
+/*
+ * Convenience for users who just want a certificate:
+ * RSA by default, or ECDSA if RSA is not available
+ */
+extern const char * mbedtls_test_ca_crt;
+extern const size_t mbedtls_test_ca_crt_len;
+extern const char * mbedtls_test_ca_key;
+extern const size_t mbedtls_test_ca_key_len;
+extern const char * mbedtls_test_ca_pwd;
+extern const size_t mbedtls_test_ca_pwd_len;
+extern const char * mbedtls_test_srv_crt;
+extern const size_t mbedtls_test_srv_crt_len;
+extern const char * mbedtls_test_srv_key;
+extern const size_t mbedtls_test_srv_key_len;
+extern const char * mbedtls_test_cli_crt;
+extern const size_t mbedtls_test_cli_crt_len;
+extern const char * mbedtls_test_cli_key;
+extern const size_t mbedtls_test_cli_key_len;
+
+#if defined(MBEDTLS_ECDSA_C)
+extern const char   mbedtls_test_ca_crt_ec[];
+extern const size_t mbedtls_test_ca_crt_ec_len;
+extern const char   mbedtls_test_ca_key_ec[];
+extern const size_t mbedtls_test_ca_key_ec_len;
+extern const char   mbedtls_test_ca_pwd_ec[];
+extern const size_t mbedtls_test_ca_pwd_ec_len;
+extern const char   mbedtls_test_srv_crt_ec[];
+extern const size_t mbedtls_test_srv_crt_ec_len;
+extern const char   mbedtls_test_srv_key_ec[];
+extern const size_t mbedtls_test_srv_key_ec_len;
+extern const char   mbedtls_test_cli_crt_ec[];
+extern const size_t mbedtls_test_cli_crt_ec_len;
+extern const char   mbedtls_test_cli_key_ec[];
+extern const size_t mbedtls_test_cli_key_ec_len;
+#endif
+
+#if defined(MBEDTLS_RSA_C)
+extern const char   mbedtls_test_ca_crt_rsa[];
+extern const size_t mbedtls_test_ca_crt_rsa_len;
+extern const char   mbedtls_test_ca_key_rsa[];
+extern const size_t mbedtls_test_ca_key_rsa_len;
+extern const char   mbedtls_test_ca_pwd_rsa[];
+extern const size_t mbedtls_test_ca_pwd_rsa_len;
+extern const char   mbedtls_test_srv_crt_rsa[];
+extern const size_t mbedtls_test_srv_crt_rsa_len;
+extern const char   mbedtls_test_srv_key_rsa[];
+extern const size_t mbedtls_test_srv_key_rsa_len;
+extern const char   mbedtls_test_cli_crt_rsa[];
+extern const size_t mbedtls_test_cli_crt_rsa_len;
+extern const char   mbedtls_test_cli_key_rsa[];
+extern const size_t mbedtls_test_cli_key_rsa_len;
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* certs.h */

thirdparty/mbedTLS/library/certs.c

@@ -1,351 +1,402 @@
-/*
- *  X.509 test certificates
- *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- *  This file is part of mbed TLS (https://tls.mbed.org)
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include "mbedtls/certs.h"
-
-#if defined(MBEDTLS_CERTS_C)
-
-#if defined(MBEDTLS_ECDSA_C)
-#define TEST_CA_CRT_EC                                                  \
-"-----BEGIN CERTIFICATE-----\r\n"                                       \
-"MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n"  \
-"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n"  \
-"QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT\r\n"  \
-"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n"  \
-"QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu\r\n"  \
-"ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy\r\n"  \
-"aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g\r\n"  \
-"JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7\r\n"  \
-"NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE\r\n"  \
-"AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w\r\n"  \
-"CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56\r\n"  \
-"t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n"  \
-"uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n"                                  \
-"-----END CERTIFICATE-----\r\n"
-const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC;
-
-const char mbedtls_test_ca_key_ec[] =
-"-----BEGIN EC PRIVATE KEY-----\r\n"
-"Proc-Type: 4,ENCRYPTED\r\n"
-"DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n"
-"\r\n"
-"IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n"
-"ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n"
-"UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n"
-"a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n"
-"-----END EC PRIVATE KEY-----\r\n";
-
-const char mbedtls_test_ca_pwd_ec[] = "PolarSSLTest";
-
-const char mbedtls_test_srv_crt_ec[] =
-"-----BEGIN CERTIFICATE-----\r\n"
-"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
-"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
-"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
-"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n"
-"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n"
-"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n"
-"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n"
-"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n"
-"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n"
-"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n"
-"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n"
-"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n"
-"-----END CERTIFICATE-----\r\n";
-
-const char mbedtls_test_srv_key_ec[] =
-"-----BEGIN EC PRIVATE KEY-----\r\n"
-"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n"
-"AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n"
-"6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n"
-"-----END EC PRIVATE KEY-----\r\n";
-
-const char mbedtls_test_cli_crt_ec[] =
-"-----BEGIN CERTIFICATE-----\r\n"
-"MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
-"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
-"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjBBMQswCQYDVQQGEwJOTDERMA8G\r\n"
-"A1UEChMIUG9sYXJTU0wxHzAdBgNVBAMTFlBvbGFyU1NMIFRlc3QgQ2xpZW50IDIw\r\n"
-"WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARX5a6xc9/TrLuTuIH/Eq7u5lOszlVT\r\n"
-"9jQOzC7jYyUL35ji81xgNpbA1RgUcOV/n9VLRRjlsGzVXPiWj4dwo+THo4GdMIGa\r\n"
-"MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMG4GA1Ud\r\n"
-"IwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDER\r\n"
-"MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC\r\n"
-"CQDBQ+J+YkPM6DAKBggqhkjOPQQDAgNoADBlAjBKZQ17IIOimbmoD/yN7o89u3BM\r\n"
-"lgOsjnhw3fIOoLIWy2WOGsk/LGF++DzvrRzuNiACMQCd8iem1XS4JK7haj8xocpU\r\n"
-"LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n"
-"-----END CERTIFICATE-----\r\n";
-
-const char mbedtls_test_cli_key_ec[] =
-"-----BEGIN EC PRIVATE KEY-----\r\n"
-"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n"
-"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n"
-"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"
-"-----END EC PRIVATE KEY-----\r\n";
-
-const size_t mbedtls_test_ca_crt_ec_len  = sizeof( mbedtls_test_ca_crt_ec );
-const size_t mbedtls_test_ca_key_ec_len  = sizeof( mbedtls_test_ca_key_ec );
-const size_t mbedtls_test_ca_pwd_ec_len  = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
-const size_t mbedtls_test_srv_crt_ec_len = sizeof( mbedtls_test_srv_crt_ec );
-const size_t mbedtls_test_srv_key_ec_len = sizeof( mbedtls_test_srv_key_ec );
-const size_t mbedtls_test_cli_crt_ec_len = sizeof( mbedtls_test_cli_crt_ec );
-const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec );
-#else
-#define TEST_CA_CRT_EC
-#endif /* MBEDTLS_ECDSA_C */
-
-#if defined(MBEDTLS_RSA_C)
-#define TEST_CA_CRT_RSA                                                 \
-"-----BEGIN CERTIFICATE-----\r\n"                                       \
-"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"  \
-"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"  \
-"MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n"  \
-"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n"  \
-"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n"  \
-"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n"  \
-"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n"  \
-"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n"  \
-"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n"  \
-"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n"  \
-"gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n"  \
-"/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n"  \
-"BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n"  \
-"dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n"  \
-"SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n"  \
-"DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n"  \
-"pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n"  \
-"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n"  \
-"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n"      \
-"-----END CERTIFICATE-----\r\n"
-const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
-
-const char mbedtls_test_ca_key_rsa[] =
-"-----BEGIN RSA PRIVATE KEY-----\r\n"
-"Proc-Type: 4,ENCRYPTED\r\n"
-"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n"
-"\r\n"
-"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n"
-"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n"
-"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n"
-"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n"
-"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n"
-"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n"
-"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n"
-"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n"
-"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n"
-"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n"
-"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n"
-"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n"
-"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n"
-"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n"
-"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n"
-"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n"
-"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n"
-"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n"
-"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n"
-"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n"
-"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n"
-"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n"
-"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n"
-"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n"
-"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n"
-"-----END RSA PRIVATE KEY-----\r\n";
-
-const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest";
-
-const char mbedtls_test_srv_crt_rsa[] =
-"-----BEGIN CERTIFICATE-----\r\n"
-"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
-"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
-"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
-"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n"
-"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n"
-"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n"
-"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n"
-"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n"
-"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n"
-"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n"
-"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n"
-"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY\r\n"
-"oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw\r\n"
-"UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y\r\n"
-"iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M\r\n"
-"wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS\r\n"
-"RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8\r\n"
-"zhuYwjVuX6JHG0c=\r\n"
-"-----END CERTIFICATE-----\r\n";
-
-const char mbedtls_test_srv_key_rsa[] =
-"-----BEGIN RSA PRIVATE KEY-----\r\n"
-"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n"
-"lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n"
-"2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n"
-"Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n"
-"GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n"
-"y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n"
-"++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n"
-"Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n"
-"/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n"
-"WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n"
-"GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n"
-"TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n"
-"CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n"
-"nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n"
-"AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n"
-"sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n"
-"mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n"
-"BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n"
-"whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n"
-"vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n"
-"3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n"
-"3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n"
-"ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n"
-"4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n"
-"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"
-"-----END RSA PRIVATE KEY-----\r\n";
-
-const char mbedtls_test_cli_crt_rsa[] =
-"-----BEGIN CERTIFICATE-----\r\n"
-"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
-"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
-"MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n"
-"A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n"
-"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n"
-"M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n"
-"1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n"
-"MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n"
-"4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n"
-"/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n"
-"o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n"
-"BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC\r\n"
-"AQEAAn86isAM8X+mVwJqeItt6E9slhEQbAofyk+diH1Lh8Y9iLlWQSKbw/UXYjx5\r\n"
-"LLPZcniovxIcARC/BjyZR9g3UwTHNGNm+rwrqa15viuNOFBchykX/Orsk02EH7NR\r\n"
-"Alw5WLPorYjED6cdVQgBl9ot93HdJogRiXCxErM7NC8/eP511mjq+uLDjLKH8ZPQ\r\n"
-"8I4ekHJnroLsDkIwXKGIsvIBHQy2ac/NwHLCQOK6mfum1pRx52V4Utu5dLLjD5bM\r\n"
-"xOBC7KU4xZKuMXXZM6/93Yb51K/J4ahf1TxJlTWXtnzDr9saEYdNy2SKY/6ZiDNH\r\n"
-"D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n"
-"-----END CERTIFICATE-----\r\n";
-
-const char mbedtls_test_cli_key_rsa[] =
-"-----BEGIN RSA PRIVATE KEY-----\r\n"
-"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n"
-"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n"
-"bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n"
-"Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n"
-"7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n"
-"dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n"
-"yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n"
-"4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n"
-"ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n"
-"zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n"
-"l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n"
-"DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n"
-"VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n"
-"Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n"
-"wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n"
-"c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n"
-"33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n"
-"ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n"
-"BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n"
-"KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n"
-"UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n"
-"7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n"
-"gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n"
-"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n"
-"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
-"-----END RSA PRIVATE KEY-----\r\n";
-
-const size_t mbedtls_test_ca_crt_rsa_len  = sizeof( mbedtls_test_ca_crt_rsa );
-const size_t mbedtls_test_ca_key_rsa_len  = sizeof( mbedtls_test_ca_key_rsa );
-const size_t mbedtls_test_ca_pwd_rsa_len  = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
-const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa );
-const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa );
-const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa );
-const size_t mbedtls_test_cli_key_rsa_len = sizeof( mbedtls_test_cli_key_rsa );
-#else
-#define TEST_CA_CRT_RSA
-#endif /* MBEDTLS_RSA_C */
-
-#if defined(MBEDTLS_PEM_PARSE_C)
-/* Concatenation of all available CA certificates */
-const char mbedtls_test_cas_pem[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC;
-const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem );
-#endif
-
-/* List of all available CA certificates */
-const char * mbedtls_test_cas[] = {
-#if defined(MBEDTLS_RSA_C)
-    mbedtls_test_ca_crt_rsa,
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-    mbedtls_test_ca_crt_ec,
-#endif
-    NULL
-};
-const size_t mbedtls_test_cas_len[] = {
-#if defined(MBEDTLS_RSA_C)
-    sizeof( mbedtls_test_ca_crt_rsa ),
-#endif
-#if defined(MBEDTLS_ECDSA_C)
-    sizeof( mbedtls_test_ca_crt_ec ),
-#endif
-    0
-};
-
-#if defined(MBEDTLS_RSA_C)
-const char *mbedtls_test_ca_crt  = mbedtls_test_ca_crt_rsa;
-const char *mbedtls_test_ca_key  = mbedtls_test_ca_key_rsa;
-const char *mbedtls_test_ca_pwd  = mbedtls_test_ca_pwd_rsa;
-const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_rsa;
-const char *mbedtls_test_srv_key = mbedtls_test_srv_key_rsa;
-const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_rsa;
-const char *mbedtls_test_cli_key = mbedtls_test_cli_key_rsa;
-const size_t mbedtls_test_ca_crt_len  = sizeof( mbedtls_test_ca_crt_rsa );
-const size_t mbedtls_test_ca_key_len  = sizeof( mbedtls_test_ca_key_rsa );
-const size_t mbedtls_test_ca_pwd_len  = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
-const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_rsa );
-const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_rsa );
-const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_rsa );
-const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_rsa );
-#else /* ! MBEDTLS_RSA_C, so MBEDTLS_ECDSA_C */
-const char *mbedtls_test_ca_crt  = mbedtls_test_ca_crt_ec;
-const char *mbedtls_test_ca_key  = mbedtls_test_ca_key_ec;
-const char *mbedtls_test_ca_pwd  = mbedtls_test_ca_pwd_ec;
-const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_ec;
-const char *mbedtls_test_srv_key = mbedtls_test_srv_key_ec;
-const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_ec;
-const char *mbedtls_test_cli_key = mbedtls_test_cli_key_ec;
-const size_t mbedtls_test_ca_crt_len  = sizeof( mbedtls_test_ca_crt_ec );
-const size_t mbedtls_test_ca_key_len  = sizeof( mbedtls_test_ca_key_ec );
-const size_t mbedtls_test_ca_pwd_len  = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
-const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_ec );
-const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_ec );
-const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_ec );
-const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_ec );
-#endif /* MBEDTLS_RSA_C */
-
-#endif /* MBEDTLS_CERTS_C */
+/*
+ *  X.509 test certificates
+ *
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#include "mbedtls/certs.h"
+
+#if defined(MBEDTLS_CERTS_C)
+
+#if defined(MBEDTLS_ECDSA_C)
+#define TEST_CA_CRT_EC                                                  \
+"-----BEGIN CERTIFICATE-----\r\n"                                       \
+"MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n"  \
+"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n"  \
+"QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT\r\n"  \
+"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n"  \
+"QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu\r\n"  \
+"ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy\r\n"  \
+"aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g\r\n"  \
+"JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7\r\n"  \
+"NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE\r\n"  \
+"AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w\r\n"  \
+"CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56\r\n"  \
+"t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n"  \
+"uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n"                                  \
+"-----END CERTIFICATE-----\r\n"
+const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC;
+
+const char mbedtls_test_ca_key_ec[] =
+"-----BEGIN EC PRIVATE KEY-----\r\n"
+"Proc-Type: 4,ENCRYPTED\r\n"
+"DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n"
+"\r\n"
+"IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n"
+"ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n"
+"UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n"
+"a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n"
+"-----END EC PRIVATE KEY-----\r\n";
+
+const char mbedtls_test_ca_pwd_ec[] = "PolarSSLTest";
+
+const char mbedtls_test_srv_crt_ec[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
+"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n"
+"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n"
+"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n"
+"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n"
+"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n"
+"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n"
+"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n"
+"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n"
+"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n"
+"-----END CERTIFICATE-----\r\n";
+
+const char mbedtls_test_srv_key_ec[] =
+"-----BEGIN EC PRIVATE KEY-----\r\n"
+"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n"
+"AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n"
+"6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n"
+"-----END EC PRIVATE KEY-----\r\n";
+
+const char mbedtls_test_cli_crt_ec[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
+"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjBBMQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxHzAdBgNVBAMTFlBvbGFyU1NMIFRlc3QgQ2xpZW50IDIw\r\n"
+"WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARX5a6xc9/TrLuTuIH/Eq7u5lOszlVT\r\n"
+"9jQOzC7jYyUL35ji81xgNpbA1RgUcOV/n9VLRRjlsGzVXPiWj4dwo+THo4GdMIGa\r\n"
+"MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMG4GA1Ud\r\n"
+"IwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDER\r\n"
+"MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC\r\n"
+"CQDBQ+J+YkPM6DAKBggqhkjOPQQDAgNoADBlAjBKZQ17IIOimbmoD/yN7o89u3BM\r\n"
+"lgOsjnhw3fIOoLIWy2WOGsk/LGF++DzvrRzuNiACMQCd8iem1XS4JK7haj8xocpU\r\n"
+"LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n"
+"-----END CERTIFICATE-----\r\n";
+
+const char mbedtls_test_cli_key_ec[] =
+"-----BEGIN EC PRIVATE KEY-----\r\n"
+"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n"
+"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n"
+"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"
+"-----END EC PRIVATE KEY-----\r\n";
+
+const char test_srv_crt[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIIDODCCAiACCQDwZ+UdnJyNVzANBgkqhkiG9w0BAQsFADBbMQswCQYDVQQGEwJS\r\n"
+"VTEPMA0GA1UECAwGTW9zY293MQ8wDQYDVQQHDAZNb3Njb3cxDjAMBgNVBAoMBVJv\r\n"
+"dGVrMQswCQYDVQQLDAJtYTENMAsGA1UEAwwEa2F0ZTAeFw0xNzA5MDQxMjQzMTJa\r\n"
+"Fw0zMTA1MTQxMjQzMTJaMGExCzAJBgNVBAYTAlJVMQ8wDQYDVQQIDAZNb3Njb3cx\r\n"
+"DzANBgNVBAcMBk1vc2NvdzELMAkGA1UECgwCSVQxCzAJBgNVBAsMAklUMRYwFAYD\r\n"
+"VQQDDA0xOTIuMTY4LjE0Ljc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\r\n"
+"AQEA8SVOegbQsoFrT83ExWmHtDotXCBz2uTTTWL7GhkmyD882y8io3pH5ShyBow+\r\n"
+"UeC/DvMvD9xGGH03lo3TZQaZQBw6N/JpaoIZkV+oOEnIXfru3X3CotqgKsKWyrM+\r\n"
+"PsWORpo5c3r58H/8m15iMH8NBVaA8Lpm5bgzHXD2chVLDSb39Cmn0X5TPDXOrvp2\r\n"
+"NZzdWxycdpc3G35UM0PpwBsaIAIC77uLZOmVXxojjzGyjlFNNb92UsAw5aKbEFXB\r\n"
+"DaNGBlFDvpvjZfaXDwWbg9wWjQXyYEo9zZxkCVX4qhlGHvY50C1+ZRG5d0YK9Slv\r\n"
+"60636wXQNGTDgFW83h+pZfhzUwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAbzGxW\r\n"
+"gqvad8d3em5i07Lz/xWKIQ++P78miF/TwEPGR23Z+N0uUXCIb9hJygjcQRlo+mp7\r\n"
+"XnrMI9wW1+Je2JTpavwNilpdLkglDCU9gX4hbMCO/a7K5AbCOilD84VpG9pfLe3p\r\n"
+"/NdJr4H2xMBnm6l/931ZjeUW+8bsWpdAOUSNOGmvQIRzAjHuRRzcb0JseZw30alT\r\n"
+"XFg5WMdx4yQrAtYS8tuAYciOs+oZg+VIxSSqvVMqaLHYdV1UjkPZGD9duu7T+ZY2\r\n"
+"7PrBg/eNrBhoxTPxNNUDDWD/+N32vdozdNm6mDUQ2RL6SnFwxERLKVODin/gg7iy\r\n"
+"/55oNFhDrNaZBl+u\r\n"
+"-----END CERTIFICATE-----\r\n";
+
+const char test_srv_key[] =
+"-----BEGIN RSA PRIVATE KEY-----\r\n"
+"MIIEowIBAAKCAQEA8SVOegbQsoFrT83ExWmHtDotXCBz2uTTTWL7GhkmyD882y8i\r\n"
+"o3pH5ShyBow+UeC/DvMvD9xGGH03lo3TZQaZQBw6N/JpaoIZkV+oOEnIXfru3X3C\r\n"
+"otqgKsKWyrM+PsWORpo5c3r58H/8m15iMH8NBVaA8Lpm5bgzHXD2chVLDSb39Cmn\r\n"
+"0X5TPDXOrvp2NZzdWxycdpc3G35UM0PpwBsaIAIC77uLZOmVXxojjzGyjlFNNb92\r\n"
+"UsAw5aKbEFXBDaNGBlFDvpvjZfaXDwWbg9wWjQXyYEo9zZxkCVX4qhlGHvY50C1+\r\n"
+"ZRG5d0YK9Slv60636wXQNGTDgFW83h+pZfhzUwIDAQABAoIBABj2Q6leCzxvKSyZ\r\n"
+"oETPJ70ASLHAqj1+cmEQXe3VrK4N3b7SokNJ5SdTiHolCk5vdVeW1MhPhPIEBD0R\r\n"
+"cVCD3llEksI31bGwxfTGciNhf9w6nX9QBVXWS74hZnqVE1xsFs44KLpLgJPkq8Fp\r\n"
+"g8CBZlenHLHOmdgtuRzTFK+6hIpXyuAoRlGiIPz3uXnXi9E5UXkLTbrRWibl+DGV\r\n"
+"j1Qr89YEGgj8Z9xDDaMWvEC5lUfYp0NYRlSBVyBpWvRLrzy38BVi51VgZqzsOO2u\r\n"
+"5rERmN2hjykyuCeoLbjyFghVzX7tuRTKlI95n5DxYgl9/ctL38TLTJ4eTptXVuxv\r\n"
+"ZgmtyAECgYEA/TII/qiGtA21MM00HmgfbLwdwAJYq1D8WZ+na6p4Kp+Q971F99Nd\r\n"
+"95cSmnD9CFsQCr92jOiAsL3NKRWM+1jwmgiGypj0nx5SlfYtVKBipDEBbjEx0hol\r\n"
+"S7nB4fQSsLcMjuebriMaPfTStVil0rIM33lp1E8EcL00D8SX1NbOkskCgYEA89Ea\r\n"
+"YO/kzk9hlMQmu7K67E42JxdMPszrEda3BiuM5cReUyfzu7G8wJGGWliNMWQ9ERqH\r\n"
+"VtHOwoEskEHHbnIDGCr2EZbe9n55hPMdi7hLL16koyyb/gbF/H6uFuvrMZrPZzDi\r\n"
+"XcPYuec+sZQPaif8mQW4TtyC3KmMdWj9eQwAJzsCgYA7X2hMjyhHQI+kifoWx0PX\r\n"
+"M6WmSOaSBcOnIJEZ5jeXhyNvdKrbmm0Gih6KqMQtGW2Bl7QtBrhmuZtKbwtIRWrm\r\n"
+"M+mnyIZUab/j+n5WweVfqz4yoMaWBhuIzl5wpdNcLRB80kLnasPUk3x1mfwIlEgA\r\n"
+"f3AZoQ3hgfybVfZkqpp2QQKBgQDGYI1Q7/8/qbDgxRQqxgp2uFAxUDB2LG7a7dOu\r\n"
+"zoJudG62xBv4zG2iVQV2vvPqiv9wyh/yEPVkpotmuE6W22cPI+1gdFvnPRKMjO6u\r\n"
+"Pv3VhfD43xPxBPvULBJjjgKoMqir8kdMOUw+PhtxiuFb4zsQGmpSp/JFriIdaZZL\r\n"
+"Beud/wKBgCjIika+PDXcqvQYH62g7tCDzMAb2e7qEgVEWCtYDUXa38wgzSeHWiO2\r\n"
+"oKaf2s3b2altOc+EiZOVYkYLEyiWjEoYzWXM4s8gUbY0a8jjZ+2+z8CUcHB3jI8A\r\n"
+"ao6TDRp9QDcooYRAGxKfNm4JYEparTAtLKD3aHsjooA3ivNVpngC\r\n"
+"-----END RSA PRIVATE KEY-----\r\n";
+
+const size_t mbedtls_test_ca_crt_ec_len  = sizeof( mbedtls_test_ca_crt_ec );
+const size_t mbedtls_test_ca_key_ec_len  = sizeof( mbedtls_test_ca_key_ec );
+const size_t mbedtls_test_ca_pwd_ec_len  = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
+const size_t mbedtls_test_srv_crt_ec_len = sizeof( mbedtls_test_srv_crt_ec );
+const size_t mbedtls_test_srv_key_ec_len = sizeof( mbedtls_test_srv_key_ec );
+const size_t mbedtls_test_cli_crt_ec_len = sizeof( mbedtls_test_cli_crt_ec );
+const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec );
+#else
+#define TEST_CA_CRT_EC
+#endif /* MBEDTLS_ECDSA_C */
+
+#if defined(MBEDTLS_RSA_C)
+#define TEST_CA_CRT_RSA                                                 \
+"-----BEGIN CERTIFICATE-----\r\n"                                       \
+"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"  \
+"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"  \
+"MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n"  \
+"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n"  \
+"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n"  \
+"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n"  \
+"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n"  \
+"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n"  \
+"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n"  \
+"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n"  \
+"gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n"  \
+"/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n"  \
+"BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n"  \
+"dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n"  \
+"SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n"  \
+"DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n"  \
+"pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n"  \
+"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n"  \
+"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n"      \
+"-----END CERTIFICATE-----\r\n"
+const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
+
+const char mbedtls_test_ca_key_rsa[] =
+"-----BEGIN RSA PRIVATE KEY-----\r\n"
+"Proc-Type: 4,ENCRYPTED\r\n"
+"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n"
+"\r\n"
+"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n"
+"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n"
+"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n"
+"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n"
+"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n"
+"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n"
+"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n"
+"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n"
+"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n"
+"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n"
+"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n"
+"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n"
+"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n"
+"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n"
+"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n"
+"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n"
+"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n"
+"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n"
+"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n"
+"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n"
+"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n"
+"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n"
+"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n"
+"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n"
+"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n"
+"-----END RSA PRIVATE KEY-----\r\n";
+
+const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest";
+
+const char mbedtls_test_srv_crt_rsa[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
+"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
+"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n"
+"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n"
+"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n"
+"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n"
+"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n"
+"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n"
+"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n"
+"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n"
+"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY\r\n"
+"oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw\r\n"
+"UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y\r\n"
+"iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M\r\n"
+"wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS\r\n"
+"RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8\r\n"
+"zhuYwjVuX6JHG0c=\r\n"
+"-----END CERTIFICATE-----\r\n";
+
+const char mbedtls_test_srv_key_rsa[] =
+"-----BEGIN RSA PRIVATE KEY-----\r\n"
+"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n"
+"lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n"
+"2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n"
+"Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n"
+"GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n"
+"y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n"
+"++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n"
+"Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n"
+"/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n"
+"WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n"
+"GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n"
+"TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n"
+"CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n"
+"nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n"
+"AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n"
+"sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n"
+"mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n"
+"BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n"
+"whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n"
+"vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n"
+"3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n"
+"3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n"
+"ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n"
+"4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n"
+"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"
+"-----END RSA PRIVATE KEY-----\r\n";
+
+const char mbedtls_test_cli_crt_rsa[] =
+"-----BEGIN CERTIFICATE-----\r\n"
+"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
+"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
+"MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n"
+"A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n"
+"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n"
+"M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n"
+"1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n"
+"MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n"
+"4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n"
+"/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n"
+"o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n"
+"BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC\r\n"
+"AQEAAn86isAM8X+mVwJqeItt6E9slhEQbAofyk+diH1Lh8Y9iLlWQSKbw/UXYjx5\r\n"
+"LLPZcniovxIcARC/BjyZR9g3UwTHNGNm+rwrqa15viuNOFBchykX/Orsk02EH7NR\r\n"
+"Alw5WLPorYjED6cdVQgBl9ot93HdJogRiXCxErM7NC8/eP511mjq+uLDjLKH8ZPQ\r\n"
+"8I4ekHJnroLsDkIwXKGIsvIBHQy2ac/NwHLCQOK6mfum1pRx52V4Utu5dLLjD5bM\r\n"
+"xOBC7KU4xZKuMXXZM6/93Yb51K/J4ahf1TxJlTWXtnzDr9saEYdNy2SKY/6ZiDNH\r\n"
+"D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n"
+"-----END CERTIFICATE-----\r\n";
+
+const char mbedtls_test_cli_key_rsa[] =
+"-----BEGIN RSA PRIVATE KEY-----\r\n"
+"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n"
+"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n"
+"bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n"
+"Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n"
+"7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n"
+"dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n"
+"yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n"
+"4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n"
+"ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n"
+"zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n"
+"l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n"
+"DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n"
+"VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n"
+"Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n"
+"wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n"
+"c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n"
+"33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n"
+"ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n"
+"BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n"
+"KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n"
+"UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n"
+"7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n"
+"gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n"
+"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n"
+"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
+"-----END RSA PRIVATE KEY-----\r\n";
+
+const size_t mbedtls_test_ca_crt_rsa_len  = sizeof( mbedtls_test_ca_crt_rsa );
+const size_t mbedtls_test_ca_key_rsa_len  = sizeof( mbedtls_test_ca_key_rsa );
+const size_t mbedtls_test_ca_pwd_rsa_len  = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
+const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa );
+const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa );
+const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa );
+const size_t mbedtls_test_cli_key_rsa_len = sizeof( mbedtls_test_cli_key_rsa );
+#else
+#define TEST_CA_CRT_RSA
+#endif /* MBEDTLS_RSA_C */
+
+#if defined(MBEDTLS_PEM_PARSE_C)
+/* Concatenation of all available CA certificates */
+const char mbedtls_test_cas_pem[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC;
+const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem );
+#endif
+
+/* List of all available CA certificates */
+const char * mbedtls_test_cas[] = {
+#if defined(MBEDTLS_RSA_C)
+    mbedtls_test_ca_crt_rsa,
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    mbedtls_test_ca_crt_ec,
+#endif
+    NULL
+};
+const size_t mbedtls_test_cas_len[] = {
+#if defined(MBEDTLS_RSA_C)
+    sizeof( mbedtls_test_ca_crt_rsa ),
+#endif
+#if defined(MBEDTLS_ECDSA_C)
+    sizeof( mbedtls_test_ca_crt_ec ),
+#endif
+    0
+};
+
+#if defined(MBEDTLS_RSA_C)
+const char *mbedtls_test_ca_crt  = mbedtls_test_ca_crt_rsa;
+const char *mbedtls_test_ca_key  = mbedtls_test_ca_key_rsa;
+const char *mbedtls_test_ca_pwd  = mbedtls_test_ca_pwd_rsa;
+const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_rsa;
+const char *mbedtls_test_srv_key = mbedtls_test_srv_key_rsa;
+const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_rsa;
+const char *mbedtls_test_cli_key = mbedtls_test_cli_key_rsa;
+const size_t mbedtls_test_ca_crt_len  = sizeof( mbedtls_test_ca_crt_rsa );
+const size_t mbedtls_test_ca_key_len  = sizeof( mbedtls_test_ca_key_rsa );
+const size_t mbedtls_test_ca_pwd_len  = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
+const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_rsa );
+const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_rsa );
+const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_rsa );
+const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_rsa );
+#else /* ! MBEDTLS_RSA_C, so MBEDTLS_ECDSA_C */
+const char *mbedtls_test_ca_crt  = mbedtls_test_ca_crt_ec;
+const char *mbedtls_test_ca_key  = mbedtls_test_ca_key_ec;
+const char *mbedtls_test_ca_pwd  = mbedtls_test_ca_pwd_ec;
+const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_ec;
+const char *mbedtls_test_srv_key = mbedtls_test_srv_key_ec;
+const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_ec;
+const char *mbedtls_test_cli_key = mbedtls_test_cli_key_ec;
+const size_t mbedtls_test_ca_crt_len  = sizeof( mbedtls_test_ca_crt_ec );
+const size_t mbedtls_test_ca_key_len  = sizeof( mbedtls_test_ca_key_ec );
+const size_t mbedtls_test_ca_pwd_len  = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
+const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_ec );
+const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_ec );
+const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_ec );
+const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_ec );
+#endif /* MBEDTLS_RSA_C */
+
+#endif /* MBEDTLS_CERTS_C */

user/init_task.c

@@ -137,7 +137,8 @@ void InitTask(void *params)
 #ifdef NET_ENABLE
   ETH_BSP_Config();
   LwIP_Init();
-  
+
+/*  
 #ifdef WEB_SERVER_ENABLE
   if(strncmp(sSettings.sFlags.testState, "T2OK", 4)){
 
@@ -148,12 +149,18 @@ void InitTask(void *params)
   else{
 	   //HTTPS_Init();
 #define SSL_TASK_PRIO   ( configMAX_PRIORITIES - 3 )
-	   //xTaskCreate(ssl_server, "SSL", 10*configMINIMAL_STACK_SIZE, NULL, SSL_TASK_PRIO, NULL);
+	   xTaskCreate(ssl_server, "SSL", 10*configMINIMAL_STACK_SIZE, NULL, SSL_TASK_PRIO, NULL);
 #endif
 	   // UDP for net settings 
 	   UDP_netsetting_init();
   }
-
+*/
+  
+#define SSL_TASK_PRIO   ( configMAX_PRIORITIES - 3 )
+	   xTaskCreate(ssl_server, "SSL", 10*configMINIMAL_STACK_SIZE, NULL, SSL_TASK_PRIO, NULL);  
+  
+  
+  
 
 #ifdef SNMP_ENABLE
 
@@ -201,7 +208,7 @@ void InitTask(void *params)
  
   SETTINGS_ResetBootTry();
 
- // RC_Login("test1", "12345");
+  //RC_Login("test1", "12345");
   
   // Отправка трапа о перезагрузке в случае статического IP
  /* if (!dhcp)
@@ -215,12 +222,12 @@ void InitTask(void *params)
 
 static void vTaskDebug(void *pvParameters) 
 {
-  //char msg[700];
+  char msg[700];
   for(;;)
   {
-	//vTaskList(msg);
-	//DBG printf(msg);
-	//DBG printf("\n\r\r\n");
+	vTaskList(msg);
+	DBG printf(msg);
+	DBG printf("\n\r\r\n");
 #if LWIP_STATS
 	stats_display();
 	DBG printf("\r\n\r\n");

user/main.h

@@ -39,7 +39,7 @@
 #include <stdbool.h>
 #include <string.h>
 
-//#include "polarssl/certs.h"
+//#include "mbedtls/certs.h"
 
 /* MII and RMII mode selection, for STM324xG-EVAL Board(MB786) RevB ***********/
 #define RMII_MODE
@@ -59,7 +59,7 @@
 #define __packed		__attribute__(( packed ))
 #endif
    
-//#define OUR_DEBUG
+#define OUR_DEBUG
 
 #ifdef OUR_DEBUG
 #define DBG