ci: Migrate mbedtls unit tests from unit-test-app to component-test-app

components/mbedtls/test_apps/CMakeLists.txt

@@ -0,0 +1,7 @@
+#This is the project CMakeLists.txt file for the test subproject
+cmake_minimum_required(VERSION 3.16)
+
+set(EXTRA_COMPONENT_DIRS "$ENV{IDF_PATH}/tools/unit-test-app/components")
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+project(mbedtls_test)

components/mbedtls/test_apps/README.md

@@ -0,0 +1,2 @@
+| Supported Targets | ESP32 | ESP32-C2 | ESP32-C3 | ESP32-S2 | ESP32-S3 |
+| ----------------- | ----- | -------- | -------- | -------- | -------- |

components/mbedtls/test_apps/main/CMakeLists.txt

@@ -0,0 +1,19 @@
+set(TEST_CRTS "crts/server_cert_chain.pem"
+              "crts/prvtkey.pem"
+              "crts/server_cert_bundle"
+              "crts/bad_md_crt.pem"
+              "crts/wrong_sig_crt_esp32_com.pem"
+              "crts/correct_sig_crt_esp32_com.pem")
+
+idf_component_register(SRC_DIRS "."
+                    PRIV_INCLUDE_DIRS "."
+                    PRIV_REQUIRES cmock test_utils mbedtls esp_timer unity
+                    EMBED_TXTFILES ${TEST_CRTS}
+                    WHOLE_ARCHIVE)
+target_compile_options(${COMPONENT_LIB} PRIVATE "-Wno-format")
+
+idf_component_get_property(mbedtls mbedtls COMPONENT_LIB)
+target_compile_definitions(${mbedtls} INTERFACE "-DMBEDTLS_DEPRECATED_WARNING")
+target_compile_definitions(mbedtls PUBLIC "-DMBEDTLS_DEPRECATED_WARNING")
+target_compile_definitions(mbedcrypto PUBLIC "-DMBEDTLS_DEPRECATED_WARNING")
+target_compile_definitions(mbedx509 PUBLIC "-DMBEDTLS_DEPRECATED_WARNING")

components/mbedtls/test_apps/main/app_main.c

@@ -0,0 +1,19 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Unlicense OR CC0-1.0
+ */
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "test_utils.h"
+
+static void test_task(void *pvParameters)
+{
+    vTaskDelay(2); /* Delay a bit to let the main task be deleted */
+    unity_run_menu();
+}
+
+void app_main(void)
+{
+    xTaskCreatePinnedToCore(test_task, "testTask", UNITY_FREERTOS_STACK_SIZE, NULL, UNITY_FREERTOS_PRIORITY, NULL, UNITY_FREERTOS_CPU);
+}

components/mbedtls/test_apps/main/crts/bad_md_crt.pem

@@ -0,0 +1,9 @@
+-----BEGIN CERTIFICATE-----
+MIIGijCCBXKgAwIBAgIQAfUXR/1IrnlbCX0+CKqtnDANBgkqhkiG9w0BAQsFADBeMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAeFw0yMDA2MTgwMDAwMDBaFw0yMjA5MDExMjAwMDBaMG4xCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazERMA8GA1UEBxMITmV3IFlvcmsxIDAeBgNVBAoTF0FkYWZydWl0IEluZHVzdHJpZXMgTExDMRcwFQYDVQQDDA4qLmFkYWZydWl0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbW8pXtrCk9RpHdtHRfKx7AgQjH6KMalaUOjeMxI2mqk5oyF/399FQWky/10oeLohivyIv5uror1w0TVon/H946LlTKhT3sbYrpAVDZsfybZF3qD/Sld6kAb0rdb5/TADc0Qy3J0ciCZ6oM3FSDyS7GYnsQ1scw5z82H0unA4ZQQJ1uwa0uIWkpCXyRyb6pidyAj06V7q03EtIQgn8iufV4uncONkp0HVQcuS3uk6RRP26QcdYqBl3OOYHgHeIbANLXgEUDm6cihhPqYRvIFi5jZlmFfEFLvnTgC88iMijCQopaLhWIBos+1lvQT5wzIU/Wj+aqvpWRT05FW4pH/zkCAwEAAaOCAzIwggMuMB8GA1UdIwQYMBaAFJBY/7CcdahRVHex7fKjQxY4nmzFMB0GA1UdDgQWBBTPR/O8QzK2xZ7BH/rN1NLmMNtyizAnBgNVHREEIDAegg4qLmFkYWZydWl0LmNvbYIMYWRhZnJ1aXQuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2VvVHJ1c3RSU0FDQTIwMTguY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMHUGCCsGAQUFBwEBBGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90cnVzdC5jb20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNvbS9HZW9UcnVzdFJTQUNBMjAxOC5jcnQwDAYDVR0TAQH/BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcAKXm+8J45OSHwVnOfY6V35b5XfZxgCvj5TV0mXCVdx4QAAAFyyKMnsAAABAMASDBGAiEApqsw2Iokda11fM2fTA+H4ofSYCaBRUVm4L+DXaldU6ACIQC550v/HYDLUp6a9gugs+tajI/S/9bnSDtfF05IROsOAAB2ACJFRQdZVSRWlj+hL/H3bYbgIyZjrcBLf13Gg1xu4g8CAAABcsijJ6AAAAQDAEcwRQIgJRF0L+7t63eMG/e3kgVKU5rpEZ+A0WUh4A1Wuo8frvoCIQCXj00F2+sTmK1BKo/I1nqOYeaQHeMtlKCJkunJKGannwB2AFGjsPX9AXmcVm24N3iPDKR6zBsny/eeiEKaDf7UiwXlAAABcsijJ+cAAAQDAEcwRQIgItT1DYXAx2uyz1NToQOFqJ2UIL+Dm0nVG40QHL/GVJsCIQCLiBO9MS2PLM/wmufSomt/SDhbLwKFBU9RP8O1qbtV9TANBgkqhkiG9w0BAQsFAAOCAQEANfsWhI00ONyqz5DtuFRxxx4iApmyW7PbQr+9lZuNzkqieNIt/VuCyNIKZEBJ3PA/2QfwvXdIpjE6M7yz+9kh9WdRRg6qj6hPp2gvSQQrk361RY/sTtueAh4re8yyJDebH3B60kUwzNmMms7zcxQ0Ctvg/BDPVBd1VFF/tsoYO4P5iMar1YCl8BNozu6q4JP2E0HRygZD0U7vY2Gsi1wHdm5hVZnLJq6SRTbYUWY3tryEp2lJYQFiSoVfu5icebrLUVRmSl05PyYstjFekb9DCNyyLIBZsjmaFJoJCGo1y5cSqBYfwSsrq1aD9hn5LFeEVG+PEa10IlVv7l+33mLWZA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEizCCA3OgAwIBAgIQBUb+GCP34ZQdo5/OFMRhczANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0xNzExMDYxMjIzNDVaFw0yNzExMDYxMjIzNDVaMF4xCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xHTAbBgNVBAMTFEdlb1RydXN0IFJTQSBDQSAyMDE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4rRY03hGOqHXegWPI9/tr6HFzekDPgxP59FVEAh150Hm8oDI0q9m+2FAmM/n4W57Cjv8oYi2/hNVEHFtEJ/zzMXAQ6CkFLTxzSkwaEB2jKgQK0fWeQz/KDDlqxobNPomXOMJhB3y7c/OTLo0lko7geG4gk7hfiqafapa59YrXLIW4dmrgjgdPstU0Nigz2PhUwRl9we/FAwuIMIMl5cXMThdSBK66XWdS3cLX184ND+fHWhTkAChJrZDVouoKzzNYoq6tZaWmyOLKv23v14RyZ5eqoi6qnmcRID0/i6U9J5nL1krPYbY7tNjzgC+PBXXcWqJVoMXcUw/iBTGWzpwwIDAQABo4IBQDCCATwwHQYDVR0OBBYEFJBY/7CcdahRVHex7fKjQxY4nmzFMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQAw8YdVPYQI/C5earp80s3VLOO+AtpdiXft9OlWwJLwKlUtRfccKj8QW/Pp4b7h6QAlufejwQMb455OjpIbCZVS+awY/R8pAYsXCnM09GcSVe4ivMswyoCZP/vPEn/LPRhHhdgUPk8MlD979RGoUWz7qGAwqJChi28uRds3thx+vRZZIbEyZ62No0tJPzsSGSz8nQ//jP8BIwrzBAUH5WcBAbmvgWfrKcuv+PyGPqRcc4T55TlzrBnzAzZ3oClo9fTvO9PuiHMKrC6V6mgi0s2sa/gbXlPCD9Z24XUMxJElwIVTDuKB0Q4YMMlnpN/QChJ4B0AFsQ+DU0NCO+f78Xf7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQkCAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
+-----END CERTIFICATE-----

components/mbedtls/test_apps/main/crts/correct_sig_crt_esp32_com.pem

@@ -0,0 +1,6 @@
+-----BEGIN CERTIFICATE-----
+MIIFXDCCBESgAwIBAgISA9EyvtMwECvtdhru9l2xnEOgMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDEwMjMxODE2MDFaFw0yMTAxMjExODE2MDFaMBgxFjAUBgNVBAMTDXd3dy5lc3AzMi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGvklnzfCVCwTwNFr9+W263qTDSOK8cS6azwirKQl+62Z4E/fvhxvvmp02xiuWoeDpmqsQQCoZMiR77ziqBEDnf80J1S9ZSX3PRWsAYuDGMajTwiywMa7ttvs4Cm3BmXhSQpYEDTIrT7EVgOljSfkGAStKWK5fbkxMJ11eIQdA5KCLKOOPEofq4I5pgwk/4PGGjPSDA51w/XJyNX85hIMLdwXIrWBukrW+B/GFe7a/gdWZCUY2QMBsFPqwGYKZ41S1xtM4VnpZyMu9bvVmS9fvoYIyYUQ6zlktkLawIo56PIEO7wGu4tSNm62dQW23g7jxRwfLCQ7vUSSxOy35LyplAgMBAAGjggJsMIICaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHiCm41V5UtbkbDidxwrRbN1Bn58MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIwYDVR0RBBwwGoIJZXNwMzIuY29tgg13d3cuZXNwMzIuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFzlLJe5vbHDsoAAAF1VuOmWgAABAMARjBEAiAn6M8aTEpBZ+jZgPV67cuNCzuBfa0cXSmntpONtT0ZXAIgYP2ZEZmwkNrkLmYYrhDsPlNlMikj/Y+sObK31z8k30QAdgB9PvL4j/+IVWgkwsDKnlKJeSvFDngJfy5ql2iZfiLw1wAAAXVW46acAAAEAwBHMEUCIF9duaNUkko6siaTN1qY0Jqep7KQ5l/c9bhxkXLvwOLPAiEAlf6Zn/EaXCVCubM1ouKBaYXggKhWWDVRlfPclyDqmHgwDQYJKoZIhvcNAQELBQADggEBAFjhZtXgJTgDc8x19LWE3LVlPsQBNmO1WIuFaTSOShmXHocIy1pR80TWBa905EB0gdVqw7Ez7e84DkIJlczH+1fPUZs8K1TUtte7iR/NfpExrbFXDiGM7kkq9FzVU2xDzLIvlYPFkIfcY1fiaYcnlsS3F3p+vfVidVel61mtBQ7mM2Mf0Vg3emGcw7uuNq5Q1QWs6ILM+JRePDnOD9JQBbK3XZ8imIXr4ewW2VG85NHTyRXRCEP9PwEsMmpqmsYk8vonNz9GeFEPusQ5BWvLvlpC/lprhgpFdxyPQ8iTqBjG5m36J+6TaQdyFi2kpTdnHzV6uvBgyTEUz/Zw3rjlxT8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0NlowSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMTGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EFq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWAa6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIGCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNvbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9kc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAwVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcCARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwuY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsFAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJouM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwuX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlGPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
+-----END CERTIFICATE-----

components/mbedtls/test_apps/main/crts/prvtkey.pem

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEAySb2QFrQZjQ1EhfN7I+raKrWSWWeYGppqPk3E1sV2y6LSE3M
+7cVZyXxcpnP4mcKos3D9k8sbkt05oKcHR2THpWdz5mJn8A7TfJYWnYRHcRuR85th
+XC8Pjf3f+JfjXgr/2a2JqHb4fttxoDRwWP1+kbTHa4iERqTFOIhYB9wD8uzbBHJq
+IlIGbBHO9J+JxZKVkgDWZfc7zik3YzvkuWju/PmF73BagGxxRDzodzfxhHq1f96J
+w10YS9pkhVFLxzOz3O+buwL8plCQplVnpj6J+2MaY4JlUvCcosDkT0EORAtrYGwZ
+KJBKn4dRftk8Wbtns7zoJ2SNUL5TZ2oyAb2dwQIDAQABAoIBAQCRmE3tTs5A69Du
+A6TdcTAUVnM8NP1ptBw+XgRrUiaDuzC9aPLHt2zB1e4J3S83vBn3p/UjIIQYzV+E
+1OED4AJRyoutWdT5gQG6z7gW00QSrm358aGK49VSZUvT17yOuU9u85kMAvDigVvB
+JbOb9f/C3yLoxqtXprPJs4ZkSe/hyB0JtRzauDYZnK4JmtgDfGds1cykohbUaeCW
+ExUSbi/EPuroowmjEPFmN4tH/C3GtQonwGfjP76GXm8u5Fg8VXYUmb5pnxYcFdvv
+shoasbK5lksgK50VP2vA9Y3mIrThRvkWgcv0TZaQWAF/JtdSXIID5WzfsgLbtDQF
+hZLk1dDxAoGBAPfAjPAqapNVl4GqSkUWofUHMzZG85fHoPN3INSA0aMr4X9wHFfQ
+pQ0ACxuimQj66Vk4rWww+HrsjPfiNMZzoi1exS1tjbQVyTBffrHj8sSdWt8Gw6MB
+Pp5ubnCy9pl4lWNHlJZJp2SwAd10LzrizzAQALeEtRmg8meYGZElVUy7AoGBAM/Z
+REXLJgaad5V3A2xehrSnknKUwab4LFIrgirZ6h0RXYo+wEHGJpDvM5Vw3sZT+UaJ
+Jdlb3cXbqOxWrKlqjKe/S2vNScP7V2Na8l/ySO93PYE0V1Q+EeuNGi41xWC4Dh7o
+D7BX2nDm9YBZzNVxM/30/dTzFM+CKrCARsLIXvWzAoGBAOQ4GRv61qXVyHSHO1cd
+HB+sfD5ZaXa9S8Q6TqGx8GrQty4/RbyW1BN/oLvaMgKVr3KixQ3OpnYFhW2qkFbm
+mdQVYqkQK+Jh1yyaKwkPI8h98wFTJ8/2C4rByzZBhOumqmYDwBoYyvvzLiSjLAag
+e56YfzCOLIzpN6K594M+0q6VAoGBALWR5D1gKRjNqbetHxV1QhHg7WMhJkaZOAaU
+MYMDmKvJ9sAE72jGE/y6qYJb9pCk3PdMaf8GbKciq9/CG9Vn2fXUe6txy4XkNEP8
+OA2vFx3yOY18Tumty3PNcNh7arCCOPuw17vCE3ZbnI2CZRj0amnosjFsJHreCDLl
+7GrOJX5XAoGASZXbGykpYJTTr5PGPL/eX0koU1RZ9f6fvVdkfeWNGZfJ4oGkxDcO
+fJnzq9wC9YREy6f3eoMrix95RPv4Qo1Wwi2PmtyMFvUdsYckFEhxSN3p4Iqn/nQg
+6I7VB0yNqw8ZdP1vBkRcg3kk+QO2tci+OTdpDSKmO5nGjuqpsdBM5/o=
+-----END RSA PRIVATE KEY-----

components/mbedtls/test_apps/main/crts/server_cert_chain.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDVTCCAj0CFG5WO5Ukqd/0PnrSPIlQnXNjrCUUMA0GCSqGSIb3DQEBCwUAMGIx
+CzAJBgNVBAYTAkNOMRMwEQYDVQQIDApTb21lLVN0YXRlMREwDwYDVQQHDAhTaGFu
+Z2hhaTESMBAGA1UECgwJRXNwcmVzc2lmMRcwFQYDVQQDDA5Fc3ByZXNzaWYgUm9v
+dDAeFw0yMDAzMjYwNjQxMTlaFw0yMTAzMjEwNjQxMTlaMGwxCzAJBgNVBAYTAkNO
+MRMwEQYDVQQIDApTb21lLVN0YXRlMREwDwYDVQQHDAhTaGFuZ2hhaTEhMB8GA1UE
+CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRIwEAYDVQQDDAlsb2NhbGhvc3Qw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJJvZAWtBmNDUSF83sj6to
+qtZJZZ5gammo+TcTWxXbLotITcztxVnJfFymc/iZwqizcP2TyxuS3TmgpwdHZMel
+Z3PmYmfwDtN8lhadhEdxG5Hzm2FcLw+N/d/4l+NeCv/ZrYmodvh+23GgNHBY/X6R
+tMdriIRGpMU4iFgH3APy7NsEcmoiUgZsEc70n4nFkpWSANZl9zvOKTdjO+S5aO78
++YXvcFqAbHFEPOh3N/GEerV/3onDXRhL2mSFUUvHM7Pc75u7AvymUJCmVWemPon7
+YxpjgmVS8JyiwORPQQ5EC2tgbBkokEqfh1F+2TxZu2ezvOgnZI1QvlNnajIBvZ3B
+AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAI2RzAwx1IiyWYPbSQOMjATKG1hiqNJF
+fkkqJrSfu93iQyye3Umb/pdUf7v5xgN2NrW5VnRow19VR7uCU4VCCBfx77f0Zp2e
+UA13qhT5zljoqgtkU9bHbRfTW/Hq30joKqQz8+Z0Yom6qZA7XjAhXXiHt7I4Noq6
+y+HwH08Xr1nII1c6Zc0cDqK9UV02w2v1RJrnGlq3v/CBpanA/nz4LdP5Jqbh79WW
+bCe8+Y7WEYR7K4dKSkDugf8ROAaGuCYAbhRMU3tFjNlMRR/5HcBpy7MfUvX6GcI0
+QCfe4ugnHXQXNxS0rb2uM6yCHOTiQ5MJjBPh9tRYV9bSko5u/NmwsFU=
+-----END CERTIFICATE-----

components/mbedtls/test_apps/main/crts/server_root.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDpTCCAo2gAwIBAgIUduK+lv/MILT278PPIYz8HkFzhFUwDQYJKoZIhvcNAQEL
+BQAwYjELMAkGA1UEBhMCQ04xEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAcM
+CFNoYW5naGFpMRIwEAYDVQQKDAlFc3ByZXNzaWYxFzAVBgNVBAMMDkVzcHJlc3Np
+ZiBSb290MB4XDTIwMDMyNjA2NDAxMFoXDTI1MDMyNjA2NDAxMFowYjELMAkGA1UE
+BhMCQ04xEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAcMCFNoYW5naGFpMRIw
+EAYDVQQKDAlFc3ByZXNzaWYxFzAVBgNVBAMMDkVzcHJlc3NpZiBSb290MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9ILzOjsz7dZbABUIoDCBat3MPsv
+qd20Jsk3GzkLjY/HjTCMBweq2zt0sRsa+YwCPtQyAsYPtgt/VzRY4TF8jqmSj7Ko
+DKOWkbim0O0XDAT8DfkQ32pZC7DnAw/374Vmm/ZmN/yE4zNUjNbjO2weswczcSdL
+B3ITsa+OquKYK8J2Pe5gZh/tC0f0I9ks3UplcLyEex8TQZivAK3RL4QWj4j4NJWn
+wH5qdizuKStwWEo3FvTP4g95SQItw31HTA8mJcBzCZC0NOZyMckRSmK51XljQ0iU
+G7KwK8GNbDC+VUZEt5aGB5QZhCFC2wo5An7u20UHRUWbv4MEgddPDoQ4EwIDAQAB
+o1MwUTAdBgNVHQ4EFgQU3inIjbdXp/DgSnVAiJmTlAtKH08wHwYDVR0jBBgwFoAU
+3inIjbdXp/DgSnVAiJmTlAtKH08wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
+AQsFAAOCAQEAOpLjyXj2e0IaUgJK3lGuJ9u6piehYK1WqPoCR7K7pUnFGyNLu0mq
+yfTqNoXV8a7NmM8Vn8ZJ1Gep20JqgvR27o3OE87bT7E/JPUsvbu7MNdfiVxpFWi1
+HxdBrzHr+mcakbhRxI38s3GVNT9Y89Y7FZbE+dqT8SxILk2pVUExfZR/ItazDTxl
+95ARCOj/bQPCEN+oLYzS31ORmkJfY2AuJAcJUTCyO4UfpKVFmQeAKlNmTq9Q0a6C
+0RlbzZ/PJoB3d265A9fTjlANQ7XzE8GgIJVR7cz5OJzZVxfEr9ME9VfgNrjKyXS3
+FcFQvif6JqX6IbmTenEKi7IfgX2zu1nxtQ==
+-----END CERTIFICATE-----

components/mbedtls/test_apps/main/crts/wrong_sig_crt_esp32_com.pem

@@ -0,0 +1,6 @@
+-----BEGIN CERTIFICATE-----
+MIIFXDCCBESgAwIBAgISA9EyvtMwECvtdhru9l2xnEOgMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQDExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDEwMjMxODE2MDFaFw0yMTAxMjExODE2MDFaMBgxFjAUBgNVBAMTDXd3dy5lc3AzMi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGvklnzfCVCwTwNFr9+W263qTDSOK8cS6azwirKQl+62Z4E/fvhxvvmp02xiuWoeDpmqsQQCoZMiR77ziqBEDnf80J1S9ZSX3PRWsAYuDGMajTwiywMa7ttvs4Cm3BmXhSQpYEDTIrT7EVgOljSfkGAStKWK5fbkxMJ11eIQdA5KCLKOOPEofq4I5pgwk/4PGGjPSDA51w/XJyNX85hIMLdwXIrWBukrW+B/GFe7a/gdWZCUY2QMBsFPqwGYKZ41S1xtM4VnpZyMu9bvVmS9fvoYIyYUQ6zlktkLawIo56PIEO7wGu4tSNm62dQW23g7jxRwfLCQ7vUSSxOy35LyplAgMBAAGjggJsMIICaDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHiCm41V5UtbkbDidxwrRbN1Bn58MB8GA1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMG8GCCsGAQUFBwEBBGMwYTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZzAvBggrBgEFBQcwAoYjaHR0cDovL2NlcnQuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wIwYDVR0RBBwwGoIJZXNwMzIuY29tgg13d3cuZXNwMzIuY29tMEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHUAXNxDkv7mq0VEsV6a1FbmEDf71fpH3KFzlLJe5vbHDsoAAAF1VuOmWgAABAMARjBEAiAn6M8aTEpBZ+jZgPV67cuNCzuBfa0cXSmntpONtT0ZXAIgYP2ZEZmwkNrkLmYYrhDsPlNlMikj/Y+sObK31z8k30QAdgB9PvL4j/+IVWgkwsDKnlKJeSvFDngJfy5ql2iZfiLw1wAAAXVW46acAAAEAwBHMEUCIF9duaNUkko6siaTN1qY0Jqep7KQ5l/c9bhxkXLvwOLPAiEAlf6Zn/EaXCVCubM1ouKBaYXggKhWWDVRlfPclyDqmHgwDQYJKoZIhvcNAQELBQADggEBAFjhZtXgJTgDc8x19LWE3LVlPsQBNmO1WIuFaTSOShmXHocIy1pR80TWBa905EB0gdVqw7Ez7e84DkIJlczH+1fPUZs8K1TUtte7iR/NfpExrbFXDiGM7kkq9FzVU2xDzLIvlYPFkIfcY1fiaYcnlsS3F3p+vfVidVel61mtBQ7mM2Mf0Vg3emGcw7uuNq5Q1QWs6ILM+JRePDnOD9JQBbK3XZ8imIXr4ewW2VG85NHTyRXRCEP9PwEsMmpqmsYk8vonNz9GeFEPusQ5BWvLvlpC/lprhgpFdxyPQ8iTqBjG5m36J+6TaQdyFi2kpTdnHzV6uvBgyTEUz/Zw3rjlxT8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0NlowSjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMTGkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EFq6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWAa6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIGCCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNvbTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9kc3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAwVAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcCARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwuY3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsFAAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJouM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwuX4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlGPfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6KOqkqm57TH2H3eDJAkSnh6/DNFu1Qg==
+-----END CERTIFICATE-----

components/mbedtls/test_apps/main/test_aes_gcm.c

@@ -0,0 +1,833 @@
+/* mbedTLS GCM test
+ *
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <string.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <esp_system.h>
+#include "mbedtls/aes.h"
+#include "mbedtls/gcm.h"
+#include "unity.h"
+#include "sdkconfig.h"
+#include "esp_heap_caps.h"
+#include "test_utils.h"
+#include "ccomp_timer.h"
+#include "sys/param.h"
+
+#if CONFIG_MBEDTLS_HARDWARE_GCM
+
+/*
+    Python example code for generating test vectors
+
+    import os, binascii
+    from cryptography.hazmat.primitives.ciphers.aead import AESGCM
+
+    def as_c_array(byte_arr):
+        hex_str = ''
+        for idx, byte in enumerate(byte_arr):
+            hex_str += "0x{:02x}, ".format(byte)
+            bytes_per_line = 8
+            if idx % bytes_per_line == bytes_per_line - 1:
+                hex_str += '\n'
+
+        return hex_str
+
+    key = b'\x44' * 16
+    iv = b'\xEE' * 16
+    data = b'\xAA' * 3200
+    aad = b'\x76' * 16
+
+    aesgcm = AESGCM(key)
+
+    ct = aesgcm.encrypt(iv, data, aad)
+
+    print(as_c_array(ct))
+*/
+
+TEST_CASE("mbedtls GCM stream test", "[aes-gcm]")
+{
+
+    const unsigned SZ = 100;
+    mbedtls_gcm_context ctx;
+    uint8_t nonce[16];
+    uint8_t key[16];
+    uint8_t tag[16];
+    mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
+
+    const uint8_t expected_cipher[] = {
+        0x03, 0x92, 0x13, 0x49, 0x1f, 0x1f, 0x24, 0x41,
+        0xe8, 0xeb, 0x89, 0x47, 0x50, 0x0a, 0xce, 0xa3,
+        0xc7, 0x1c, 0x10, 0x70, 0xb0, 0x89, 0x82, 0x5e,
+        0x0f, 0x4a, 0x23, 0xee, 0xd2, 0xfc, 0xff, 0x45,
+        0x61, 0x4c, 0xd1, 0xfb, 0x6d, 0xe2, 0xbe, 0x67,
+        0x6f, 0x94, 0x72, 0xa3, 0xe7, 0x04, 0x99, 0xb3,
+        0x4a, 0x46, 0xf9, 0x2b, 0xaf, 0xac, 0xa9, 0x0e,
+        0x43, 0x7e, 0x8b, 0xc4, 0xbf, 0x49, 0xa4, 0x83,
+        0x9c, 0x31, 0x11, 0x1c, 0x09, 0xac, 0x90, 0xdf,
+        0x00, 0x34, 0x08, 0xe5, 0x70, 0xa3, 0x7e, 0x4b,
+        0x36, 0x48, 0x5a, 0x3f, 0x28, 0xc7, 0x1c, 0xd9,
+        0x1b, 0x1b, 0x49, 0x96, 0xe9, 0x7c, 0xea, 0x54,
+        0x7c, 0x71, 0x29, 0x0d
+    };
+    const uint8_t expected_tag[] = {
+        0x35, 0x1c, 0x21, 0xc6, 0xbc, 0x6b, 0x18, 0x52,
+        0x90, 0xe1, 0xf2, 0x5b, 0xe1, 0xf6, 0x15, 0xee,
+    };
+
+
+    memset(nonce, 0x89, 16);
+    memset(key, 0x56, 16);
+
+    // allocate internal memory
+    uint8_t *ciphertext = heap_caps_malloc(SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+    uint8_t *plaintext = heap_caps_malloc(SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+    uint8_t *decryptedtext = heap_caps_malloc(SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+
+    TEST_ASSERT_NOT_NULL(ciphertext);
+    TEST_ASSERT_NOT_NULL(plaintext);
+    TEST_ASSERT_NOT_NULL(decryptedtext);
+
+    memset(plaintext, 0xAB, SZ);
+    /* Test that all the end results are the same
+        no matter how many bytes we encrypt each call
+        */
+    for (int bytes_to_process = 16; bytes_to_process < SZ; bytes_to_process = bytes_to_process + 16) {
+        memset(nonce, 0x89, 16);
+        memset(ciphertext, 0x0, SZ);
+        memset(decryptedtext, 0x0, SZ);
+        memset(tag, 0x0, 16);
+
+        mbedtls_gcm_init(&ctx);
+        mbedtls_gcm_setkey(&ctx, cipher, key, 128);
+        mbedtls_gcm_starts( &ctx, MBEDTLS_AES_ENCRYPT, nonce, sizeof(nonce) );
+        mbedtls_gcm_update_ad( &ctx, NULL, 0 );
+
+        // Encrypt
+        for (int idx = 0; idx < SZ; idx = idx + bytes_to_process) {
+            // Limit length of last call to avoid exceeding buffer size
+            size_t length = (idx + bytes_to_process > SZ) ? (SZ - idx) : bytes_to_process;
+            mbedtls_gcm_update(&ctx, plaintext + idx, length, ciphertext + idx, 0, NULL);
+        }
+        size_t olen;
+        mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag, sizeof(tag) );
+        TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher, ciphertext, SZ);
+        TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_tag, tag, sizeof(tag));
+
+        // Decrypt
+        memset(nonce, 0x89, 16);
+        mbedtls_gcm_free( &ctx );
+
+        mbedtls_gcm_init(&ctx);
+        mbedtls_gcm_setkey(&ctx, cipher, key, 128);
+        mbedtls_gcm_starts( &ctx, MBEDTLS_AES_DECRYPT, nonce, sizeof(nonce));
+        mbedtls_gcm_update_ad( &ctx, NULL, 0 );
+
+        for (int idx = 0; idx < SZ; idx = idx + bytes_to_process) {
+            // Limit length of last call to avoid exceeding buffer size
+
+            size_t length = (idx + bytes_to_process > SZ) ? (SZ - idx) : bytes_to_process;
+            mbedtls_gcm_update(&ctx, ciphertext + idx, length, decryptedtext + idx, 0, NULL);
+        }
+        mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag, sizeof(tag) );
+        TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, SZ);
+        mbedtls_gcm_free( &ctx );
+    }
+    free(plaintext);
+    free(ciphertext);
+    free(decryptedtext);
+}
+
+TEST_CASE("mbedtls AES GCM self-tests", "[aes-gcm]")
+{
+    TEST_ASSERT_FALSE_MESSAGE(mbedtls_gcm_self_test(1), "AES GCM self-test should pass.");
+}
+
+typedef struct  {
+    uint8_t *plaintext;
+    size_t plaintext_length;
+    uint32_t output_caps;
+    uint8_t *add_buf;
+    size_t add_length;
+    uint8_t *iv;
+    size_t iv_length;
+    uint8_t *key;
+    size_t key_bits;
+    size_t tag_len;
+} aes_gcm_test_cfg_t;
+
+typedef struct {
+    const uint8_t *expected_tag;
+    const uint8_t *ciphertext_last_block; // Last block of the ciphertext
+} aes_gcm_test_expected_res_t;
+
+
+typedef enum {
+    AES_GCM_TEST_CRYPT_N_TAG,
+    AES_GCM_TEST_START_UPDATE_FINISH,
+} aes_gcm_test_type_t;
+
+static void aes_gcm_test(aes_gcm_test_cfg_t *cfg, aes_gcm_test_expected_res_t *res, aes_gcm_test_type_t aes_gcm_type)
+{
+    mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
+    mbedtls_gcm_context ctx;
+
+    uint8_t tag_buf_encrypt[16] = {};
+    uint8_t tag_buf_decrypt[16] = {};
+    uint8_t iv_buf[16] = {};
+
+    uint8_t *ciphertext = heap_caps_malloc(cfg->plaintext_length, cfg->output_caps);
+    uint8_t *output = heap_caps_malloc(cfg->plaintext_length, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+
+    if (cfg->plaintext_length != 0) {
+        TEST_ASSERT_NOT_NULL(ciphertext);
+        TEST_ASSERT_NOT_NULL(output);
+    }
+
+    memset(ciphertext, 0, cfg->plaintext_length);
+    memset(output, 0, cfg->plaintext_length);
+    memcpy(iv_buf, cfg->iv, cfg->iv_length);
+
+    mbedtls_gcm_init(&ctx);
+    mbedtls_gcm_setkey(&ctx, cipher, cfg->key, cfg->key_bits);
+    size_t olen;
+    /* Encrypt and tag */
+    if (aes_gcm_type == AES_GCM_TEST_CRYPT_N_TAG) {
+        mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_AES_ENCRYPT, cfg->plaintext_length, iv_buf, cfg->iv_length, cfg->add_buf, cfg->add_length, cfg->plaintext, ciphertext, cfg->tag_len, tag_buf_encrypt);
+    } else if (aes_gcm_type == AES_GCM_TEST_START_UPDATE_FINISH) {
+        TEST_ASSERT(mbedtls_gcm_starts( &ctx, MBEDTLS_AES_ENCRYPT, iv_buf, cfg->iv_length) == 0 );
+        TEST_ASSERT(mbedtls_gcm_update_ad( &ctx, cfg->add_buf, cfg->add_length) == 0 );
+        TEST_ASSERT(mbedtls_gcm_update( &ctx, cfg->plaintext, cfg->plaintext_length, ciphertext, 0, NULL) == 0 );
+        TEST_ASSERT(mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag_buf_encrypt, cfg->tag_len) == 0 );
+    }
+    size_t offset = cfg->plaintext_length > 16 ? cfg->plaintext_length - 16 : 0;
+    /* Sanity check: make sure the last ciphertext block matches what we expect to see. */
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(res->ciphertext_last_block, ciphertext + offset, MIN(16, cfg->plaintext_length));
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(res->expected_tag, tag_buf_encrypt, cfg->tag_len);
+
+
+    /* Decrypt and authenticate */
+    if (aes_gcm_type == AES_GCM_TEST_CRYPT_N_TAG) {
+        TEST_ASSERT(mbedtls_gcm_auth_decrypt(&ctx, cfg->plaintext_length, iv_buf, cfg->iv_length, cfg->add_buf, cfg->add_length, res->expected_tag, cfg->tag_len, ciphertext, output) == 0);
+    } else if (aes_gcm_type == AES_GCM_TEST_START_UPDATE_FINISH) {
+        TEST_ASSERT(mbedtls_gcm_starts( &ctx, MBEDTLS_AES_DECRYPT, iv_buf, cfg->iv_length) == 0 );
+        TEST_ASSERT(mbedtls_gcm_update_ad( &ctx, cfg->add_buf, cfg->add_length) == 0 );
+        TEST_ASSERT(mbedtls_gcm_update( &ctx, ciphertext, cfg->plaintext_length, output, 0, NULL) == 0 );
+        TEST_ASSERT(mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag_buf_decrypt, cfg->tag_len) == 0 );
+
+        /* mbedtls_gcm_auth_decrypt already checks tag so only needed for AES_GCM_TEST_START_UPDATE_FINISH */
+        TEST_ASSERT_EQUAL_HEX8_ARRAY(res->expected_tag, tag_buf_decrypt, cfg->tag_len);
+    }
+
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(cfg->plaintext, output, cfg->plaintext_length);
+
+    free(ciphertext);
+    free(output);
+}
+
+
+
+TEST_CASE("mbedtls AES GCM", "[aes-gcm]")
+{
+    uint8_t iv[16];
+    uint8_t key[16];
+    uint8_t add[30];
+
+    memset(iv, 0xB1, sizeof(iv));
+    memset(key, 0x27, sizeof(key));
+    memset(add, 0x90, sizeof(add));
+
+    size_t length[] = {10, 16, 500, 5000, 12345};
+
+    const uint8_t expected_last_block[][16] = {
+
+        {
+            0x37, 0x99, 0x4b, 0x16, 0x5f, 0x8d, 0x27, 0xb1,
+            0x60, 0x72
+        },
+
+        {
+            0x37, 0x99, 0x4b, 0x16, 0x5f, 0x8d, 0x27, 0xb1,
+            0x60, 0x72, 0x9a, 0x81, 0x8d, 0x3c, 0x69, 0x66
+        },
+
+        {
+            0x9d, 0x7a, 0xac, 0x84, 0xe3, 0x70, 0x43, 0x0f,
+            0xa7, 0x83, 0x43, 0xc9, 0x04, 0xf8, 0x7d, 0x48
+        },
+
+        {
+            0xee, 0xfd, 0xab, 0x2a, 0x09, 0x44, 0x41, 0x6a,
+            0x91, 0xb0, 0x74, 0x24, 0xee, 0x35, 0xb1, 0x39
+        },
+
+        {
+            0x51, 0xf7, 0x1f, 0x67, 0x1a, 0x4a, 0x12, 0x37,
+            0x60, 0x3b, 0x68, 0x01, 0x20, 0x4f, 0xf3, 0xd9
+        },
+    };
+
+    const uint8_t expected_tag[][16] = {
+
+        {
+            0x06, 0x4f, 0xb5, 0x91, 0x12, 0x24, 0xb4, 0x24,
+            0x0b, 0xc2, 0x85, 0x59, 0x6a, 0x7c, 0x1f, 0xc9
+        },
+
+        {
+            0x45, 0xc2, 0xa8, 0xfe, 0xff, 0x49, 0x1f, 0x45,
+            0x8e, 0x29, 0x74, 0x41, 0xed, 0x9b, 0x54, 0x28
+        },
+
+        {
+            0xe1, 0xf9, 0x40, 0xfa, 0x29, 0x6f, 0x30, 0xae,
+            0xb6, 0x9b, 0x33, 0xdb, 0x8a, 0xf9, 0x70, 0xc4
+        },
+
+        {
+            0x22, 0xe1, 0x22, 0x34, 0x0c, 0x91, 0x0b, 0xcf,
+            0xa3, 0x42, 0xe0, 0x48, 0xe6, 0xfe, 0x2e, 0x28
+        },
+
+        {
+            0xfb, 0xfe, 0x5a, 0xed, 0x26, 0x5c, 0x5e, 0x66,
+            0x4e, 0xb2, 0x48, 0xce, 0xe9, 0x88, 0x1c, 0xe0
+        },
+    };
+
+    aes_gcm_test_cfg_t cfg = {
+        .output_caps = MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL,
+        .iv = iv,
+        .iv_length = sizeof(iv),
+        .key = key,
+        .key_bits = 8 * sizeof(key),
+        .add_buf = add,
+        .add_length = sizeof(add),
+        .tag_len = 16
+    };
+
+    aes_gcm_test_expected_res_t res = {
+    };
+
+    for (int i = 0; i < sizeof(length) / sizeof(length[0]); i++) {
+        printf("Test AES-GCM with plaintext length = %d\n", length[i]);
+        uint8_t *input = heap_caps_malloc(length[i], MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+        TEST_ASSERT(input != NULL || length[i] == 0);
+        memset(input, 0x36, length[i]);
+
+        cfg.plaintext = input;
+        cfg.plaintext_length = length[i];
+        res.expected_tag = expected_tag[i];
+        res.ciphertext_last_block = expected_last_block[i],
+
+        aes_gcm_test(&cfg, &res, AES_GCM_TEST_CRYPT_N_TAG);
+        aes_gcm_test(&cfg, &res, AES_GCM_TEST_START_UPDATE_FINISH);
+
+        free(input);
+    }
+}
+
+
+TEST_CASE("mbedtls AES GCM - Different add messages", "[aes-gcm]")
+{
+    const unsigned CALL_SZ = 160;
+    uint8_t iv[16];
+    uint8_t key[16];
+    uint8_t *input = heap_caps_malloc(CALL_SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+    TEST_ASSERT_NOT_NULL(input);
+
+    memset(input, 0x67, CALL_SZ);
+    memset(iv, 0xA2, sizeof(iv));
+    memset(key, 0x48, sizeof(key));
+
+    const uint8_t expected_last_block[] = {
+        0xcd, 0xb9, 0xad, 0x6f, 0xc9, 0x35, 0x21, 0x0d,
+        0xc9, 0x5d, 0xea, 0xd9, 0xf7, 0x1d, 0x43, 0xed
+    };
+
+    size_t add_len[] = {0, 10, 16, 500, 5000};
+
+    const uint8_t expected_tag[][16] = {
+        {
+            0xe3, 0x91, 0xad, 0x40, 0x96, 0xb7, 0x8c, 0x53,
+            0x4d, 0x15, 0x7d, 0x55, 0x15, 0xdf, 0x10, 0x69
+        },
+
+        {
+            0xc2, 0x38, 0x36, 0xe9, 0x12, 0x72, 0x5b, 0x31,
+            0x0c, 0xde, 0xb5, 0xc9, 0x8c, 0xa3, 0xcb, 0xe7
+        },
+
+        {
+            0x57, 0x10, 0x22, 0x91, 0x65, 0xfa, 0x89, 0xba,
+            0x0a, 0x3e, 0xc1, 0x7c, 0x93, 0x6e, 0x35, 0xac
+        },
+
+        {
+            0x3c, 0x28, 0x03, 0xc2, 0x14, 0x40, 0xec, 0xb6,
+            0x25, 0xfb, 0xdd, 0x55, 0xa0, 0xb2, 0x47, 0x7b
+        },
+
+        {
+            0xfa, 0x66, 0x4a, 0x97, 0x2d, 0x02, 0x32, 0x5b,
+            0x92, 0x94, 0xf1, 0x00, 0x1c, 0xfa, 0xe3, 0x07
+        }
+    };
+
+    aes_gcm_test_cfg_t cfg = {
+        .plaintext = input,
+        .plaintext_length = CALL_SZ,
+        .output_caps = MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL,
+        .iv = iv,
+        .iv_length = sizeof(iv),
+        .key = key,
+        .key_bits = 8 * sizeof(key),
+        .tag_len = 16
+    };
+
+    aes_gcm_test_expected_res_t res = {
+        .ciphertext_last_block = expected_last_block,
+    };
+
+    for (int i = 0; i < sizeof(add_len) / sizeof(add_len[0]); i++) {
+        printf("Test AES-GCM with add length = %d\n", add_len[i]);
+        uint8_t *add = heap_caps_malloc(add_len[i], MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+        TEST_ASSERT(add != NULL || add_len[i] == 0);
+        memset(add, 0x12, add_len[i]);
+
+        cfg.add_buf = add;
+        cfg.add_length = add_len[i];
+        res.expected_tag = expected_tag[i];
+
+        aes_gcm_test(&cfg, &res, AES_GCM_TEST_CRYPT_N_TAG);
+        aes_gcm_test(&cfg, &res, AES_GCM_TEST_START_UPDATE_FINISH);
+
+        free(add);
+    }
+    free(input);
+}
+
+
+
+TEST_CASE("mbedtls AES GCM performance, start, update, ret", "[aes-gcm]")
+{
+    const unsigned CALL_SZ = 16 * 3200;
+    mbedtls_gcm_context ctx;
+    float elapsed_usec;
+    unsigned char tag_buf[16];
+    mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
+    uint8_t iv[16];
+    uint8_t key[16];
+    uint8_t aad[16];
+    size_t olen;
+    memset(iv, 0xEE, 16);
+    memset(key, 0x44, 16);
+    memset(aad, 0x76, 16);
+
+    // allocate internal memory
+    uint8_t *buf = heap_caps_malloc(CALL_SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+    TEST_ASSERT_NOT_NULL(buf);
+
+    mbedtls_gcm_init(&ctx);
+    mbedtls_gcm_setkey( &ctx, cipher, key, 128);
+
+    ccomp_timer_start();
+
+    memset(buf, 0xAA, CALL_SZ);
+
+    TEST_ASSERT(mbedtls_gcm_starts( &ctx, MBEDTLS_AES_ENCRYPT, iv, sizeof(iv) ) == 0 );
+    TEST_ASSERT(mbedtls_gcm_update_ad( &ctx, aad, sizeof(aad)) == 0 );
+    TEST_ASSERT(mbedtls_gcm_update( &ctx, buf, CALL_SZ, buf, 0, NULL) == 0 );
+    TEST_ASSERT(mbedtls_gcm_finish( &ctx, NULL, 0, &olen, tag_buf, 16 ) == 0 );
+
+    elapsed_usec = ccomp_timer_stop();
+
+    /* Sanity check: make sure the last ciphertext block matches
+       what we expect to see.
+    */
+    const uint8_t expected_last_block[] = {
+        0xd4, 0x25, 0x88, 0xd4, 0x32, 0x52, 0x3d, 0x6f,
+        0xae, 0x49, 0x19, 0xb5, 0x95, 0x01, 0xde, 0x7d,
+    };
+
+    const uint8_t expected_tag[] = {
+        0xf5, 0x10, 0x1f, 0x21, 0x5b, 0x07, 0x0d, 0x3f,
+        0xac, 0xc9, 0xd0, 0x42, 0x45, 0xef, 0xc7, 0xfa,
+    };
+
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_last_block, buf + CALL_SZ - 16, 16);
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_tag, tag_buf, 16);
+
+    free(buf);
+
+    // bytes/usec = MB/sec
+    float mb_sec = CALL_SZ / elapsed_usec;
+    printf("GCM encryption rate %.3fMB/sec\n", mb_sec);
+
+#ifdef CONFIG_MBEDTLS_HARDWARE_GCM
+    // Don't put a hard limit on software AES performance
+    TEST_PERFORMANCE_GREATER_THAN(AES_GCM_UPDATE_THROUGHPUT_MBSEC, "%.3fMB/sec", mb_sec);
+#endif
+}
+
+
+TEST_CASE("mbedtls AES GCM performance, crypt-and-tag", "[aes-gcm]")
+{
+    const unsigned CALL_SZ = 16 * 3200;
+    mbedtls_gcm_context ctx;
+    float elapsed_usec;
+    unsigned char tag_buf[16] = {};
+    mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
+    uint8_t iv[16];
+    uint8_t key[16];
+    uint8_t aad[16];
+
+    memset(iv, 0xEE, 16);
+    memset(key, 0x44, 16);
+    memset(aad, 0x76, 16);
+
+    // allocate internal memory
+    uint8_t *buf = heap_caps_malloc(CALL_SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+    TEST_ASSERT_NOT_NULL(buf);
+
+    mbedtls_gcm_init(&ctx);
+    mbedtls_gcm_setkey( &ctx, cipher, key, 128);
+
+    memset(buf, 0xAA, CALL_SZ);
+
+    ccomp_timer_start();
+    mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_AES_ENCRYPT, CALL_SZ, iv, sizeof(iv), aad, sizeof(aad), buf, buf, 16, tag_buf);
+
+    elapsed_usec = ccomp_timer_stop();
+
+    /* Sanity check: make sure the last ciphertext block matches
+       what we expect to see.
+    */
+
+    const uint8_t expected_last_block[] = {
+        0xd4, 0x25, 0x88, 0xd4, 0x32, 0x52, 0x3d, 0x6f,
+        0xae, 0x49, 0x19, 0xb5, 0x95, 0x01, 0xde, 0x7d,
+    };
+
+    const uint8_t expected_tag[] = {
+        0xf5, 0x10, 0x1f, 0x21, 0x5b, 0x07, 0x0d, 0x3f,
+        0xac, 0xc9, 0xd0, 0x42, 0x45, 0xef, 0xc7, 0xfa,
+    };
+
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_last_block, buf + CALL_SZ - 16, 16);
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_tag, tag_buf, 16);
+
+    free(buf);
+
+    // bytes/usec = MB/sec
+    float mb_sec = CALL_SZ / elapsed_usec;
+    printf("GCM encryption rate %.3fMB/sec\n", mb_sec);
+
+#ifdef CONFIG_MBEDTLS_HARDWARE_GCM
+    // Don't put a hard limit on software AES performance
+    TEST_PERFORMANCE_GREATER_THAN(AES_GCM_CRYPT_TAG_THROUGHPUT_MBSEC, "%.3fMB/sec", mb_sec);
+#endif
+}
+
+TEST_CASE("mbedtls AES GCM - Combine different IV/Key/Plaintext/AAD lengths", "[aes-gcm]")
+{
+    #define IV_BYTES_VALUE 0xA2
+    #define KEY_BYTES_VALUE 0x48
+    #define INPUT_BYTES_VALUE 0x36
+    #define ADD_BYTES_VALUE 0x12
+
+    uint8_t iv[16];
+    uint8_t key[32];
+
+    memset(iv, IV_BYTES_VALUE, sizeof(iv));
+    memset(key, KEY_BYTES_VALUE, sizeof(key));
+
+    /* Key length is: 16 bytes, 32 bytes */
+    size_t key_length[] = {16, 32};
+
+    /* IV length is: 12 bytes (standard), 16 bytes */
+    size_t iv_length[] = {12, 16};
+
+    /* Plaintext length is: a multiple of 16 bytes, a non-multiple of 16 bytes */
+    size_t length[] = {160, 321};
+
+    /* Add len is: 0, a multiple of 16 bytes, a non-multiple of 16 bytes */
+    size_t add_len[] = {0, 160, 321};
+
+    /*indexes: Key - IV - Plaintext */
+    const uint8_t expected_last_block[2][2][2][16] = {
+        {
+            /* 16 byte key */
+
+            {
+                {
+                    0xa2, 0x1e, 0x23, 0x3c, 0xfc, 0x7c, 0xec, 0x9a,
+                    0x91, 0xe5, 0xdb, 0x3a, 0xe5, 0x0c, 0x3f, 0xc2,
+                },
+
+                {
+                    0xa8, 0xeb, 0x40, 0x9b, 0x7b, 0x87, 0x07,
+                    0x68, 0x17, 0x5c, 0xc0, 0xb7, 0xb4, 0xb3, 0x81,
+                    0xbe,
+                }
+            },
+            {
+                {
+                    0x9c, 0xe8, 0xfc, 0x3e, 0x98, 0x64, 0x70, 0x5c,
+                    0x98, 0x0c, 0xbb, 0x88, 0xa6, 0x4c, 0x12, 0xbc
+                },
+
+                {
+                    0x8b, 0x66, 0xf5, 0xbc, 0x56, 0x59, 0xae,
+                    0xf0, 0x9e, 0x5c, 0xdb, 0x6d, 0xfc, 0x1f, 0x2e,
+                    0x00
+                }
+            },
+        },
+        {
+            /* 32 byte key */
+            {
+                {
+                    0xde, 0xc2, 0xd3, 0xeb, 0x5e, 0x03, 0x53, 0x4b,
+                    0x04, 0x0d, 0x63, 0xf1, 0xd8, 0x5b, 0x1f, 0x85,
+                },
+
+                {
+                    0xb5, 0x53, 0x8e, 0xd3, 0xab, 0x10, 0xf1,
+                    0x77, 0x41, 0x92, 0xea, 0xdd, 0xdd, 0x9e, 0x5d,
+                    0x40,
+                }
+            },
+            {
+                {
+                    0x3b, 0xc7, 0xf0, 0x3f, 0xba, 0x97, 0xbd, 0xa0,
+                    0xa5, 0x48, 0xf3, 0x7a, 0xde, 0x23, 0x19, 0x7a,
+                },
+
+                {
+                    0x57, 0xc7, 0x4d, 0xe3, 0x79, 0x5e, 0xbd,
+                    0x0d, 0xd7, 0x6a, 0xef, 0x1f, 0x54, 0x29, 0xa6,
+                    0xd7,
+                }
+            },
+        },
+    };
+
+    /*indexes: Key - IV - Plaintext - Add len*/
+    const uint8_t expected_tag[2][2][2][3][16] = {
+        {
+            {
+                {
+                    // Plaintext 160 bytes
+                    {
+                        0x67, 0x92, 0xb1, 0x7f, 0x44, 0x1f, 0x95, 0xfb,
+                        0x33, 0x76, 0x66, 0xb7, 0x4f, 0x3e, 0xec, 0x4d,
+                    },
+
+                    {
+                        0xb1, 0x99, 0xed, 0x1b, 0x4e, 0x12, 0x87, 0x5e,
+                        0xf4, 0xe3, 0x81, 0xd8, 0x96, 0x07, 0xda, 0xff,
+                    },
+
+                    {
+                        0x73, 0x35, 0x0c, 0xf5, 0x70, 0x1e, 0xc0, 0x99,
+                        0x34, 0xba, 0x1a, 0x50, 0x23, 0xac, 0x21, 0x33,
+                    },
+                },
+                {
+                    // Plaintext 321 bytes
+                    {
+                        0x2d, 0xf6, 0xd0, 0x7a, 0x75, 0x4d, 0x9d,
+                        0xb5, 0x9d, 0x43, 0xbf, 0x57, 0x10, 0xa3, 0xff,
+                        0x3d
+                    },
+
+                    {
+                        0x06, 0x91, 0xe4, 0x38, 0x3a, 0xe1, 0x6e,
+                        0x2d, 0x83, 0x68, 0x2e, 0xb0, 0x26, 0x2f, 0xe4,
+                        0x78
+                    },
+
+                    {
+                        0x1b, 0x58, 0x2f, 0x9b, 0xe9, 0xe0, 0xe0,
+                        0x43, 0x83, 0x08, 0xec, 0x58, 0x3a, 0x78, 0xe9,
+                        0x69,
+                    }
+                }
+            },
+            {
+                {
+                    // Plaintext 160 bytes
+                    {
+                        0x77, 0xe5, 0x2e, 0x2d, 0x94, 0xb8, 0x03, 0x61,
+                        0x7a, 0xd5, 0x0c, 0x3c, 0x9c, 0x40, 0x92, 0x9b
+                    },
+
+                    {
+                        0xa1, 0xee, 0x72, 0x49, 0x9e, 0xb5, 0x11, 0xc4,
+                        0xbd, 0x40, 0xeb, 0x53, 0x45, 0x79, 0xa4, 0x29
+                    },
+
+                    {
+                        0x63, 0x42, 0x93, 0xa7, 0xa0, 0xb9, 0x56, 0x03,
+                        0x7d, 0x19, 0x70, 0xdb, 0xf0, 0xd2, 0x5f, 0xe5
+                    },
+                },
+                {
+                    // Plaintext 321 bytes
+                    {
+                        0x50, 0xa3, 0x79, 0xfc, 0x17, 0xb8, 0xf4,
+                        0xf6, 0x14, 0xaa, 0x4a, 0xe7, 0xd4, 0xa0, 0xea,
+                        0xee
+                    },
+
+                    {
+                        0x7b, 0xc4, 0x4d, 0xbe, 0x58, 0x14, 0x07,
+                        0x6e, 0x0a, 0x81, 0xdb, 0x00, 0xe2, 0x2c, 0xf1,
+                        0xab
+                    },
+
+                    {
+                        0x66, 0x0d, 0x86, 0x1d, 0x8b, 0x15, 0x89,
+                        0x00, 0x0a, 0xe1, 0x19, 0xe8, 0xfe, 0x7b, 0xfc,
+                        0xba
+                    }
+                }
+            },
+        },
+        {
+            {
+                {
+                    // Plaintext 160 bytes
+                    {
+                        0x04, 0x04, 0x15, 0xb1, 0xd3, 0x98, 0x15, 0x45,
+                        0xa2, 0x44, 0xba, 0x4a, 0xde, 0xc2, 0x8d, 0xd6,
+                    },
+
+                    {
+                        0x94, 0x3e, 0xc3, 0x5d, 0xdc, 0x42, 0xf6, 0x4c,
+                        0x80, 0x15, 0xe4, 0xb9, 0x0b, 0xc9, 0x87, 0x01,
+                    },
+
+                    {
+                        0x93, 0x6e, 0x26, 0x5b, 0x7e, 0x17, 0xc8, 0x73,
+                        0x9b, 0x71, 0x31, 0x7a, 0x8b, 0x0e, 0x19, 0x89,
+                    }
+                },
+                {
+                    // Plaintext 321 bytes
+                    {
+                        0x99, 0x5e, 0x77, 0x28, 0x8b, 0xa8, 0x9b,
+                        0xb3, 0x35, 0xc3, 0x99, 0x90, 0xd4, 0x5d, 0x63,
+                        0xa7,
+                    },
+
+                    {
+                        0xbc, 0xc2, 0x9f, 0xe6, 0x38, 0xef, 0xf5,
+                        0x11, 0x76, 0x09, 0x17, 0x3a, 0xd4, 0x91, 0xee,
+                        0xfe,
+                    },
+
+                    {
+                        0x9f, 0xa6, 0x23, 0x5a, 0x4d, 0x78, 0xae,
+                        0xce, 0x10, 0x35, 0xc1, 0x0c, 0x6e, 0xc2, 0x4e,
+                        0xe8,
+                    }
+                }
+            },
+            {
+                {
+                    // Plaintext 160 bytes
+                    {
+                        0xfb, 0x74, 0x7e, 0x21, 0xf2, 0xe7, 0xe3, 0xf5,
+                        0xfa, 0xc8, 0x23, 0xab, 0x54, 0x9a, 0xb9, 0xcf,
+                    },
+
+                    {
+                        0x6b, 0x4e, 0xa8, 0xcd, 0xfd, 0x3d, 0x00, 0xfc,
+                        0xd8, 0x99, 0x7d, 0x58, 0x81, 0x91, 0xb3, 0x18,
+                    },
+
+                    {
+                        0x6c, 0x1e, 0x4d, 0xcb, 0x5f, 0x68, 0x3e, 0xc3,
+                        0xc3, 0xfd, 0xa8, 0x9b, 0x01, 0x56, 0x2d, 0x90,
+                    },
+                },
+                {
+                    // Plaintext 321 bytes
+                    {
+                        0xcd, 0x49, 0x75, 0x4c, 0x2a, 0x62, 0x65,
+                        0x6f, 0xfe, 0x14, 0xc2, 0x5d, 0x41, 0x07, 0x24,
+                        0x55
+                    },
+
+                    {
+                        0xe8, 0xd5, 0x9d, 0x82, 0x99, 0x25, 0x0b,
+                        0xcd, 0xbd, 0xde, 0x4c, 0xf7, 0x41, 0xcb, 0xa9,
+                        0x0c,
+                    },
+
+                    {
+                        0xcb, 0xb1, 0x21, 0x3e, 0xec, 0xb2, 0x50,
+                        0x12, 0xdb, 0xe2, 0x9a, 0xc1, 0xfb, 0x98, 0x09,
+                        0x1a,
+                    }
+                }
+            },
+        },
+    };
+
+    aes_gcm_test_cfg_t cfg = {
+        .output_caps = MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL,
+        .tag_len = 16
+    };
+
+
+    for (int i_key = 0; i_key < sizeof(key_length) / sizeof(key_length[0]); i_key++) {
+        printf("Test AES-GCM with key length = %d\n",  key_length[i_key]);
+
+        cfg.key = key;
+        cfg.key_bits = 8 * key_length[i_key];
+
+        for (int i_iv = 0; i_iv < sizeof(iv_length) / sizeof(iv_length[0]); i_iv++) {
+            printf("Test AES-GCM with IV length = %d\n",  iv_length[i_iv]);
+
+            cfg.iv = iv;
+            cfg.iv_length = iv_length[i_iv];
+
+            for (int i_len = 0; i_len < sizeof(length) / sizeof(length[0]); i_len++) {
+                printf("Test AES-GCM with plaintext length = %d\n", length[i_len]);
+                uint8_t *input = heap_caps_malloc(length[i_len], MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+                TEST_ASSERT(input != NULL || length[i_len] == 0);
+                memset(input, INPUT_BYTES_VALUE, length[i_len]);
+                cfg.plaintext = input;
+                cfg.plaintext_length = length[i_len];
+
+                aes_gcm_test_expected_res_t res = {0};
+
+                for (int i_add = 0; i_add < sizeof(add_len) / sizeof(add_len[0]); i_add++) {
+
+                    printf("Test AES-GCM with add length = %d\n", add_len[i_add]);
+                    uint8_t *add = heap_caps_malloc(add_len[i_add], MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+                    TEST_ASSERT(add != NULL || add_len[i_add] == 0);
+                    memset(add, ADD_BYTES_VALUE, add_len[i_add]);
+
+                    cfg.add_buf = add;
+                    cfg.add_length = add_len[i_add];
+
+                    res.expected_tag = expected_tag[i_key][i_iv][i_len][i_add];
+                    res.ciphertext_last_block = expected_last_block[i_key][i_iv][i_len],
+
+                    aes_gcm_test(&cfg, &res, AES_GCM_TEST_CRYPT_N_TAG);
+
+                    free(add);
+                }
+                free(input);
+            }
+        }
+    }
+}
+
+#endif //CONFIG_MBEDTLS_HARDWARE_GCM

components/mbedtls/test_apps/main/test_aes_perf.c

@@ -0,0 +1,75 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Unlicense OR CC0-1.0
+ */
+/* mbedTLS AES performance test
+*/
+#include <string.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <esp_system.h>
+#include "mbedtls/aes.h"
+#include "mbedtls/gcm.h"
+#include "unity.h"
+#include "sdkconfig.h"
+#include "esp_heap_caps.h"
+#include "test_utils.h"
+#include "ccomp_timer.h"
+
+TEST_CASE("mbedtls AES performance", "[aes][timeout=60]")
+{
+    const unsigned CALLS = 256;
+    const unsigned CALL_SZ = 32 * 1024;
+    mbedtls_aes_context ctx;
+    float elapsed_usec;
+    uint8_t iv[16];
+    uint8_t key[16];
+
+    memset(iv, 0xEE, 16);
+    memset(key, 0x44, 16);
+
+    // allocate internal memory
+    uint8_t *buf = heap_caps_malloc(CALL_SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+    TEST_ASSERT_NOT_NULL(buf);
+    mbedtls_aes_init(&ctx);
+    mbedtls_aes_setkey_enc(&ctx, key, 128);
+
+    ccomp_timer_start();
+    for (int c = 0; c < CALLS; c++) {
+        memset(buf, 0xAA, CALL_SZ);
+        mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, CALL_SZ, iv, buf, buf);
+    }
+    elapsed_usec = ccomp_timer_stop();
+
+    /* Sanity check: make sure the last ciphertext block matches
+       what we expect to see.
+
+       Last block produced via this Python:
+       import os, binascii
+       from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+       from cryptography.hazmat.backends import default_backend
+       key = b'\x44' * 16
+       iv = b'\xee' * 16
+       cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
+       encryptor = cipher.encryptor()
+       ct = encryptor.update(b'\xaa' * 256 * 32 * 1024) + encryptor.finalize()
+       print(binascii.hexlify(ct[-16:]))
+    */
+    const uint8_t expected_last_block[] = {
+        0x50, 0x81, 0xe0, 0xe1, 0x15, 0x2f, 0x14, 0xe9,
+        0x97, 0xa0, 0xc6, 0xe6, 0x36, 0xf3, 0x5c, 0x25,
+    };
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_last_block, buf + CALL_SZ - 16, 16);
+
+    mbedtls_aes_free(&ctx);
+    free(buf);
+
+    // bytes/usec = MB/sec
+    float mb_sec = (CALL_SZ * CALLS) / elapsed_usec;
+    printf("Encryption rate %.3fMB/sec\n", mb_sec);
+#ifdef CONFIG_MBEDTLS_HARDWARE_AES
+    // Don't put a hard limit on software AES performance
+    TEST_PERFORMANCE_CCOMP_GREATER_THAN(AES_CBC_THROUGHPUT_MBSEC, "%.3fMB/sec", mb_sec);
+#endif
+}

components/mbedtls/test_apps/main/test_aes_sha_parallel.c

@@ -0,0 +1,133 @@
+/*
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <string.h>
+#include <stdbool.h>
+#include <esp_system.h>
+#include "mbedtls/aes.h"
+#include "mbedtls/sha256.h"
+#include "unity.h"
+#include "sdkconfig.h"
+#include "esp_heap_caps.h"
+#include "test_utils.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/semphr.h"
+
+
+static SemaphoreHandle_t done_sem;
+
+static const unsigned char *one_hundred_bs =  (unsigned char *)
+        "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb";
+
+static const uint8_t sha256_thousand_bs[32] = {
+    0xf6, 0xf1, 0x18, 0xe1, 0x20, 0xe5, 0x2b, 0xe0, 0xbd, 0x0c, 0xfd, 0xf2, 0x79, 0x4c, 0xd1, 0x2c, 0x07, 0x68, 0x6c, 0xc8, 0x71, 0x23, 0x5a, 0xc2, 0xf1, 0x14, 0x59, 0x37, 0x8e, 0x6d, 0x23, 0x5b
+};
+
+static void tskRunSHA256Test(void *pvParameters)
+{
+    mbedtls_sha256_context sha256_ctx;
+    unsigned char sha256[32];
+
+    for (int i = 0; i < 1000; i++) {
+
+        mbedtls_sha256_init(&sha256_ctx);
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts(&sha256_ctx, false));
+        for (int j = 0; j < 10; j++) {
+            TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&sha256_ctx, (unsigned char *)one_hundred_bs, 100));
+        }
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish(&sha256_ctx, sha256));
+        mbedtls_sha256_free(&sha256_ctx);
+        TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_bs, sha256, 32, "SHA256 calculation");
+    }
+    xSemaphoreGive(done_sem);
+    vTaskDelete(NULL);
+}
+
+
+static void tskRunAES256Test(void *pvParameters)
+{
+    static const uint8_t iv[] = {
+        0x10, 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09,
+        0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01,
+    };
+
+    static const uint8_t key_256[] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+    };
+
+    for (int i = 0; i <1000; i++)
+    {
+        const unsigned SZ = 1600;
+        mbedtls_aes_context ctx;
+        uint8_t nonce[16];
+
+        const uint8_t expected_cipher_end[] = {
+            0x3e, 0x68, 0x8a, 0x02, 0xe6, 0xf2, 0x6a, 0x9e,
+            0x9b, 0xb2, 0xc0, 0xc4, 0x63, 0x63, 0xd9, 0x25,
+            0x51, 0xdc, 0xc2, 0x71, 0x96, 0xb3, 0xe5, 0xcd,
+            0xbd, 0x0e, 0xf2, 0xef, 0xa9, 0xab, 0xab, 0x2d,
+        };
+
+        memcpy(nonce, iv, 16);
+
+        // allocate internal memory
+        uint8_t *chipertext = heap_caps_malloc(SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL);
+        uint8_t *plaintext = heap_caps_malloc(SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL);
+        uint8_t *decryptedtext = heap_caps_malloc(SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL);
+
+        TEST_ASSERT_NOT_NULL(chipertext);
+        TEST_ASSERT_NOT_NULL(plaintext);
+        TEST_ASSERT_NOT_NULL(decryptedtext);
+
+        mbedtls_aes_init(&ctx);
+        mbedtls_aes_setkey_enc(&ctx, key_256, 256);
+
+        memset(plaintext, 0x3A, SZ);
+        memset(decryptedtext, 0x0, SZ);
+
+        // Encrypt
+        mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, SZ, nonce, plaintext, chipertext);
+        TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_cipher_end, chipertext + SZ - 32, 32);
+
+        // Decrypt
+        memcpy(nonce, iv, 16);
+        mbedtls_aes_setkey_dec(&ctx, key_256, 256);
+        mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, SZ, nonce, chipertext, decryptedtext);
+
+        TEST_ASSERT_EQUAL_HEX8_ARRAY(plaintext, decryptedtext, SZ);
+
+        mbedtls_aes_free(&ctx);
+        free(plaintext);
+        free(chipertext);
+        free(decryptedtext);
+    }
+    xSemaphoreGive(done_sem);
+    vTaskDelete(NULL);
+
+}
+
+#include "esp_crypto_shared_gdma.h"
+
+#define TASK_STACK_SIZE (20*1024)
+
+TEST_CASE("mbedtls AES/SHA multithreading", "[mbedtls]")
+{
+    done_sem = xSemaphoreCreateCounting(2, 0);
+
+    xTaskCreate(tskRunSHA256Test, "SHA256Task", TASK_STACK_SIZE, NULL, 3, NULL);
+    xTaskCreate(tskRunAES256Test, "AES256Task", TASK_STACK_SIZE, NULL, 3, NULL);
+
+    for (int i = 0; i < 2; i++) {
+        if (!xSemaphoreTake(done_sem, 10000 / portTICK_PERIOD_MS)) {
+            TEST_FAIL_MESSAGE("done_sem not released by test task");
+        }
+    }
+
+    vSemaphoreDelete(done_sem);
+}

components/mbedtls/test_apps/main/test_aes_sha_rsa.c

@@ -0,0 +1,295 @@
+/*
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sdkconfig.h>
+
+#if CONFIG_IDF_TARGET_ESP32
+
+#include "esp_types.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/semphr.h"
+#include "freertos/xtensa_timer.h"
+#include "unity.h"
+#include "test_utils.h"
+#include "esp32/rom/sha.h"
+#include "soc/uart_periph.h"
+#include "soc/dport_reg.h"
+#include "soc/rtc.h"
+#include "esp_log.h"
+#include "sha/sha_parallel_engine.h"
+#include "aes/esp_aes.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/sha256.h"
+
+static const char *TAG = "test";
+static volatile bool exit_flag = false;
+#define TASK_STACK_SIZE (8*1024)
+
+static void aes_task(void *pvParameters)
+{
+    SemaphoreHandle_t *sema = (SemaphoreHandle_t *) pvParameters;
+    ESP_LOGI(TAG, "aes_task is started");
+    esp_aes_context ctx = {
+            .key_bytes = 16,
+            .key = {101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116}
+    };
+    const unsigned char input[16] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
+    unsigned char output[16];
+    unsigned char output2[16];
+    while (exit_flag == false) {
+        memset(output, 0, sizeof(output));
+        memset(output, 0, sizeof(output2));
+        esp_internal_aes_encrypt(&ctx, input, output);
+        esp_internal_aes_decrypt(&ctx, output, output2);
+        TEST_ASSERT_EQUAL_MEMORY_MESSAGE(input, output2, sizeof(input), "AES must match");
+    }
+    xSemaphoreGive(*sema);
+    vTaskDelete(NULL);
+}
+
+static void sha_task(void *pvParameters)
+{
+    SemaphoreHandle_t *sema = (SemaphoreHandle_t *) pvParameters;
+    ESP_LOGI(TAG, "sha_task is started");
+    const char *input = "Space!#$%&()*+,-.0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz~DEL0123456789";
+    unsigned char output[64];
+    unsigned char output_origin[64];
+    esp_sha(SHA2_512, (const unsigned char *)input, sizeof(input), output);
+    memcpy(output_origin, output, sizeof(output));
+    while (exit_flag == false) {
+        memset(output, 0, sizeof(output));
+        esp_sha(SHA2_512, (const unsigned char *)input, sizeof(input), output);
+        TEST_ASSERT_EQUAL_MEMORY_MESSAGE(output, output_origin, sizeof(output), "SHA256 must match");
+    }
+    xSemaphoreGive(*sema);
+    vTaskDelete(NULL);
+}
+
+static void mbedtls_sha256_task(void *pvParameters)
+{
+    SemaphoreHandle_t *sema = (SemaphoreHandle_t *) pvParameters;
+    ESP_LOGI(TAG, "mbedtls_sha256_task is started");
+    const char *input = "@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz~DEL0123456789Space!#$%&()*+,-.0123456789:;<=>?";
+    mbedtls_sha256_context sha256_ctx;
+    unsigned char output[32];
+    unsigned char output_origin[32];
+
+    mbedtls_sha256_init(&sha256_ctx);
+    memset(output, 0, sizeof(output));
+    mbedtls_sha256_starts(&sha256_ctx, false);
+    for (int i = 0; i < 3; ++i) {
+        mbedtls_sha256_update(&sha256_ctx, (unsigned char *)input, 100);
+    }
+    mbedtls_sha256_finish(&sha256_ctx, output);
+    memcpy(output_origin, output, sizeof(output));
+
+    while (exit_flag == false) {
+        mbedtls_sha256_init(&sha256_ctx);
+        memset(output, 0, sizeof(output));
+        mbedtls_sha256_starts(&sha256_ctx, false);
+        for (int i = 0; i < 3; ++i) {
+            mbedtls_sha256_update(&sha256_ctx, (unsigned char *)input, 100);
+        }
+        mbedtls_sha256_finish(&sha256_ctx, output);
+
+        TEST_ASSERT_EQUAL_MEMORY_MESSAGE(output, output_origin, sizeof(output), "MBEDTLS SHA256 must match");
+    }
+    xSemaphoreGive(*sema);
+    vTaskDelete(NULL);
+}
+
+TEST_CASE("Test shared using AES SHA512 SHA256", "[hw_crypto]")
+{
+#ifndef CONFIG_FREERTOS_UNICORE
+    const int max_tasks = 6;
+#else
+    const int max_tasks = 3;
+#endif
+    SemaphoreHandle_t exit_sema[max_tasks];
+
+    for (int i = 0; i < max_tasks; ++i) {
+        exit_sema[i] = xSemaphoreCreateBinary();
+    }
+    exit_flag = false;
+#ifndef CONFIG_FREERTOS_UNICORE
+    xTaskCreatePinnedToCore(&aes_task,            "aes_task",            TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL, 1);
+    xTaskCreatePinnedToCore(&aes_task,            "aes_task",            TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL, 0);
+    xTaskCreatePinnedToCore(&sha_task,            "sha_task",            TASK_STACK_SIZE, &exit_sema[2], UNITY_FREERTOS_PRIORITY - 1, NULL, 1);
+    xTaskCreatePinnedToCore(&sha_task,            "sha_task",            TASK_STACK_SIZE, &exit_sema[3], UNITY_FREERTOS_PRIORITY - 1, NULL, 0);
+    xTaskCreatePinnedToCore(&mbedtls_sha256_task, "mbedtls_sha256_task", TASK_STACK_SIZE, &exit_sema[4], UNITY_FREERTOS_PRIORITY - 1, NULL, 1);
+    xTaskCreatePinnedToCore(&mbedtls_sha256_task, "mbedtls_sha256_task", TASK_STACK_SIZE, &exit_sema[5], UNITY_FREERTOS_PRIORITY - 1, NULL, 0);
+#else
+    xTaskCreate(&aes_task,            "aes_task",            TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL);
+    xTaskCreate(&sha_task,            "sha_task",            TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL);
+    xTaskCreate(&mbedtls_sha256_task, "mbedtls_sha256_task", TASK_STACK_SIZE, &exit_sema[2], UNITY_FREERTOS_PRIORITY - 1, NULL);
+#endif
+
+    ESP_LOGI(TAG, "Waiting for 10s ...");
+    vTaskDelay(10000 / portTICK_PERIOD_MS);
+
+    // set exit flag to let thread exit
+    exit_flag = true;
+    for (int i = 0; i < max_tasks; ++i) {
+        if (!xSemaphoreTake(exit_sema[i], 2000/portTICK_PERIOD_MS)) {
+            TEST_FAIL_MESSAGE("exit_sema not released by test task");
+        }
+        vSemaphoreDelete(exit_sema[i]);
+    }
+}
+
+static void rsa_task(void *pvParameters)
+{
+    SemaphoreHandle_t *sema = (SemaphoreHandle_t *) pvParameters;
+    ESP_LOGI(TAG, "rsa_task is started");
+    while (exit_flag == false) {
+        mbedtls_rsa_self_test(0);
+    }
+    xSemaphoreGive(*sema);
+    vTaskDelete(NULL);
+}
+
+TEST_CASE("Test shared using AES RSA", "[hw_crypto]")
+{
+#ifndef CONFIG_FREERTOS_UNICORE
+    const int max_tasks = 2;
+#else
+    const int max_tasks = 2;
+#endif
+    SemaphoreHandle_t exit_sema[max_tasks];
+
+    for (int i = 0; i < max_tasks; ++i) {
+        exit_sema[i] = xSemaphoreCreateBinary();
+    }
+    exit_flag = false;
+#ifndef CONFIG_FREERTOS_UNICORE
+    xTaskCreatePinnedToCore(&aes_task, "aes_task", TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL, 1);
+    xTaskCreatePinnedToCore(&rsa_task, "rsa_task", TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL, 0);
+#else
+    xTaskCreate(&aes_task, "aes_task", TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL);
+    xTaskCreate(&rsa_task, "rsa_task", TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL);
+#endif
+
+    ESP_LOGI(TAG, "Waiting for 10s ...");
+    vTaskDelay(10000 / portTICK_PERIOD_MS);
+
+    // set exit flag to let thread exit
+    exit_flag = true;
+    for (int i = 0; i < max_tasks; ++i) {
+        if (!xSemaphoreTake(exit_sema[i], 2000/portTICK_PERIOD_MS)) {
+            TEST_FAIL_MESSAGE("exit_sema not released by test task");
+        }
+        vSemaphoreDelete(exit_sema[i]);
+    }
+}
+
+TEST_CASE("Test shared using SHA512 RSA", "[hw_crypto]")
+{
+#ifndef CONFIG_FREERTOS_UNICORE
+    const int max_tasks = 2;
+#else
+    const int max_tasks = 2;
+#endif
+    SemaphoreHandle_t exit_sema[max_tasks];
+
+    for (int i = 0; i < max_tasks; ++i) {
+        exit_sema[i] = xSemaphoreCreateBinary();
+    }
+    exit_flag = false;
+#ifndef CONFIG_FREERTOS_UNICORE
+    xTaskCreatePinnedToCore(&sha_task, "sha_task", TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 2, NULL, 1);
+    xTaskCreatePinnedToCore(&rsa_task, "rsa_task", TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL, 0);
+#else
+    xTaskCreate(&sha_task, "sha_task", TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL);
+    xTaskCreate(&rsa_task, "rsa_task", TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL);
+#endif
+
+    ESP_LOGI(TAG, "Waiting for 10s ...");
+    vTaskDelay(10000 / portTICK_PERIOD_MS);
+
+    // set exit flag to let thread exit
+    exit_flag = true;
+    for (int i = 0; i < max_tasks; ++i) {
+        if (!xSemaphoreTake(exit_sema[i], 2000/portTICK_PERIOD_MS)) {
+            TEST_FAIL_MESSAGE("exit_sema not released by test task");
+        }
+        vSemaphoreDelete(exit_sema[i]);
+    }
+}
+
+TEST_CASE("Test shared using SHA256 RSA", "[hw_crypto]")
+{
+#ifndef CONFIG_FREERTOS_UNICORE
+    const int max_tasks = 2;
+#else
+    const int max_tasks = 2;
+#endif
+    SemaphoreHandle_t exit_sema[max_tasks];
+
+    for (int i = 0; i < max_tasks; ++i) {
+        exit_sema[i] = xSemaphoreCreateBinary();
+    }
+    exit_flag = false;
+#ifndef CONFIG_FREERTOS_UNICORE
+    xTaskCreatePinnedToCore(&mbedtls_sha256_task, "mbedtls_sha256_task", TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL, 1);
+    xTaskCreatePinnedToCore(&rsa_task, "rsa_task", TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL, 0);
+#else
+    xTaskCreate(&mbedtls_sha256_task, "mbedtls_sha256_task", TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL);
+    xTaskCreate(&rsa_task,            "rsa_task",            TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL);
+#endif
+
+    ESP_LOGI(TAG, "Waiting for 10s ...");
+    vTaskDelay(10000 / portTICK_PERIOD_MS);
+
+    // set exit flag to let thread exit
+    exit_flag = true;
+    for (int i = 0; i < max_tasks; ++i) {
+        if (!xSemaphoreTake(exit_sema[i], 2000/portTICK_PERIOD_MS)) {
+            TEST_FAIL_MESSAGE("exit_sema not released by test task");
+        }
+        vSemaphoreDelete(exit_sema[i]);
+    }
+}
+
+TEST_CASE("Test shared using AES SHA RSA", "[hw_crypto]")
+{
+#ifndef CONFIG_FREERTOS_UNICORE
+    const int max_tasks = 3;
+#else
+    const int max_tasks = 3;
+#endif
+    SemaphoreHandle_t exit_sema[max_tasks];
+
+    for (int i = 0; i < max_tasks; ++i) {
+        exit_sema[i] = xSemaphoreCreateBinary();
+    }
+    exit_flag = false;
+#ifndef CONFIG_FREERTOS_UNICORE
+    xTaskCreatePinnedToCore(&aes_task, "aes_task", TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL, 0);
+    xTaskCreatePinnedToCore(&sha_task, "sha_task", TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL, 0);
+    xTaskCreatePinnedToCore(&rsa_task, "rsa_task", TASK_STACK_SIZE, &exit_sema[2], UNITY_FREERTOS_PRIORITY - 1, NULL, 1);
+#else
+    xTaskCreate(&aes_task, "aes_task", TASK_STACK_SIZE, &exit_sema[0], UNITY_FREERTOS_PRIORITY - 1, NULL);
+    xTaskCreate(&sha_task, "sha_task", TASK_STACK_SIZE, &exit_sema[1], UNITY_FREERTOS_PRIORITY - 1, NULL);
+    xTaskCreate(&rsa_task, "rsa_task", TASK_STACK_SIZE, &exit_sema[2], UNITY_FREERTOS_PRIORITY - 1, NULL);
+#endif
+
+    ESP_LOGI(TAG, "Waiting for 10s ...");
+    vTaskDelay(10000 / portTICK_PERIOD_MS);
+
+    // set exit flag to let thread exit
+    exit_flag = true;
+    for (int i = 0; i < max_tasks; ++i) {
+        if (!xSemaphoreTake(exit_sema[i], 2000/portTICK_PERIOD_MS)) {
+            TEST_FAIL_MESSAGE("exit_sema not released by test task");
+        }
+        vSemaphoreDelete(exit_sema[i]);
+    }
+}
+
+#endif // CONFIG_IDF_TARGET_ESP32

components/mbedtls/test_apps/main/test_apb_dport_access.c

@@ -0,0 +1,61 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Unlicense OR CC0-1.0
+ */
+/* Implementation of utility functions to verify
+   unit tests aren't performing SMP-unsafe DPORT reads.
+*/
+
+#include "unity.h"
+#include "sdkconfig.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "soc/uart_periph.h"
+#include "test_apb_dport_access.h"
+#include "test_utils.h"
+
+#ifndef CONFIG_FREERTOS_UNICORE
+
+static void apb_access_loop_task(void *ignore);
+
+static volatile bool apb_access_corrupt;
+static TaskHandle_t apb_task_handle;
+
+void start_apb_access_loop(void)
+{
+    apb_access_corrupt = false;
+    xTaskCreatePinnedToCore(apb_access_loop_task, "accessAPB", 2048, NULL,
+                            UNITY_FREERTOS_PRIORITY - 1,
+                            &apb_task_handle, !UNITY_FREERTOS_CPU);
+}
+
+void verify_apb_access_loop(void)
+{
+    vTaskDelete(apb_task_handle);
+    apb_task_handle = NULL;
+    TEST_ASSERT_FALSE(apb_access_corrupt);
+    printf("Verified no APB corruption from operations\n");
+}
+
+static void apb_access_loop_task(void *ignore)
+{
+    uint32_t initial = REG_READ(UART_DATE_REG(0));
+    while(1) {
+        if (REG_READ(UART_DATE_REG(0)) != initial) {
+            apb_access_corrupt = true;
+        }
+    }
+}
+
+#else /*CONFIG_FREERTOS_UNICORE */
+
+void start_apb_access_loop(void)
+{
+}
+
+void verify_apb_access_loop(void)
+{
+}
+
+#endif

components/mbedtls/test_apps/main/test_apb_dport_access.h

@@ -0,0 +1,23 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Unlicense OR CC0-1.0
+ */
+/* Utility functions to test that APB access is still safe
+   while the other CPU performs some set of DPORT accesses
+
+   (see ECO 3.10 and the standalone esp32 test_dport.c for more).
+*/
+
+/* start_apb_access_loop() starts a task reading from APB in a loop on the non-Unity-test CPU.
+
+   Call this before doing something which involes DPORT reads.
+
+   Does nothing in unicore mode.
+*/
+void start_apb_access_loop(void);
+
+/* verify_apb_access_loop() kills the task started by start_apb_access_loop()
+   and verifies that none of the APB reads were corrupted by unsafe DPORT reads.
+*/
+void verify_apb_access_loop(void);

components/mbedtls/test_apps/main/test_ecp.c

@@ -0,0 +1,256 @@
+/* mbedTLS Elliptic Curve functionality tests
+ *
+ * Focus on testing functionality where we use ESP32 hardware
+ * accelerated crypto features.
+ *
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <string.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <esp_random.h>
+
+/* ToDo - Remove this once appropriate solution is available.
+We need to define this for the file as ssl_misc.h uses private structures from mbedtls,
+which are undefined if the following flag is not defined */
+/* Many APIs in the file make use of this flag instead of `MBEDTLS_PRIVATE` */
+/* ToDo - Replace them with proper getter-setter once they are added */
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
+#include <mbedtls/entropy.h>
+#include <mbedtls/ctr_drbg.h>
+#include <mbedtls/ecdh.h>
+#include <mbedtls/ecdsa.h>
+#include <mbedtls/error.h>
+
+#include "unity.h"
+
+/* Note: negative value here so that assert message prints a grep-able
+   error hex value (mbedTLS uses -N for error codes) */
+#define TEST_ASSERT_MBEDTLS_OK(X) TEST_ASSERT_EQUAL_HEX32(0, -(X))
+
+TEST_CASE("mbedtls ECDH Generate Key", "[mbedtls]")
+{
+    mbedtls_ecdh_context ctx;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+
+    mbedtls_ecdh_init(&ctx);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    mbedtls_entropy_init(&entropy);
+    TEST_ASSERT_MBEDTLS_OK( mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0) );
+
+    TEST_ASSERT_MBEDTLS_OK( mbedtls_ecp_group_load(&ctx.ctx.mbed_ecdh.grp, MBEDTLS_ECP_DP_CURVE25519) );
+
+    TEST_ASSERT_MBEDTLS_OK( mbedtls_ecdh_gen_public(&ctx.ctx.mbed_ecdh.grp, &ctx.ctx.mbed_ecdh.d, &ctx.ctx.mbed_ecdh.Q,
+                                                    mbedtls_ctr_drbg_random, &ctr_drbg ) );
+
+    mbedtls_ecdh_free(&ctx);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+}
+
+TEST_CASE("mbedtls ECP self-tests", "[mbedtls]")
+{
+    TEST_ASSERT_EQUAL(0, mbedtls_ecp_self_test(1));
+}
+
+TEST_CASE("mbedtls ECP mul w/ koblitz", "[mbedtls]")
+{
+    /* Test case code via https://github.com/espressif/esp-idf/issues/1556 */
+    mbedtls_entropy_context ctxEntropy;
+    mbedtls_ctr_drbg_context ctxRandom;
+    mbedtls_ecdsa_context ctxECDSA;
+    const char* pers = "myecdsa";
+
+    mbedtls_entropy_init(&ctxEntropy);
+    mbedtls_ctr_drbg_init(&ctxRandom);
+    TEST_ASSERT_MBEDTLS_OK( mbedtls_ctr_drbg_seed(&ctxRandom, mbedtls_entropy_func, &ctxEntropy,
+                                                  (const unsigned char*) pers, strlen(pers)) );
+
+    mbedtls_ecdsa_init(&ctxECDSA);
+
+    TEST_ASSERT_MBEDTLS_OK( mbedtls_ecdsa_genkey(&ctxECDSA, MBEDTLS_ECP_DP_SECP256K1,
+                                                 mbedtls_ctr_drbg_random, &ctxRandom) );
+
+
+    TEST_ASSERT_MBEDTLS_OK(mbedtls_ecp_mul(&ctxECDSA.grp, &ctxECDSA.Q, &ctxECDSA.d, &ctxECDSA.grp.G,
+                                           mbedtls_ctr_drbg_random, &ctxRandom) );
+
+    mbedtls_ecdsa_free(&ctxECDSA);
+    mbedtls_ctr_drbg_free(&ctxRandom);
+    mbedtls_entropy_free(&ctxEntropy);
+}
+
+#if CONFIG_MBEDTLS_HARDWARE_ECC
+/*
+ * Coordinates and integers stored in big endian format
+ */
+const uint8_t ecc_p192_point_x[] = {
+    0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6,
+    0x7C, 0xBF, 0x20, 0xEB, 0x43, 0xA1, 0x88, 0x00,
+    0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12
+};
+
+const uint8_t ecc_p192_point_y[] = {
+    0x07, 0x19, 0x2B, 0x95, 0xFF, 0xC8, 0xDA, 0x78,
+    0x63, 0x10, 0x11, 0xED, 0x6B, 0x24, 0xCD, 0xD5,
+    0x73, 0xF9, 0x77, 0xA1, 0x1E, 0x79, 0x48, 0x11
+};
+
+const uint8_t ecc_p192_scalar[] = {
+    0x6f, 0x18, 0x34, 0xeb, 0x16, 0xb7, 0xac, 0x9f,
+    0x3c, 0x77, 0x71, 0xb3, 0x02, 0x30, 0x70, 0x48,
+    0x75, 0x87, 0xbb, 0x6f, 0x80, 0x34, 0x8d, 0x5e
+};
+
+const uint8_t ecc_p192_mul_res_x[] = {
+    0x3F, 0xEE, 0x6F, 0x1F, 0x99, 0xDC, 0xCB, 0x78,
+    0xB7, 0x47, 0x1C, 0x2A, 0xF5, 0xA0, 0xAC, 0xE6,
+    0xEC, 0x24, 0x82, 0x37, 0x6C, 0xC0, 0x27, 0xC5,
+};
+
+const uint8_t ecc_p192_mul_res_y[] = {
+    0xDF, 0xF3, 0x9E, 0x76, 0x24, 0xF4, 0xF6, 0xB4,
+    0xF0, 0x0A, 0x18, 0xE1, 0x0B, 0xD2, 0xD9, 0x83,
+    0xE8, 0x29, 0x5E, 0xD9, 0x46, 0x54, 0xC3, 0xE1
+};
+
+const uint8_t ecc_p256_point_x[] = {
+    0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47,
+    0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2,
+    0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0,
+    0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96
+};
+
+const uint8_t ecc_p256_point_y[] = {
+    0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B,
+    0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16,
+    0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE,
+    0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5
+};
+
+const uint8_t ecc_p256_scalar[] = {
+   0xB2, 0xC5, 0x9E, 0x92, 0x64, 0xCD, 0x5F, 0x66,
+   0x9E, 0xC8, 0x83, 0x6D, 0x99, 0x61, 0x18, 0x72,
+   0xC8, 0x60, 0x83, 0x1E, 0xE5, 0x79, 0xCC, 0x73,
+   0xA9, 0xB4, 0x74, 0x85, 0x70, 0x11, 0x2D, 0xA2,
+};
+
+const uint8_t ecc_p256_mul_res_x[] = {
+    0x26, 0x1A, 0x0F, 0xBD, 0xA5, 0xE5, 0x1E, 0xE7,
+    0xB3, 0xC3, 0xB7, 0x09, 0xD1, 0x4A, 0x7A, 0x2A,
+    0x16, 0x69, 0x4B, 0xAF, 0x76, 0x5C, 0xD4, 0x0E,
+    0x93, 0x57, 0xB8, 0x67, 0xF9, 0xA1, 0xE5, 0xE8
+};
+
+const uint8_t ecc_p256_mul_res_y[] = {
+    0xA0, 0xF4, 0x2E, 0x62, 0x36, 0x25, 0x9F, 0xE0,
+    0xF2, 0xA0, 0x41, 0x42, 0xD2, 0x95, 0x89, 0x41,
+    0x38, 0xF0, 0xEB, 0x6E, 0xA7, 0x96, 0x29, 0x24,
+    0xC7, 0xD4, 0x0C, 0x90, 0xA1, 0xC9, 0xD3, 0x3A
+};
+
+static int rng_wrapper(void *ctx, unsigned char *buf, size_t len)
+{
+    esp_fill_random(buf, len);
+	return 0;
+}
+
+static void test_ecp_mul(mbedtls_ecp_group_id id, const uint8_t *x_coord, const uint8_t *y_coord, const uint8_t *scalar,
+                        const uint8_t *result_x_coord, const uint8_t *result_y_coord)
+{
+    uint8_t x[32];
+    uint8_t y[32];
+    int size;
+    int ret;
+
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point R;
+    mbedtls_ecp_point P;
+    mbedtls_mpi m;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&R);
+    mbedtls_ecp_point_init(&P);
+    mbedtls_mpi_init(&m);
+
+    mbedtls_ecp_group_load(&grp, id);
+
+    size = grp.pbits / 8;
+
+    mbedtls_mpi_read_binary(&m, scalar, size);
+
+    mbedtls_mpi_read_binary(&P.X, x_coord, size);
+    mbedtls_mpi_read_binary(&P.Y, y_coord, size);
+
+    mbedtls_mpi_lset(&P.Z, 1);
+
+    ret = mbedtls_ecp_mul(&grp, &R, &m, &P, rng_wrapper, NULL);
+
+    TEST_ASSERT_EQUAL(0, ret);
+
+    mbedtls_mpi_write_binary(&R.X, x, mbedtls_mpi_size(&R.X));
+    mbedtls_mpi_write_binary(&R.Y, y, mbedtls_mpi_size(&R.Y));
+
+    TEST_ASSERT_EQUAL(0, memcmp(x, result_x_coord, mbedtls_mpi_size(&R.X)));
+    TEST_ASSERT_EQUAL(0, memcmp(y, result_y_coord, mbedtls_mpi_size(&R.Y)));
+
+    mbedtls_ecp_point_free(&R);
+    mbedtls_ecp_point_free(&P);
+    mbedtls_mpi_free(&m);
+    mbedtls_ecp_group_free(&grp);
+}
+
+TEST_CASE("mbedtls ECP point multiply with SECP192R1", "[mbedtls]")
+{
+    test_ecp_mul(MBEDTLS_ECP_DP_SECP192R1, ecc_p192_point_x, ecc_p192_point_y, ecc_p192_scalar,
+                 ecc_p192_mul_res_x, ecc_p192_mul_res_y);
+}
+
+TEST_CASE("mbedtls ECP point multiply with SECP256R1", "[mbedtls]")
+{
+    test_ecp_mul(MBEDTLS_ECP_DP_SECP256R1, ecc_p256_point_x, ecc_p256_point_y, ecc_p256_scalar,
+                 ecc_p256_mul_res_x, ecc_p256_mul_res_y);
+}
+
+static void test_ecp_verify(mbedtls_ecp_group_id id, const uint8_t *x_coord, const uint8_t *y_coord)
+{
+    int size;
+    int ret;
+
+    mbedtls_ecp_group grp;
+    mbedtls_ecp_point P;
+
+    mbedtls_ecp_group_init(&grp);
+    mbedtls_ecp_point_init(&P);
+
+    mbedtls_ecp_group_load(&grp, id);
+
+    size = grp.pbits / 8;
+
+    mbedtls_mpi_read_binary(&P.X, x_coord, size);
+    mbedtls_mpi_read_binary(&P.Y, y_coord, size);
+    mbedtls_mpi_lset(&P.Z, 1);
+
+    ret = mbedtls_ecp_check_pubkey(&grp, &P);
+
+    TEST_ASSERT_EQUAL(0, ret);
+
+    mbedtls_ecp_point_free(&P);
+    mbedtls_ecp_group_free(&grp);
+}
+
+TEST_CASE("mbedtls ECP point verify with SECP192R1", "[mbedtls]")
+{
+    test_ecp_verify(MBEDTLS_ECP_DP_SECP192R1, ecc_p192_mul_res_x, ecc_p192_mul_res_y);
+}
+
+TEST_CASE("mbedtls ECP point verify with SECP256R1", "[mbedtls]")
+{
+    test_ecp_verify(MBEDTLS_ECP_DP_SECP256R1, ecc_p256_mul_res_x, ecc_p256_mul_res_y);
+}
+#endif /* CONFIG_MBEDTLS_HARDWARE_ECC */

components/mbedtls/test_apps/main/test_esp_crt_bundle.c

@@ -0,0 +1,480 @@
+/* SSL server using plain mbedTLS sockets
+ *
+ * Adapted from the ssl_server example in mbedtls.
+ *
+ * SPDX-FileCopyrightText: The Mbed TLS Contributors
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * SPDX-FileContributor: 2019-2022 Espressif Systems (Shanghai) CO LTD
+ */
+#include "esp_err.h"
+#include "esp_log.h"
+
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/semphr.h"
+
+#include "mbedtls/entropy.h"
+#include "mbedtls/ctr_drbg.h"
+#include "mbedtls/x509.h"
+#include "mbedtls/ssl.h"
+#include "entropy_poll.h"
+#include "mbedtls/net_sockets.h"
+#include "mbedtls/error.h"
+#include "mbedtls/debug.h"
+
+#include "esp_crt_bundle.h"
+#include "esp_random.h"
+
+#include "unity.h"
+#include "test_utils.h"
+#include "unity_test_utils.h"
+
+#define SERVER_ADDRESS "localhost"
+#define SERVER_PORT "4433"
+
+extern const uint8_t server_cert_chain_pem_start[] asm("_binary_server_cert_chain_pem_start");
+extern const uint8_t server_cert_chain_pem_end[]   asm("_binary_server_cert_chain_pem_end");
+
+extern const uint8_t server_pk_start[] asm("_binary_prvtkey_pem_start");
+extern const uint8_t server_pk_end[]   asm("_binary_prvtkey_pem_end");
+
+extern const uint8_t server_cert_bundle_start[] asm("_binary_server_cert_bundle_start");
+extern const uint8_t server_cert_bundle_end[] asm("_binary_server_cert_bundle_end");
+
+extern const uint8_t bad_md_crt_pem_start[] asm("_binary_bad_md_crt_pem_start");
+extern const uint8_t bad_md_crt_pem_end[]   asm("_binary_bad_md_crt_pem_end");
+
+extern const uint8_t wrong_sig_crt_pem_start[] asm("_binary_wrong_sig_crt_esp32_com_pem_start");
+extern const uint8_t wrong_sig_crt_pem_end[]   asm("_binary_wrong_sig_crt_esp32_com_pem_end");
+
+extern const uint8_t correct_sig_crt_pem_start[] asm("_binary_correct_sig_crt_esp32_com_pem_start");
+extern const uint8_t correct_sig_crt_pem_end[]   asm("_binary_correct_sig_crt_esp32_com_pem_end");
+
+#define SEM_TIMEOUT 10000
+typedef struct {
+    mbedtls_ssl_context ssl;
+    mbedtls_net_context listen_fd;
+    mbedtls_net_context client_fd;
+
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+
+    mbedtls_ssl_config conf;
+    mbedtls_x509_crt cert;
+    mbedtls_pk_context pkey;
+
+} mbedtls_endpoint_t;
+
+typedef enum {
+    ESP_CRT_VALIDATE_UNKNOWN,
+    ESP_CRT_VALIDATE_OK,
+    ESP_CRT_VALIDATE_FAIL,
+}esp_crt_validate_res_t;
+
+int esp_crt_verify_callback(void *buf, mbedtls_x509_crt *crt, int data, uint32_t *flags);
+
+static const char *TAG = "cert_bundle_test";
+
+static volatile bool exit_flag;
+
+esp_err_t endpoint_teardown(mbedtls_endpoint_t *endpoint);
+
+static int myrand(void *rng_state, unsigned char *output, size_t len)
+{
+    size_t olen;
+    return mbedtls_hardware_poll(rng_state, output, len, &olen);
+}
+
+esp_err_t server_setup(mbedtls_endpoint_t *server)
+{
+    int ret;
+    mbedtls_ssl_config_init( &server->conf );
+    mbedtls_net_init( &server->listen_fd );
+    mbedtls_net_init( &server->client_fd );
+    mbedtls_ssl_init( &server->ssl );
+    mbedtls_x509_crt_init( &server->cert );
+    mbedtls_pk_init( &server->pkey );
+    mbedtls_entropy_init( &server->entropy );
+    mbedtls_ctr_drbg_init( &server->ctr_drbg );
+
+    ESP_LOGI(TAG, "Loading the server cert and key");
+    ret = mbedtls_x509_crt_parse( &server->cert, server_cert_chain_pem_start,
+                                  server_cert_chain_pem_end - server_cert_chain_pem_start);
+
+    if ( ret != 0 ) {
+        ESP_LOGE(TAG, "mbedtls_x509_crt_parse returned %d", ret );
+        return ESP_FAIL;
+    }
+
+    ret =  mbedtls_pk_parse_key( &server->pkey, (const unsigned char *)server_pk_start,
+                                 server_pk_end - server_pk_start, NULL, 0, myrand, NULL );
+    if ( ret != 0 ) {
+        ESP_LOGE(TAG, "mbedtls_pk_parse_key returned %d", ret );
+        return ESP_FAIL;
+    }
+
+    ESP_LOGI(TAG, "Bind on https://%s:%s/", SERVER_ADDRESS, SERVER_PORT );
+    if ( ( ret = mbedtls_net_bind( &server->listen_fd, NULL, SERVER_PORT, MBEDTLS_NET_PROTO_TCP ) ) != 0 ) {
+        ESP_LOGE(TAG, "mbedtls_net_bind returned %d", ret );
+        return ESP_FAIL;
+    }
+    mbedtls_net_set_nonblock(&server->listen_fd);
+
+    ESP_LOGI(TAG, "Seeding the random number generator");
+    if ( ( ret = mbedtls_ctr_drbg_seed( &server->ctr_drbg, mbedtls_entropy_func, &server->entropy,
+                                        NULL, 0) ) != 0 ) {
+        ESP_LOGE(TAG, "mbedtls_ctr_drbg_seed returned %d", ret );
+        return ESP_FAIL;
+    }
+
+    ESP_LOGI(TAG, "Setting up the SSL data");
+    if ( ( ret = mbedtls_ssl_config_defaults( &server->conf,
+                 MBEDTLS_SSL_IS_SERVER,
+                 MBEDTLS_SSL_TRANSPORT_STREAM,
+                 MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) {
+        ESP_LOGE(TAG, "mbedtls_ssl_config_defaults returned %d", ret );
+        return ESP_FAIL;
+    }
+
+    mbedtls_ssl_conf_rng( &server->conf, mbedtls_ctr_drbg_random, &server->ctr_drbg );
+
+    if (( ret = mbedtls_ssl_conf_own_cert( &server->conf, &server->cert, &server->pkey ) ) != 0 ) {
+        ESP_LOGE(TAG, "mbedtls_ssl_conf_own_cert returned %d", ret );
+        return ESP_FAIL;
+    }
+
+    if (( ret = mbedtls_ssl_setup( &server->ssl, &server->conf ) ) != 0 ) {
+        ESP_LOGE(TAG, "mbedtls_ssl_setup returned %d", ret );
+        return ESP_FAIL;
+    }
+    return ESP_OK;
+}
+
+void server_task(void *pvParameters)
+{
+    int ret;
+    mbedtls_endpoint_t server;
+    SemaphoreHandle_t *sema = (SemaphoreHandle_t *) pvParameters;
+
+
+    if (server_setup(&server) != ESP_OK) {
+        ESP_LOGE(TAG, "SSL server setup failed");
+        goto exit;
+    }
+
+    /* Signal that server is up and hence client task can start now */
+    xSemaphoreGive(*sema);
+
+    bool connected = false;
+    while (!exit_flag) {
+
+        ret = mbedtls_net_accept( &server.listen_fd, &server.client_fd, NULL, 0, NULL );
+
+        if (ret == 0) {
+            connected = true;
+        }
+
+        if (connected) {
+            mbedtls_ssl_set_bio( &server.ssl, &server.client_fd, mbedtls_net_send, mbedtls_net_recv, NULL );
+            ret = mbedtls_ssl_handshake( &server.ssl );
+            mbedtls_ssl_session_reset(&server.ssl);
+            connected = false;
+        }
+
+        vTaskDelay(20 / portTICK_PERIOD_MS);
+    }
+    ESP_LOGE(TAG, "Server shutdown");
+exit:
+    endpoint_teardown(&server);
+    xSemaphoreGive(*sema);
+    vTaskSuspend(NULL);
+}
+
+
+esp_err_t endpoint_teardown(mbedtls_endpoint_t *endpoint)
+{
+    mbedtls_net_free( &endpoint->client_fd );
+    mbedtls_net_free( &endpoint->listen_fd );
+
+    mbedtls_x509_crt_free( &endpoint->cert );
+    mbedtls_pk_free( &endpoint->pkey );
+    mbedtls_ssl_free( &endpoint->ssl );
+    mbedtls_ssl_config_free( &endpoint->conf );
+
+    mbedtls_ctr_drbg_free( &endpoint->ctr_drbg );
+    mbedtls_entropy_free( &endpoint->entropy );
+
+    return ESP_OK;
+}
+
+esp_err_t client_setup(mbedtls_endpoint_t *client)
+{
+    int ret;
+    mbedtls_ssl_config_init( &client->conf );
+    mbedtls_net_init( &client->client_fd );
+    mbedtls_ssl_init( &client->ssl );
+    mbedtls_x509_crt_init( &client->cert );
+    mbedtls_pk_init( &client->pkey );
+    mbedtls_entropy_init( &client->entropy );
+    mbedtls_ctr_drbg_init( &client->ctr_drbg );
+
+    ESP_LOGI(TAG, "Seeding the random number generator");
+    if ((ret = mbedtls_ctr_drbg_seed(&client->ctr_drbg, mbedtls_entropy_func, &client->entropy,
+                                     NULL, 0)) != 0) {
+        ESP_LOGE(TAG, "mbedtls_ctr_drbg_seed returned %d", ret);
+        return ESP_FAIL;
+    }
+
+    ESP_LOGI(TAG, "Setting hostname for TLS session...");
+    /* Hostname set here should match CN in server certificate */
+    if ((ret = mbedtls_ssl_set_hostname(&client->ssl, SERVER_ADDRESS)) != 0) {
+        ESP_LOGE(TAG, "mbedtls_ssl_set_hostname returned -0x%x", -ret);
+        return ESP_FAIL;
+    }
+
+    ESP_LOGI(TAG, "Setting up the SSL/TLS structure...");
+    if ((ret = mbedtls_ssl_config_defaults(&client->conf,
+                                           MBEDTLS_SSL_IS_CLIENT,
+                                           MBEDTLS_SSL_TRANSPORT_STREAM,
+                                           MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
+        ESP_LOGE(TAG, "mbedtls_ssl_config_defaults returned %d", ret);
+        return ESP_FAIL;
+    }
+    mbedtls_ssl_conf_rng(&client->conf, mbedtls_ctr_drbg_random, &client->ctr_drbg);
+
+    if ((ret = mbedtls_ssl_setup(&client->ssl, &client->conf)) != 0) {
+        ESP_LOGE(TAG, "mbedtls_ssl_setup returned -0x%x\n\n", -ret);
+        return ESP_FAIL;
+    }
+
+    return ESP_OK;
+}
+
+void client_task(void *pvParameters)
+{
+    SemaphoreHandle_t *client_signal_sem = (SemaphoreHandle_t *) pvParameters;
+    int ret = ESP_FAIL;
+
+    mbedtls_endpoint_t client;
+    esp_crt_validate_res_t res = ESP_CRT_VALIDATE_UNKNOWN;
+
+    if (client_setup(&client) != ESP_OK) {
+        ESP_LOGE(TAG, "SSL client setup failed");
+        goto exit;
+    }
+
+    /* Test with default crt bundle that doesnt contain the ca crt */
+    ESP_LOGI(TAG, "Connecting to %s:%s...", SERVER_ADDRESS, SERVER_PORT);
+    if ((ret = mbedtls_net_connect(&client.client_fd, SERVER_ADDRESS, SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
+        ESP_LOGE(TAG, "mbedtls_net_connect returned -%x", -ret);
+        goto exit;
+    }
+
+    ESP_LOGI(TAG, "Connected.");
+    mbedtls_ssl_set_bio(&client.ssl, &client.client_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+    ESP_LOGI(TAG, "Performing the SSL/TLS handshake with bundle that is missing the server root certificate");
+    while ( ( ret = mbedtls_ssl_handshake( &client.ssl ) ) != 0 ) {
+        if ( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) {
+            printf( "mbedtls_ssl_handshake failed with -0x%x\n", -ret );
+            break;
+        }
+    }
+
+    ESP_LOGI(TAG, "Verifying peer X.509 certificate for bundle ...");
+    ret  = mbedtls_ssl_get_verify_result(&client.ssl);
+
+    res = (ret == 0) ? ESP_CRT_VALIDATE_OK : ESP_CRT_VALIDATE_FAIL;
+
+    if (res == ESP_CRT_VALIDATE_OK) {
+        ESP_LOGI(TAG, "Certificate verification passed!");
+    } else {
+        ESP_LOGE(TAG, "Certificate verification failed!");
+    }
+    TEST_ASSERT(res == ESP_CRT_VALIDATE_FAIL);
+
+    // Reset session before new connection
+    mbedtls_ssl_close_notify(&client.ssl);
+    mbedtls_ssl_session_reset(&client.ssl);
+    mbedtls_net_free( &client.client_fd);
+
+    /* Test with bundle that does contain the CA crt */
+    esp_crt_bundle_attach(&client.conf);
+    esp_crt_bundle_set(server_cert_bundle_start, server_cert_bundle_end - server_cert_bundle_start);
+
+    ESP_LOGI(TAG, "Connecting to %s:%s...", SERVER_ADDRESS, SERVER_PORT);
+    if ((ret = mbedtls_net_connect(&client.client_fd, SERVER_ADDRESS, SERVER_PORT, MBEDTLS_NET_PROTO_TCP)) != 0) {
+        ESP_LOGE(TAG, "mbedtls_net_connect returned -%x", -ret);
+        goto exit;
+    }
+
+    ESP_LOGI(TAG, "Connected.");
+    mbedtls_ssl_set_bio(&client.ssl, &client.client_fd, mbedtls_net_send, mbedtls_net_recv, NULL);
+
+    ESP_LOGI(TAG, "Performing the SSL/TLS handshake with bundle that is missing the server root certificate");
+    while ( ( ret = mbedtls_ssl_handshake( &client.ssl ) ) != 0 ) {
+        if ( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) {
+            printf( "mbedtls_ssl_handshake failed with -0x%x\n", -ret );
+            break;
+        }
+    }
+
+    ESP_LOGI(TAG, "Verifying peer X.509 certificate for bundle ...");
+    ret  = mbedtls_ssl_get_verify_result(&client.ssl);
+
+    res = (ret == 0) ? ESP_CRT_VALIDATE_OK : ESP_CRT_VALIDATE_FAIL;
+
+    if (res == ESP_CRT_VALIDATE_OK) {
+        ESP_LOGI(TAG, "Certificate verification passed!");
+    } else {
+        ESP_LOGE(TAG, "Certificate verification failed!");
+    }
+    TEST_ASSERT(res == ESP_CRT_VALIDATE_OK);
+
+    // Reset session before new connection
+    mbedtls_ssl_close_notify(&client.ssl);
+    mbedtls_ssl_session_reset(&client.ssl);
+    mbedtls_net_free( &client.client_fd);
+
+
+exit:
+    mbedtls_ssl_close_notify(&client.ssl);
+    mbedtls_ssl_session_reset(&client.ssl);
+    esp_crt_bundle_detach(&client.conf);
+    endpoint_teardown(&client);
+    xSemaphoreGive(*client_signal_sem);
+    vTaskSuspend(NULL);
+}
+
+
+TEST_CASE("custom certificate bundle", "[mbedtls]")
+{
+   test_case_uses_tcpip();
+
+   SemaphoreHandle_t signal_sem = xSemaphoreCreateBinary();
+   TEST_ASSERT_NOT_NULL(signal_sem);
+
+   exit_flag = false;
+   TaskHandle_t server_task_handle;
+   xTaskCreate(server_task, "server task", 8192, &signal_sem, 10, &server_task_handle);
+
+   // Wait for the server to start up
+   if (!xSemaphoreTake(signal_sem, SEM_TIMEOUT / portTICK_PERIOD_MS)) {
+       TEST_FAIL_MESSAGE("signal_sem not released, server start failed");
+   }
+
+   SemaphoreHandle_t client_signal_sem = xSemaphoreCreateBinary();
+   TEST_ASSERT_NOT_NULL(client_signal_sem);
+
+   TaskHandle_t client_task_handle;
+   xTaskCreate(client_task, "client task", 8192, &client_signal_sem, 10, &client_task_handle);
+
+   if (!xSemaphoreTake(client_signal_sem, SEM_TIMEOUT / portTICK_PERIOD_MS)) {
+       TEST_FAIL_MESSAGE("client_signal_sem not released, client exit failed");
+   }
+   unity_utils_task_delete(client_task_handle);
+
+   exit_flag = true;
+
+   if (!xSemaphoreTake(signal_sem, SEM_TIMEOUT / portTICK_PERIOD_MS)) {
+       TEST_FAIL_MESSAGE("signal_sem not released, server exit failed");
+   }
+   unity_utils_task_delete(server_task_handle);
+   vSemaphoreDelete(client_signal_sem);
+   vSemaphoreDelete(signal_sem);
+}
+
+TEST_CASE("custom certificate bundle - weak hash", "[mbedtls]")
+{
+    /* A weak signature hash on the trusted certificate should not stop
+       us from verifying the chain, since we already trust it a weak signature hash is
+       not a security issue */
+
+    mbedtls_x509_crt crt;
+    uint32_t flags = 0;
+
+    esp_crt_bundle_attach(NULL);
+
+    mbedtls_x509_crt_init( &crt );
+    mbedtls_x509_crt_parse(&crt, bad_md_crt_pem_start, bad_md_crt_pem_end - bad_md_crt_pem_start);
+    TEST_ASSERT(mbedtls_x509_crt_verify(&crt, NULL, NULL, NULL, &flags, esp_crt_verify_callback, NULL) == 0);
+
+    mbedtls_x509_crt_free(&crt);
+
+    esp_crt_bundle_detach(NULL);
+}
+
+TEST_CASE("custom certificate bundle - wrong signature", "[mbedtls]")
+{
+    /* Check that the bundle will not verify a valid certificate from trusted root where the signature is wrong */
+
+    mbedtls_x509_crt crt;
+    uint32_t flags = 0;
+
+    esp_crt_bundle_attach(NULL);
+
+    mbedtls_x509_crt_init( &crt );
+    /* esp32.com cert chain where 1 byte in the signature is changed */
+    printf("Testing certificate with wrong signature\n");
+    mbedtls_x509_crt_parse(&crt, wrong_sig_crt_pem_start, wrong_sig_crt_pem_end - wrong_sig_crt_pem_start);
+    TEST_ASSERT(mbedtls_x509_crt_verify(&crt, NULL, NULL, NULL, &flags, esp_crt_verify_callback, NULL) != 0);
+    mbedtls_x509_crt_free(&crt);
+
+    mbedtls_x509_crt_init( &crt );
+    /* the correct esp32.com cert chain*/
+    printf("Testing certificate with correct signature\n");
+    mbedtls_x509_crt_parse(&crt, correct_sig_crt_pem_start, correct_sig_crt_pem_end - correct_sig_crt_pem_start);
+    TEST_ASSERT(mbedtls_x509_crt_verify(&crt, NULL, NULL, NULL, &flags, esp_crt_verify_callback, NULL) == 0);
+    mbedtls_x509_crt_free(&crt);
+
+    esp_crt_bundle_detach(NULL);
+}
+
+TEST_CASE("custom certificate bundle init API - bound checking", "[mbedtls]")
+{
+
+    uint8_t test_bundle[256] = {0};
+    esp_err_t esp_ret;
+    /* The API should fail with bundle size given as 1 */
+    esp_ret = esp_crt_bundle_set(test_bundle, 1);
+    TEST_ASSERT( esp_ret == ESP_ERR_INVALID_ARG);
+
+    /* Check that the esp_crt_bundle_set API will not accept a bundle
+     * which has more no. of certs than configured in
+     * CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_MAX_CERTS */
+
+    uint8_t rand;
+    esp_fill_random(&rand, 1);
+    test_bundle[0] = rand;
+
+    /* Make sure that the number of certs will always be greater than
+     * CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_MAX_CERTS */
+    test_bundle[1] = rand + CONFIG_MBEDTLS_CERTIFICATE_BUNDLE_MAX_CERTS;
+
+    esp_ret = esp_crt_bundle_set(test_bundle, sizeof(test_bundle));
+    TEST_ASSERT( esp_ret == ESP_ERR_INVALID_ARG);
+
+    /* The API should fail with bundle_size < BUNDLE_HEADER_OFFSET (2) + CRT_HEADER_OFFSET (4) */
+    test_bundle[0] = 0;
+    test_bundle[1] = 1; /* set num_certs = 1 */
+    esp_ret = esp_crt_bundle_set(test_bundle, 5);
+    TEST_ASSERT(esp_ret == ESP_ERR_INVALID_ARG);
+
+    /* Cert number is greater than actual certs present, The API should fail */
+    /* Actual No. of certs present in bundle = 1, setting num_certs to 5 */
+    test_bundle[1] = 5; /* num_certs */
+    test_bundle[3] = 5; /* cert_1_name_len */
+    test_bundle[5] = 10; /* cert_1_pub_key_len */
+    /* Actual bundle size becomes BUNDLE_HEADER_OFFSET (2) + CRT_HEADER_OFFSET (4) + cert_1_name_len(5) + cert_1_pub_key_len(10)
+     * i.e. 21 bytes */
+    esp_ret = esp_crt_bundle_set(test_bundle, 21);
+    TEST_ASSERT(esp_ret == ESP_ERR_INVALID_ARG);
+
+    /* The API should fail if bundle_size < BUNDLE_HEADER_OFFSET (2) + CRT_HEADER_OFFSET (4) + cert_1_name_len(5) + cert_1_pub_key_len(10) */
+    esp_ret = esp_crt_bundle_set(test_bundle, 20);
+    TEST_ASSERT(esp_ret == ESP_ERR_INVALID_ARG);
+
+    esp_crt_bundle_detach(NULL);
+}

components/mbedtls/test_apps/main/test_mbedtls.c

@@ -0,0 +1,50 @@
+/*
+ * SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Unlicense OR CC0-1.0
+ */
+/* mbedTLS self-tests as unit tests
+
+   Focus on testing functionality where we use ESP32 hardware
+   accelerated crypto features.
+
+   See also test_hwcrypto.c in esp32 component, which tests hardware crypto without mbedTLS.
+*/
+#include <string.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <esp_system.h>
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "mbedtls/aes.h"
+#include "mbedtls/bignum.h"
+#include "mbedtls/rsa.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/semphr.h"
+#include "unity.h"
+#include "sdkconfig.h"
+#include "test_apb_dport_access.h"
+#include "test_utils.h"
+
+TEST_CASE("mbedtls AES self-tests", "[aes]")
+{
+    start_apb_access_loop();
+    TEST_ASSERT_FALSE_MESSAGE(mbedtls_aes_self_test(1), "AES self-tests should pass.");
+    verify_apb_access_loop();
+}
+
+TEST_CASE("mbedtls MPI self-tests", "[bignum]")
+{
+    start_apb_access_loop();
+    TEST_ASSERT_FALSE_MESSAGE(mbedtls_mpi_self_test(1), "MPI self-tests should pass.");
+    verify_apb_access_loop();
+}
+
+TEST_CASE("mbedtls RSA self-tests", "[bignum]")
+{
+    start_apb_access_loop();
+    TEST_ASSERT_FALSE_MESSAGE(mbedtls_rsa_self_test(1), "RSA self-tests should pass.");
+    verify_apb_access_loop();
+}

components/mbedtls/test_apps/main/test_mbedtls_mpi.c

@@ -0,0 +1,277 @@
+/* mbedTLS bignum (MPI) self-tests as unit tests
+ *
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <string.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <sys/param.h>
+#include <esp_system.h>
+#include "mbedtls/bignum.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/semphr.h"
+#include "unity.h"
+#include "sdkconfig.h"
+#include "test_utils.h"
+
+#define MBEDTLS_OK 0
+
+/* Debugging function to print an MPI number to stdout. Happens to
+   print output that can be copy-pasted directly into a Python shell.
+*/
+void mbedtls_mpi_printf(const char *name, const mbedtls_mpi *X)
+{
+    static char buf[2048];
+    size_t n;
+    memset(buf, 0, sizeof(buf));
+    mbedtls_mpi_write_string(X, 16, buf, sizeof(buf)-1, &n);
+    if(n) {
+        printf("%s = (s=%d) 0x%s\n", name, X->MBEDTLS_PRIVATE(s), buf);
+    } else {
+        printf("%s = TOOLONG\n", name);
+    }
+}
+
+/*
+    Assert E == X, X=A*B if res_operands_overlap==0
+    Assert E == A, A=A*B if res_operands_overlap==1
+    Assert E == B, B=A*B if res_operands_overlap==2
+*/
+static void test_bignum_mult_variant(const char *a_str, const char *b_str, const char *e_str, size_t mod_bits, int res_operands_overlap)
+{
+    mbedtls_mpi A, B, X, E;
+    char x_buf[2048] = {0};
+    size_t x_buf_len = 0;
+
+    mbedtls_mpi_init(&A);
+    mbedtls_mpi_init(&B);
+    mbedtls_mpi_init(&X);
+    mbedtls_mpi_init(&E);
+
+    TEST_ASSERT_FALSE(mbedtls_mpi_read_string(&A, 16, a_str));
+    TEST_ASSERT_FALSE(mbedtls_mpi_read_string(&B, 16, b_str));
+
+    /* calulate X = A * B variant */
+    TEST_ASSERT_FALSE(mbedtls_mpi_read_string(&E, 16, e_str));
+    if (res_operands_overlap == 0) {
+        TEST_ASSERT_FALSE(mbedtls_mpi_mul_mpi(&X, &A, &B));
+    } else if (res_operands_overlap == 1) {
+        mbedtls_mpi_copy( &X, &A );
+        TEST_ASSERT_FALSE(mbedtls_mpi_mul_mpi(&X, &X, &B));
+    } else if (res_operands_overlap == 2) {
+        mbedtls_mpi_copy( &X, &B );
+        TEST_ASSERT_FALSE(mbedtls_mpi_mul_mpi(&X, &A, &X));
+    }
+
+    mbedtls_mpi_write_string(&X, 16, x_buf, sizeof(x_buf)-1, &x_buf_len);
+    TEST_ASSERT_EQUAL_STRING_MESSAGE(e_str, x_buf, "mbedtls_mpi_mul_mpi result wrong");
+
+#ifdef CONFIG_MBEDTLS_HARDWARE_MPI
+    mbedtls_mpi M;
+    /* if mod_bits arg is set, also do a esp_mpi_mul_mod() call */
+    if (mod_bits > 0 && mod_bits <= SOC_RSA_MAX_BIT_LEN) {
+        mbedtls_mpi_init(&M);
+        for(int i = 0; i < mod_bits; i++) {
+            mbedtls_mpi_set_bit(&M, i, 1);
+        }
+        TEST_ASSERT_FALSE(esp_mpi_mul_mpi_mod(&X, &A, &B, &M));
+
+        mbedtls_mpi_write_string(&X, 16, x_buf, sizeof(x_buf)-1, &x_buf_len);
+        TEST_ASSERT_EQUAL_STRING_MESSAGE(e_str, x_buf, "esp_mpi_mul_mpi_mod result wrong");
+
+        mbedtls_mpi_free(&M);
+    }
+#endif
+
+    mbedtls_mpi_free(&A);
+    mbedtls_mpi_free(&B);
+    mbedtls_mpi_free(&X);
+    mbedtls_mpi_free(&E);
+}
+
+/* Assert E = A * B, including 3 variants: X=A*B A*=B, B*=A */
+static void test_bignum_mult(const char *a_str, const char *b_str, const char *e_str, size_t mod_bits)
+{
+    for (int overlap_operands=0; overlap_operands < 3; ++overlap_operands) {
+        test_bignum_mult_variant(a_str, b_str, e_str, mod_bits, overlap_operands);
+    }
+}
+
+
+TEST_CASE("test MPI multiplication", "[bignum]")
+{
+    /* Run some trivial numbers tests w/ various high modulo bit counts,
+     should make no difference to the result
+    */
+    for(int i = 512; i <= SOC_RSA_MAX_BIT_LEN; i+= 512) {
+        test_bignum_mult("10", "100", "1000",
+                         i);
+    }
+
+    test_bignum_mult("60006FA8D3E3BD746BE39B860FFAADB4F108E15CF2ED8F685FB0E86CC4CB107A488720B41C3F1E18550F00619CD3CA8442296ECB54D2F52ECEE5346D310195700000000",
+                     "BF474CA7",
+                     "047BB102CAF58A48D3D97E4231BC0B753051D8232B9B939A2A4E310F88E65FEFD7762FC2DE0E2BAD6AA51A391DFFABD120653A312E4998F42E2C03AA404EE63B67275BC100000000",
+                     1024);
+
+    test_bignum_mult("49493AC229831EC01EEB01EAF3BBEBC44768EADF9ABC30C87D1791F5E04245756ED4965361EC0599626884DF079B6B5738985CE76BD66FAA67E3AAAD60775D5C9D44C09FDF9E27C033696C007BE1C540D718CA148BA01FFA4A358541E9E9F02F72BE37AFAB037DAEA5E3669A770400D2F4A5DBBD83A83919D05E3DD64787BC80000000",
+                     "B878CC29",
+                     "34CF37013066D5BDA2C86CF1FE7BDA66604E0D55DAFF9864B6E727BFF5871012B0AB73D28D4E100BA1E4607AA2A247C912FDBC435C6BF7C5F8E00278AE1381B1E5F6E3D52D2CBE819F0D65CB37370666D156E7A7B1FD4698D8C9D3165FC8A83F9293C839521993619CCF8180E521300C4306206C9121D629754F1FCC7839BF6DFAF33080000000",
+                     3072);
+
+    test_bignum_mult("24BF6185468786FDD303083D25E64EFC66CA472BC44D253102F8B4A9D3BFA75091386C0077937FE33FA3252D28855837AE1B484A8A9A45F7EE8C0C634F9E8CDDF79C5CE07EE72C7F123142198164234CABB724CF78B8173B9F880FC86322407AF1FEDFDDE2BEB674CA15F3E81A1521E071513A1E85B5DFA031F21ECAE9A34D",
+                     "010001",
+                     "24BF8644A80CCD855A00DB402E2374E2B5C6ADF60B78E97E2829B7A288697B103888FD38E393F776BF8664D04DB280BD0652F665D2E4D0923483FAEF5C01DC7C847A547CDBC7AB663EB0544AC37DA4B0CF03D0869D878FF3B6C3AF5072EAA39D3279D1DCC29C9933808ABDFE0DFD3BF59331AB6FBFD46556119250BD086E36A34D",
+        1536);
+
+    test_bignum_mult("-5D88B669C417EDD02213723546A906B7E9DA7683780E9B54856A2147467ADA316F8819D69486FC8056FE1E8EA7DEC5D5EF12340B95C4FC966F4B348D35893620",
+                     "9AE7FBC99546432DF71896FC239EADAEF38D18D2B2F0E2DD275AA977E2BF4411F5A3B2A5D33605AEBBCCBA7FEB9F2D2FA74206CEC169D74BF5A8C50D6F48EA08",
+                     "-38990016EB21810E3B5E6AEE339AEE72BB7CD629C4C9270A3D832701A2949BC82B2BE5A7F900C0C9937464699862821976095187D646884E8FBF01DE8C3442F3BC97B670AF573EFB74A9BBEBE4432EE74B0A83BBCDF59485D332B1FF49EB461A3A8B12C38FD72C7772D75EC6EBA5633199540C47678BD2F4ADEEA40830C2F100",
+        2048);
+
+
+    /* 1 << 2050 * 0X1234 */
+    test_bignum_mult("400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+                     "1234",
+                     "48D000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+                     3072);
+
+    /* multiply a 1178 bit number by a 2050 bit number */
+    test_bignum_mult("AAAAAAAAAA75124938ABBECD0EEEEE333333333333333333333FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFAAAAAAABBBBBBBBBBBBBBBBBBBB000000000000000000000000000000000004988A5293848932948872398400000000000FFFFFFFFFFF0000000000000EDFABC0204048975876873487387478327482374871327482347328742837483247283748234723874238",
+                     "390587293875124938ABBECD0EEEEE3333333333333333333333333333333399999888000AAAAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBB00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000EDFABC0204048975876873487387478327482374871327482347328742837483247283748234723874238478327400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003012111111111111111100000000000000000000000111111111111111111111111",
+                     "02603AF70D0421C1AD82CE623F28F70B128118D06D00C27D433EC25BA86E6105C3890A0B1973B8BE068CA68E159A21078785DDB37F94216FBF4AEC939958AF4B8CEA2A48895CECA87562FC846EAAE0C866AF9D41EEABFB1D579F5828E9666A15E2AF946F16A189B5C645872FDCA247D309AB0BCAFB0D112881186FCFFEDC87061B4AE4A375E9BBCF579A7BC87A8EAC8C6F66E107986FC603F920F5E1A0FD8C619D88D90066FFFC8F4DB77437EBD7E3BD7E398C4C01F93426E347E039DCA7B0A73C0C90A9C4271BB761ADFF88971D190CE5DA98EFC5D7390D33BC034908AF81D784A4D7F32D0902E0C5DABC706635D5A28FC0E3A364EDEB21E8E117041D0E4B51CA6F9684F434057E7FCF2AF6BD050334B1D11E043B0967154E57354B681161D3C618974D5A7E0385755B80B931AE9B59DD4402BAEC206F04B8440741B3C4CA6D9F7DAF0AE6B3BF1B24B76C2F12B9E9A7C50D32E2093608FC9A30CBD852329E64A9AE0BC3F513899EBFA28629C1DF38081FB8C6630408F70D7B9A37701ABA4176C8B7DCB8CC78BD7783B861A7FC50862E75191DB8",
+                     4096);
+
+
+    /* multiply two very large numbers (4080 bits x 4088 bits) with and without overlapping multipliers/multiplicant */
+    test_bignum_mult("B96BF707C8CD3CA5AE8247C5CA2AF98140EFAE60179BE3F5BEAD7DA3C6D17404C529239DD1EFE6CADAE1AAFB4FE936B0107839C28A7861E4364EB093CB4698E4BBF6BD8BEF85D9B35781D14AEE1BE86E57B49DF98896CF037CCBD8C622603D84891FD6AC48BE4728E564E64FB715C149C243BAA289569D0FF2E0C9E183D38C8A669CEFF542737E35F3E484D39FF7A3727EF8DB733DAB3E359E1456C0AE33C358EFEC8079EDDD5D58E09B37744EE1DBDF567742CFC0CE98BCC9AD90242ECCF7F6FA696C8C1B32A4D7285C56AB3658DB1AD89A7331F69DEFE212DE8EEEE5B377EC7A4112A27A0FD02EFABB9D3025F6563B65DC214A38A6E7BF8C78B6A3D2A8BA12D75BFBF26ACA655EF13A145AC18D2A6C9B535AAF8290314A2512451B3BD6DA19C42F1FD1B958E1F49303EDEC0392A8CD8450FBC177B26FD2D6CC23F051655565B42FEDE9685A9E708CFC8EA766B94D7B9B627BFA98945BB8EF88E9E7FB696BC4729240F1C25F7085E8C8A9DE2241BBC388FFC65E0058B4327D554FD2D8AA872614052C38BE177F9EC0E705DFDD5F82DD5ED49DAF3582CA64E7F14CE97FD6F25B53FD888D1593450EDC5E79A947F18D0917E01F66ACE99FF4A249C14957A9860B839CEE5096F78FE02C7610E558FC0FCA803A6EF0FBA64AB94893E61080BC5D2AC5DA548E9E0D8E2B63BAB6B82247DF22007D925711E0FE45EB14B92665B6",
+                        "C15B96BF707C8CD3CA5AE8247C5CA2AF98140EFAE60179BE3F5BEAD7DA3C6D17404C529239DD1EFE6CADAE1AAFB4FE936B0107839C28A7861E4364EB093CB4698E4BBF6BD8BEF85D9B35781D14AEE1BE86E57B49DF98896CF037CCBD8C622603D84891FD6AC48BE4728E564E64FB715C149C243BAA289569D0FF2E0C9E183D38C8A669CEFF542737E35F3E484D39FF7A3727EF8DB733DAB3E359E1456C0AE33C358EFEC8079EDDD5D58E09B37744EE1DBDF567742CFC0CE98BCC9AD90242ECCF7F6FA696C8C1B32A4D7285C56AB3658DB1AD89A7331F69DEFE212DE8EEEE5B377EC7A4112A27A0FD02EFABB9D3025F6563B65DC214A38A6E7BF8C78B6A3D2A8BA12D75BFBF26ACA655EF13A145AC18D2A6C9B535AAF8290314A2512451B3BD6DA19C42F1FD1B958E1F49303EDEC0392A8CD8450FBC177B26FD2D6CC23F051655565B42FEDE9685A9E708CFC8EA766B94D7B9B627BFA98945BB8EF88E9E7FB696BC4729240F1C25F7085E8C8A9DE2241BBC388FFC65E0058B4327D554FD2D8AA872614052C38BE177F9EC0E705DFDD5F82DD5ED49DAF3582CA64E7F14CE97FD6F25B53FD888D1593450EDC5E79A947F18D0917E01F66ACE99FF4A249C14957A9860B839CEE5096F78FE02C7610E558FC0FCA803A6EF0FBA64AB94893E61080BC5D2AC5DA548E9E0D8E2B63BAB6B82247DF22007D925711E0FE45EB14B92665B6",
+                        "08C0CBBCD99EC6C840B63887B07378C45DF268C118061B2AFFD9D0C854EE0F7DE5F548FF5BA7F155CCA81EF086F9760FCD86722167AC88E504723CB19A772D9EFF4EC75DD29F6187D34535B2A801C82DF9B1D0F08B64373A5AE5BD31346EE06EDB032B0A306A871E4FDB576F3E8D8F32ED4E054D9292719E77A1C5500FBEC23C59F5CC49A4E0B49D15F92D426FEF36376CB674AACDABF68A731746CA74440C71534D30CBF0252DE4EC38EA53E5821C9868F636239923C460CB813C4F05DD5EC36987A390FDBB7EE345F9D2687D1EF9A26A1FF84BF38049E995E1A5F2D5318A7BEFC9AA15528F7A2253299D30718459CF7958694AA58D91CA28F22718D07105C3FBFA4FEA970A810DD52BFC6AB4D44E3253347A3C5F42C1E723588343B210581F3B8A97C616A26C9C99C1376E169B8C8ED5DE6FA2272D24FB05BA6351B687A27C5CA1CF3FC1BA2BF06DD7598DED3F89080A2AB6DD694000698A7488274396E55EA78104584A5A0523C4744D018DCBFD3E411DA8CA679199FE818C59E08B126356028E3B6AAEA61ACE679D6EF2587CCAE513AB99EB161A405A8AA6FB36BB308BB7CBC21E2117B7CE4B4D1A1FE7EE0386DD229220BFD892A293FD7B8F6617743612736CC2F6200C736FD49C6A4AC9565E4B4EFD841C5FC3F6883621FD4319A11319EF462B549A12DA699612F2E8CE08525559C3487AAD57DFDBF1CAB847174C2FF8BA8D5232E33E5D8F60E5BE4CD8BE5857A860B615EFCFFF38DC0EE6A40F725D5275892419D3915EDB534166AC402B5849EB16AF1E8ADA68EF8C2E6AC8BE254DAEDAC135DA0ECA0E5A3CCF5332CFAB4C2249A92EF96A7DD6F69B4B0F9379CDA164FB1CB1934F27F42C0CEF9AFBA6A0B1716A4A1092E6CC7081AC74503A22F3C2071BB4D3A6842772C02CE78BD1FB4E0D39EB19E2425D3DC77777A8E8254F86A69950C75C1D8CF98C512ECEAF2FF15DC8A6D373A20045F63166BFDB8899C6095D91FC282D49DB9154E74DC64C41A98EFABDB207FF31A88718FF5410EA5A15E76F9591E5BE3B26035FD8567117588D9B94708B98FD764529B43B09EC6A2CDF79E2C05D3A799484516369795E103C7FCB78F1B1CADA47C3092695220FF2DB05136A9401897DE182EDB89022E4E7419B43172808C0A9F3ED80A8DF0A9E5F8E59E57994053050E709E63A4809AAECC3DEABDF5E2B9ED3F8FDA6297811A666E81BB0914B1F9D5D558EE40DBD89BE8B9D7F58575CE66C5A5EC2939463D1CECDD760B2C0584535FEEB2125CB675A1AB09CEDC81F27FA6830423B1F8D426E361EB1B9AD203C33176ACAB28C618714E068DA294C9338EF92FF4ED9F67F438E33E53797C1C31F8FF8D5466887E5610EA41C0CABC07ED90894BA73ECF84F5F3C5443EFAC61F9826C54D176D482CB5174D08A7EA3C3933FEE4986DB38A1EEC08D3366711D64",
+                        0);
+
+}
+
+static bool test_bignum_modexp(const char *z_str, const char *x_str, const char *y_str, const char *m_str, int ret_error)
+{
+    mbedtls_mpi Z = {0}; // Z is non-initialized (the sign Z.s=0)
+    mbedtls_mpi X, Y, M;
+    char z_buf[400] = { 0 };
+    size_t z_buf_len = 0;
+    bool fail = false;
+
+    printf("%s = (%s ^ %s) mod %s  ret=%d ... ", z_str, x_str, y_str, m_str, ret_error);
+
+    mbedtls_mpi_init(&X);
+    mbedtls_mpi_init(&Y);
+    mbedtls_mpi_init(&M);
+
+    TEST_ASSERT_FALSE(mbedtls_mpi_read_string(&X, 16, x_str));
+    TEST_ASSERT_FALSE(mbedtls_mpi_read_string(&Y, 16, y_str));
+    TEST_ASSERT_FALSE(mbedtls_mpi_read_string(&M, 16, m_str));
+
+    /* Z = (X ^ Y) mod M */
+    // (Z is passed to mbedtls_mpi_exp_mod() as a non-initialized with the sign s=0)
+    int err = mbedtls_mpi_exp_mod(&Z, &X, &Y, &M, NULL);
+    if (ret_error != err) {
+        printf("\nExpected ret_error %d, Was %d \n", ret_error, err);
+        fail = true;
+    }
+
+    if (ret_error == MBEDTLS_OK) {
+        mbedtls_mpi_write_string(&Z, 16, z_buf, sizeof(z_buf)-1, &z_buf_len);
+        if (strlen(z_str) != z_buf_len - 1 || memcmp(z_str, z_buf, strlen(z_str)) != 0) {
+            printf("\n");
+            mbedtls_mpi_printf("Z", &Z);
+            mbedtls_mpi_printf("X", &X);
+            mbedtls_mpi_printf("Y", &Y);
+            mbedtls_mpi_printf("M", &M);
+            printf("\nsize: Expected %d, Was %d \n", strlen(z_str), z_buf_len - 1);
+            printf("Expected '%s' Was '%s' \n", z_str, z_buf);
+            fail = true;
+        }
+    }
+
+    mbedtls_mpi_free(&Z);
+    mbedtls_mpi_free(&X);
+    mbedtls_mpi_free(&Y);
+    mbedtls_mpi_free(&M);
+
+    if (fail == true) {
+        printf(" FAIL\n\n");
+    } else {
+        printf(" PASS\n");
+    }
+    return fail;
+}
+
+TEST_CASE("test MPI modexp", "[bignum]")
+{
+    bool test_error = false;
+    printf("Z = (X ^ Y) mod M \n");
+    // test_bignum_modexp(Z, X, Y, M, ret_error);
+    test_error |= test_bignum_modexp("01000000", "1000", "2", "FFFFFFFF", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("014B5A90", "1234", "2", "FFFFFFF", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("01234321", "1111", "2", "FFFFFFFF", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("02", "5", "1", "3", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("22", "55", "1", "33", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("0222", "555", "1", "333", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("2222", "5555", "1", "3333", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("11", "5555", "1", "33", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("55", "1111", "1", "77", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("88", "1111", "2", "BB", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("01000000", "2", "128", "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("0ABCDEF12345", "ABCDEF12345", "1", "FFFFFFFFFFFF", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("0ABCDE", "ABCDE", "1", "FFFFF", MBEDTLS_OK);
+
+    test_error |= test_bignum_modexp("04",  "2",  "2",  "9",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("04",  "2", "-2",  "9",  MBEDTLS_ERR_MPI_BAD_INPUT_DATA);
+    test_error |= test_bignum_modexp("04",  "2",  "2", "-9",  MBEDTLS_ERR_MPI_BAD_INPUT_DATA);
+    test_error |= test_bignum_modexp("04",  "2", "-2", "-9",  MBEDTLS_ERR_MPI_BAD_INPUT_DATA);
+
+    test_error |= test_bignum_modexp("01",  "2",  "0",  "9",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("04",  "2",  "0",  "0",  MBEDTLS_ERR_MPI_BAD_INPUT_DATA);
+    test_error |= test_bignum_modexp("04",  "2",  "2",  "0",  MBEDTLS_ERR_MPI_BAD_INPUT_DATA);
+    test_error |= test_bignum_modexp("00",  "0",  "2",  "9",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("01",  "0",  "0",  "9",  MBEDTLS_OK);
+
+    test_error |= test_bignum_modexp("04", "-2",  "2",  "9",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("01", "-2",  "0",  "9",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("07", "-2",  "7",  "9",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("07", "-2",  "1",  "9",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("02",  "2",  "1",  "9",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("01",  "2",  "0",  "9",  MBEDTLS_OK);
+
+    test_error |= test_bignum_modexp("05",  "5",  "7",  "7",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("02", "-5",  "7",  "7",  MBEDTLS_OK);
+    test_error |= test_bignum_modexp("01", "-5",  "7",  "3",  MBEDTLS_OK);
+
+    test_error |= test_bignum_modexp("00", "123456789", "123456789", "123456789", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("01", "123456788", "123456788", "123456789", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("01", "12345678A", "12345678A", "123456789", MBEDTLS_OK);
+    test_error |= test_bignum_modexp("06", "-32", "03E9", "07", MBEDTLS_OK);
+
+    test_error |= test_bignum_modexp(
+        "5FA6CB1F76A157EC6CB02835DAD05B207DF883AB90CE4180277AB525801C9B5AF0C89B5C5E9DB2BB20CD0B86A308F006D19D4B1FBF355F2A8024B012A49ED483F5DF3FD77EFB40C221B6D67F28B5313F18728EFDF204C903A247A4A2CEE9542A15AD27F9EFB6AC0940D71BBCC4CB31B4D0372FAC26937A8CBA541503E0B8C80B",
+        "02",
+        "471CC5F6A82CCAB3B4FED79ADA3DEAF532166B1F0A5F2DA4CF364770CB883A85884C0E32029A256A3617251A1ACF4CB1E9FFD47A62699C3454444D193E2B0C1D3E6071E0D15C29A736E4EE76F6C63D3D157F8BE2CDFF05BD11C88A9691537869BF8DE4ED103E8EB9DB42B4E733F2D8FB1684435DC529B67305AB4A0FA9E42102",
+        "CF5CF5C38419A724957FF5DD323B9C45C3CDD261EB740F69AA94B8BB1A5C96409153BD76B24222D03274E4725A5406092E9E82E9135C643CAE98132B0D95F7D65347C68AFC1E677DA90E51BBAB5F5CF429C291B4BA39C6B2DC5E8C7231E46AA7728E87664532CDF547BE20C9A3FA8342BE6E34371A27C06F7DC0EDDDD2F86373",
+        MBEDTLS_OK);
+
+    test_error |= test_bignum_modexp(
+        "368A32291EA9B22B11BE9D23636C4AB69C1936527AE70A33B8240556F886BD3E242A381FB752845287ED74EF2AE01E9736C374897A6DD910FC607769A66745368E683E34222DA242DD4C5B68A5B817C10F3BC207F9354188E70A90F64DF3A6156B7569069D459304EB85C9FEFA1D0AEDB1279B89633131980A05C37472837FBB",
+        "02",
+        "31FBCFDDC81A8696DA8A33798AF97F041D4C659AC82C0D5C608386013E84EBC3229E03B509F7FC81B2A2DE08659AC8699D109034B22D47A0C5D34DC6B90D3299AEE0F18E321E02FE53793857F73A0E3DC1D9A7CE3E0FC930185D67C02C08454EA5CB53285EB67C32C94C1E56DC34FBA796BC54898B4CDBF76A920E46C0AC270D",
+        "CF5CF5C38419A724957FF5DD323B9C45C3CDD261EB740F69AA94B8BB1A5C96409153BD76B24222D03274E4725A5406092E9E82E9135C643CAE98132B0D95F7D65347C68AFC1E677DA90E51BBAB5F5CF429C291B4BA39C6B2DC5E8C7231E46AA7728E87664532CDF547BE20C9A3FA8342BE6E34371A27C06F7DC0EDDDD2F86373",
+        MBEDTLS_OK);
+
+    test_error |= test_bignum_modexp(
+        "631B2A9124600E91C030E6650284AE120CBAEFCB24083905F17B5B758A32CA071CA4BB109CDBA411F3136A009186E5E4F59A8DD481EDFD23FC95437749E971EB4C28E076FA3EC8E3E81A5A33E2B04598B987D7B11D74077E7B6F5C965A52558F5495D3FC518193132844E745D6C67C287C3239083A34DCB9F77F5348E0FC973D",
+        "BDAD66C8632D9E50A7EFDF9EC1465FFF445D45F1F2B57C8A18084E6743658BC45DCFD1F9F10ED6C2DDC0B14F1546D7DDE6624AE89722DB6B7BBE3AFBB26C5B2406E583834034C1F2162DD5BA5165B72C876EB7EE834268F1400F8FD8E88187B5264A452A5D795C6090CA02284E2E5CA136BED5AA05DAF5689136FA85F17D532D",
+        "471CC5F6A82CCAB3B4FED79ADA3DEAF532166B1F0A5F2DA4CF364770CB883A85884C0E32029A256A3617251A1ACF4CB1E9FFD47A62699C3454444D193E2B0C1D3E6071E0D15C29A736E4EE76F6C63D3D157F8BE2CDFF05BD11C88A9691537869BF8DE4ED103E8EB9DB42B4E733F2D8FB1684435DC529B67305AB4A0FA9E42102",
+        "CF5CF5C38419A724957FF5DD323B9C45C3CDD261EB740F69AA94B8BB1A5C96409153BD76B24222D03274E4725A5406092E9E82E9135C643CAE98132B0D95F7D65347C68AFC1E677DA90E51BBAB5F5CF429C291B4BA39C6B2DC5E8C7231E46AA7728E87664532CDF547BE20C9A3FA8342BE6E34371A27C06F7DC0EDDDD2F86373",
+        MBEDTLS_OK);
+
+    TEST_ASSERT_FALSE_MESSAGE(test_error, "mbedtls_mpi_exp_mod incorrect for some tests\n");
+}

components/mbedtls/test_apps/main/test_mbedtls_sha.c

@@ -0,0 +1,578 @@
+/*
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/*
+ * mbedTLS SHA unit tests
+ */
+#include <string.h>
+#include <stdio.h>
+#include <stdbool.h>
+#include <esp_system.h>
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+#include "mbedtls/sha512.h"
+#include "freertos/FreeRTOS.h"
+#include "freertos/task.h"
+#include "freertos/semphr.h"
+#include "unity.h"
+#include "sdkconfig.h"
+#include "test_apb_dport_access.h"
+#include "soc/soc_caps.h"
+#include "test_utils.h"
+#include "esp_memory_utils.h"
+
+TEST_CASE("mbedtls SHA self-tests", "[mbedtls]")
+{
+    start_apb_access_loop();
+    TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha1_self_test(1), "SHA1 self-tests should pass.");
+    TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha256_self_test(1), "SHA256 self-tests should pass.");
+    TEST_ASSERT_FALSE_MESSAGE(mbedtls_sha512_self_test(1), "SHA512 self-tests should pass.");
+    verify_apb_access_loop();
+}
+
+static const unsigned char *one_hundred_as = (unsigned char *)
+        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+
+static const unsigned char *one_hundred_bs =  (unsigned char *)
+        "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb";
+
+static const uint8_t sha256_thousand_as[32] = {
+    0x41, 0xed, 0xec, 0xe4, 0x2d, 0x63, 0xe8, 0xd9, 0xbf, 0x51, 0x5a, 0x9b, 0xa6, 0x93, 0x2e, 0x1c,
+    0x20, 0xcb, 0xc9, 0xf5, 0xa5, 0xd1, 0x34, 0x64, 0x5a, 0xdb, 0x5d, 0xb1, 0xb9, 0x73, 0x7e, 0xa3
+};
+
+
+static const uint8_t sha256_thousand_bs[32] = {
+    0xf6, 0xf1, 0x18, 0xe1, 0x20, 0xe5, 0x2b, 0xe0, 0xbd, 0x0c, 0xfd, 0xf2, 0x79, 0x4c, 0xd1, 0x2c, 0x07, 0x68, 0x6c, 0xc8, 0x71, 0x23, 0x5a, 0xc2, 0xf1, 0x14, 0x59, 0x37, 0x8e, 0x6d, 0x23, 0x5b
+};
+
+static const uint8_t sha512_thousand_bs[64] = {
+    0xa6, 0x68, 0x68, 0xa3, 0x73, 0x53, 0x2a, 0x5c, 0xc3, 0x3f, 0xbf, 0x43, 0x4e, 0xba, 0x10, 0x86, 0xb3, 0x87, 0x09, 0xe9, 0x14, 0x3f, 0xbf, 0x37, 0x67, 0x8d, 0x43, 0xd9, 0x9b, 0x95, 0x08, 0xd5, 0x80, 0x2d, 0xbe, 0x9d, 0xe9, 0x1a, 0x54, 0xab, 0x9e, 0xbc, 0x8a, 0x08, 0xa0, 0x1a, 0x89, 0xd8, 0x72, 0x68, 0xdf, 0x52, 0x69, 0x7f, 0x1c, 0x70, 0xda, 0xe8, 0x3f, 0xe5, 0xae, 0x5a, 0xfc, 0x9d
+};
+
+static const uint8_t sha384_thousand_bs[48] = {
+    0x6d, 0xe5, 0xf5, 0x88, 0x57, 0x60, 0x83, 0xff, 0x7c, 0x94, 0x61, 0x5f, 0x8d, 0x96, 0xf2, 0x76, 0xd5, 0x3f, 0x77, 0x0c, 0x8e, 0xc1, 0xbf, 0xb6, 0x04, 0x27, 0xa4, 0xba, 0xea, 0x6c, 0x68, 0x44, 0xbd, 0xb0, 0x9c, 0xef, 0x6a, 0x09, 0x28, 0xe8, 0x1f, 0xfc, 0x95, 0x03, 0x69, 0x99, 0xab, 0x1a
+};
+
+static const uint8_t sha1_thousand_as[20] = {
+    0x29, 0x1e, 0x9a, 0x6c, 0x66, 0x99, 0x49, 0x49, 0xb5, 0x7b, 0xa5,
+    0xe6, 0x50, 0x36, 0x1e, 0x98, 0xfc, 0x36, 0xb1, 0xba
+};
+
+
+TEST_CASE("mbedtls SHA interleaving", "[mbedtls]")
+{
+    mbedtls_sha1_context sha1_ctx;
+    mbedtls_sha256_context sha256_ctx;
+    mbedtls_sha512_context sha512_ctx;
+    unsigned char sha1[20], sha256[32], sha512[64];
+
+    mbedtls_sha1_init(&sha1_ctx);
+    mbedtls_sha256_init(&sha256_ctx);
+    mbedtls_sha512_init(&sha512_ctx);
+
+    TEST_ASSERT_EQUAL(0, mbedtls_sha1_starts(&sha1_ctx));
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts(&sha256_ctx, false));
+    TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts(&sha512_ctx, false));
+
+    for (int i = 0; i < 10; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha1_update(&sha1_ctx, one_hundred_as, 100));
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&sha256_ctx, one_hundred_as, 100));
+        TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&sha512_ctx, one_hundred_bs, 100));
+    }
+
+    TEST_ASSERT_EQUAL(0, mbedtls_sha1_finish(&sha1_ctx, sha1));
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish(&sha256_ctx, sha256));
+    TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish(&sha512_ctx, sha512));
+
+    mbedtls_sha1_free(&sha1_ctx);
+    mbedtls_sha256_free(&sha256_ctx);
+    mbedtls_sha512_free(&sha512_ctx);
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 calculation");
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 calculation");
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_thousand_as, sha1, 20, "SHA1 calculation");
+}
+
+#define SHA_TASK_STACK_SIZE (10*1024)
+static SemaphoreHandle_t done_sem;
+
+static void tskRunSHA1Test(void *pvParameters)
+{
+    mbedtls_sha1_context sha1_ctx;
+    unsigned char sha1[20];
+
+    for (int i = 0; i < 1000; i++) {
+        mbedtls_sha1_init(&sha1_ctx);
+        TEST_ASSERT_EQUAL(0, mbedtls_sha1_starts(&sha1_ctx));
+        for (int j = 0; j < 10; j++) {
+            TEST_ASSERT_EQUAL(0, mbedtls_sha1_update(&sha1_ctx, (unsigned char *)one_hundred_as, 100));
+        }
+        TEST_ASSERT_EQUAL(0, mbedtls_sha1_finish(&sha1_ctx, sha1));
+        mbedtls_sha1_free(&sha1_ctx);
+        TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_thousand_as, sha1, 20, "SHA1 calculation");
+    }
+    xSemaphoreGive(done_sem);
+    vTaskDelete(NULL);
+}
+
+static void tskRunSHA256Test(void *pvParameters)
+{
+    mbedtls_sha256_context sha256_ctx;
+    unsigned char sha256[32];
+
+    for (int i = 0; i < 1000; i++) {
+        mbedtls_sha256_init(&sha256_ctx);
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts(&sha256_ctx, false));
+        for (int j = 0; j < 10; j++) {
+            TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&sha256_ctx, (unsigned char *)one_hundred_bs, 100));
+        }
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish(&sha256_ctx, sha256));
+        mbedtls_sha256_free(&sha256_ctx);
+        TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_bs, sha256, 32, "SHA256 calculation");
+    }
+    xSemaphoreGive(done_sem);
+    vTaskDelete(NULL);
+}
+
+
+TEST_CASE("mbedtls SHA multithreading", "[mbedtls]")
+{
+    done_sem = xSemaphoreCreateCounting(4, 0);
+    xTaskCreate(tskRunSHA1Test, "SHA1Task1", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
+    xTaskCreate(tskRunSHA1Test, "SHA1Task2", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
+    xTaskCreate(tskRunSHA256Test, "SHA256Task1", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
+    xTaskCreate(tskRunSHA256Test, "SHA256Task2", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
+
+    for (int i = 0; i < 4; i++) {
+        if (!xSemaphoreTake(done_sem, 10000 / portTICK_PERIOD_MS)) {
+            TEST_FAIL_MESSAGE("done_sem not released by test task");
+        }
+    }
+    vSemaphoreDelete(done_sem);
+}
+
+void tskRunSHASelftests(void *param)
+{
+    for (int i = 0; i < 5; i++) {
+        if (mbedtls_sha1_self_test(1)) {
+            printf("SHA1 self-tests failed.\n");
+            while (1) {}
+        }
+
+        if (mbedtls_sha256_self_test(1)) {
+            printf("SHA256 self-tests failed.\n");
+            while (1) {}
+        }
+
+#if SOC_SHA_SUPPORT_SHA512
+        if (mbedtls_sha512_self_test(1)) {
+            printf("SHA512 self-tests failed.\n");
+            while (1) {}
+        }
+
+        if (mbedtls_sha512_self_test(1)) {
+            printf("SHA512 self-tests failed.\n");
+            while (1) {}
+        }
+#endif //SOC_SHA_SUPPORT_SHA512
+    }
+    xSemaphoreGive(done_sem);
+    vTaskDelete(NULL);
+}
+
+TEST_CASE("mbedtls SHA self-tests multithreaded", "[mbedtls]")
+{
+    done_sem = xSemaphoreCreateCounting(2, 0);
+    xTaskCreate(tskRunSHASelftests, "SHASelftests1", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
+    xTaskCreate(tskRunSHASelftests, "SHASelftests2", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
+
+    const int TIMEOUT_MS = 40000;
+
+    for (int i = 0; i < 2; i++) {
+        if (!xSemaphoreTake(done_sem, TIMEOUT_MS / portTICK_PERIOD_MS)) {
+            TEST_FAIL_MESSAGE("done_sem not released by test task");
+        }
+    }
+    vSemaphoreDelete(done_sem);
+}
+
+TEST_CASE("mbedtls SHA512 clone", "[mbedtls]")
+{
+    mbedtls_sha512_context ctx;
+    mbedtls_sha512_context clone;
+    unsigned char sha512[64];
+
+    mbedtls_sha512_init(&ctx);
+    TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts(&ctx, false));
+    for (int i = 0; i < 5; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&ctx, one_hundred_bs, 100));
+    }
+
+    mbedtls_sha512_init(&clone);
+    mbedtls_sha512_clone(&clone, &ctx);
+    for (int i = 0; i < 5; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&ctx, one_hundred_bs, 100));
+        TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&clone, one_hundred_bs, 100));
+    }
+    TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish(&ctx, sha512));
+    mbedtls_sha512_free(&ctx);
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 original calculation");
+
+    TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish(&clone, sha512));
+    mbedtls_sha512_free(&clone);
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 cloned calculation");
+}
+
+TEST_CASE("mbedtls SHA384 clone", "[mbedtls][")
+{
+    mbedtls_sha512_context ctx;
+    mbedtls_sha512_context clone;
+
+    unsigned char sha384[48];
+
+    mbedtls_sha512_init(&ctx);
+    TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts(&ctx, true));
+    for (int i = 0; i < 5; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&ctx, one_hundred_bs, 100));
+    }
+
+    mbedtls_sha512_init(&clone);
+    mbedtls_sha512_clone(&clone, &ctx);
+
+    for (int i = 0; i < 5; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&ctx, one_hundred_bs, 100));
+        TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&clone, one_hundred_bs, 100));
+    }
+/* intended warning supression: is384 == true */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wstringop-overflow"
+    TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish(&ctx, sha384));
+#pragma GCC diagnostic pop
+    mbedtls_sha512_free(&ctx);
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha384_thousand_bs, sha384, 48, "SHA512 original calculation");
+
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wstringop-overflow"
+    TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish(&clone, sha384));
+#pragma GCC diagnostic pop
+    mbedtls_sha512_free(&clone);
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha384_thousand_bs, sha384, 48, "SHA512 cloned calculation");
+}
+
+
+TEST_CASE("mbedtls SHA256 clone", "[mbedtls]")
+{
+    mbedtls_sha256_context ctx;
+    mbedtls_sha256_context clone;
+    unsigned char sha256[64];
+
+    mbedtls_sha256_init(&ctx);
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts(&ctx, false));
+    for (int i = 0; i < 5; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&ctx, one_hundred_as, 100));
+    }
+
+    mbedtls_sha256_init(&clone);
+    mbedtls_sha256_clone(&clone, &ctx);
+    for (int i = 0; i < 5; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&ctx, one_hundred_as, 100));
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&clone, one_hundred_as, 100));
+    }
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish(&ctx, sha256));
+    mbedtls_sha256_free(&ctx);
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 original calculation");
+
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish(&clone, sha256));
+    mbedtls_sha256_free(&clone);
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 cloned calculation");
+}
+
+typedef struct {
+    mbedtls_sha256_context ctx;
+    uint8_t result[32];
+    int ret;
+    bool done;
+} finalise_sha_param_t;
+
+static void tskFinaliseSha(void *v_param)
+{
+    finalise_sha_param_t *param = (finalise_sha_param_t *)v_param;
+
+    for (int i = 0; i < 5; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&param->ctx, one_hundred_as, 100));
+    }
+
+    param->ret = mbedtls_sha256_finish(&param->ctx, param->result);
+    mbedtls_sha256_free(&param->ctx);
+
+    param->done = true;
+    vTaskDelete(NULL);
+}
+
+
+TEST_CASE("mbedtls SHA session passed between tasks", "[mbedtls]")
+{
+    finalise_sha_param_t param = { 0 };
+
+    mbedtls_sha256_init(&param.ctx);
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts(&param.ctx, false));
+    for (int i = 0; i < 5; i++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&param.ctx, one_hundred_as, 100));
+    }
+
+    // pass the SHA context off to a different task
+    //
+    // note: at the moment this doesn't crash even if a mutex semaphore is used as the
+    // engine lock, but it can crash...
+    xTaskCreate(tskFinaliseSha, "SHAFinalise", SHA_TASK_STACK_SIZE, &param, 3, NULL);
+
+    while (!param.done) {
+        vTaskDelay(1);
+    }
+
+    TEST_ASSERT_EQUAL(0, param.ret);
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, param.result, 32, "SHA256 result from other task");
+}
+
+
+
+/* Random input generated and hashed using python:
+
+    import hashlib
+    import os, binascii
+
+    input = bytearray(os.urandom(150))
+    arr = ''
+    for idx, b in enumerate(input):
+        if idx % 8 == 0:
+            arr += '\n'
+        arr += "{}, ".format(hex(b))
+    digest = hashlib.sha256(input).hexdigest()
+
+*/
+const uint8_t test_vector[] = {
+    0xe4, 0x1a, 0x1a, 0x30, 0x71, 0xd3, 0x94, 0xb0,
+    0xc3, 0x7e, 0x99, 0x9f, 0x1a, 0xde, 0x4a, 0x36,
+    0xb1, 0x1, 0x81, 0x2b, 0x41, 0x91, 0x11, 0x7f,
+    0xd8, 0xe1, 0xd5, 0xe5, 0x52, 0x6d, 0x92, 0xee,
+    0x6c, 0xf7, 0x70, 0xea, 0x3a, 0xb, 0xc9, 0x97,
+    0xc0, 0x12, 0x6f, 0x10, 0x5b, 0x90, 0xd8, 0x52,
+    0x91, 0x69, 0xea, 0xc4, 0x1f, 0xc, 0xcf, 0xc6,
+    0xf0, 0x43, 0xc6, 0xa3, 0x1f, 0x46, 0x3c, 0x3d,
+    0x25, 0xe5, 0xa8, 0x27, 0x86, 0x85, 0x32, 0x3f,
+    0x33, 0xd8, 0x40, 0xc4, 0x41, 0xf6, 0x4b, 0x12,
+    0xd8, 0x5e, 0x4, 0x27, 0x42, 0x90, 0x73, 0x4,
+    0x8, 0x42, 0xd1, 0x64, 0xd, 0x84, 0x3, 0x1,
+    0x76, 0x88, 0xe4, 0x95, 0xdf, 0xe7, 0x62, 0xb4,
+    0xb3, 0xb2, 0x7e, 0x6d, 0x78, 0xca, 0x79, 0x82,
+    0xcc, 0xba, 0x22, 0xd2, 0x90, 0x2e, 0xe3, 0xa8,
+    0x2a, 0x53, 0x3a, 0xb1, 0x9a, 0x7f, 0xb7, 0x8b,
+    0xfa, 0x32, 0x47, 0xc1, 0x5c, 0x6, 0x4f, 0x7b,
+    0xcd, 0xb3, 0xf4, 0xf1, 0xd0, 0xb5, 0xbf, 0xfb,
+    0x7c, 0xc3, 0xa5, 0xb2, 0xc4, 0xd4,
+};
+
+const uint8_t test_vector_digest[] = {
+    0xff, 0x1c, 0x60, 0xcb, 0x21, 0xf0, 0x63, 0x68,
+    0xb9, 0xfc, 0xfe, 0xad, 0x3e, 0xb0, 0x2e, 0xd1,
+    0xf9, 0x08, 0x82, 0x82, 0x83, 0x06, 0xc1, 0x8a,
+    0x98, 0x5d, 0x36, 0xc0, 0xb7, 0xeb, 0x35, 0xe0,
+};
+
+
+TEST_CASE("mbedtls SHA, input in flash", "[mbedtls]")
+{
+    mbedtls_sha256_context sha256_ctx;
+    unsigned char sha256[32];
+
+    mbedtls_sha256_init(&sha256_ctx);
+
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts(&sha256_ctx, false));
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&sha256_ctx, test_vector, sizeof(test_vector)));
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish(&sha256_ctx, sha256));
+    mbedtls_sha256_free(&sha256_ctx);
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(test_vector_digest, sha256, 32, "SHA256 calculation");
+}
+
+/* Function are not implemented in SW */
+#if CONFIG_MBEDTLS_HARDWARE_SHA && SOC_SHA_SUPPORT_SHA512_T
+
+/*
+ * FIPS-180-2 test vectors
+ */
+static unsigned char sha512T_test_buf[2][113] = {
+    { "abc" },
+    {
+        "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
+        "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
+    }
+};
+
+static const size_t sha512T_test_buflen[2] = {
+    3, 112
+};
+
+static const esp_sha_type sha512T_algo[4] = {
+    SHA2_512224, SHA2_512256, SHA2_512T, SHA2_512T
+};
+
+static const size_t sha512T_t_len[4] = { 224, 256, 224, 256 };
+
+static const unsigned char sha512_test_sum[4][32] = {
+    /* SHA512-224 */
+    {
+        0x46, 0x34, 0x27, 0x0f, 0x70, 0x7b, 0x6a, 0x54,
+        0xda, 0xae, 0x75, 0x30, 0x46, 0x08, 0x42, 0xe2,
+        0x0e, 0x37, 0xed, 0x26, 0x5c, 0xee, 0xe9, 0xa4,
+        0x3e, 0x89, 0x24, 0xaa
+    },
+    {
+        0x23, 0xfe, 0xc5, 0xbb, 0x94, 0xd6, 0x0b, 0x23,
+        0x30, 0x81, 0x92, 0x64, 0x0b, 0x0c, 0x45, 0x33,
+        0x35, 0xd6, 0x64, 0x73, 0x4f, 0xe4, 0x0e, 0x72,
+        0x68, 0x67, 0x4a, 0xf9
+    },
+
+    /* SHA512-256 */
+    {
+        0x53, 0x04, 0x8e, 0x26, 0x81, 0x94, 0x1e, 0xf9,
+        0x9b, 0x2e, 0x29, 0xb7, 0x6b, 0x4c, 0x7d, 0xab,
+        0xe4, 0xc2, 0xd0, 0xc6, 0x34, 0xfc, 0x6d, 0x46,
+        0xe0, 0xe2, 0xf1, 0x31, 0x07, 0xe7, 0xaf, 0x23
+    },
+    {
+        0x39, 0x28, 0xe1, 0x84, 0xfb, 0x86, 0x90, 0xf8,
+        0x40, 0xda, 0x39, 0x88, 0x12, 0x1d, 0x31, 0xbe,
+        0x65, 0xcb, 0x9d, 0x3e, 0xf8, 0x3e, 0xe6, 0x14,
+        0x6f, 0xea, 0xc8, 0x61, 0xe1, 0x9b, 0x56, 0x3a
+    }
+
+    /* For SHA512_T testing we use t=224 & t=256
+     * so the hash digest should be same as above
+     */
+};
+
+/* This will run total of 8 test cases, 2 for each of the below MODE
+ * SHA512/224, SHA512/256, SHA512/t with t=224 & SHA512/t with t=256
+ *
+ * Test is disabled for ESP32 as there is no hardware for SHA512/t
+ */
+TEST_CASE("mbedtls SHA512/t", "[mbedtls]")
+{
+    mbedtls_sha512_context sha512_ctx;
+    unsigned char sha512[64], k;
+
+    for (int i = 0; i < 4; i++) {
+        for (int j = 0; j < 2; j++) {
+            k = i * 2 + j;
+            mbedtls_sha512_init(&sha512_ctx);
+            TEST_ASSERT_EQUAL(0, mbedtls_sha512_starts(&sha512_ctx, false));
+            esp_sha512_set_mode(&sha512_ctx, sha512T_algo[i]);
+            if (i > 1) {
+                k = (i - 2) * 2 + j;
+                esp_sha512_set_t(&sha512_ctx, sha512T_t_len[i]);
+            }
+            TEST_ASSERT_EQUAL(0, mbedtls_sha512_update(&sha512_ctx, sha512T_test_buf[j], sha512T_test_buflen[j]));
+            TEST_ASSERT_EQUAL(0, mbedtls_sha512_finish(&sha512_ctx, sha512));
+            mbedtls_sha512_free(&sha512_ctx);
+
+            TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_test_sum[k], sha512, sha512T_t_len[i] / 8, "SHA512t calculation");
+        }
+    }
+}
+#endif //CONFIG_MBEDTLS_HARDWARE_SHA
+
+#ifdef CONFIG_SPIRAM_USE_MALLOC
+#include "test_mbedtls_utils.h"
+TEST_CASE("mbedtls SHA256 PSRAM DMA", "[mbedtls]")
+{
+    const unsigned CALLS = 256;
+    const unsigned CALL_SZ = 16 * 1024;
+    mbedtls_sha256_context sha256_ctx;
+    unsigned char sha256[32];
+
+    // allocate external memory
+    uint8_t *buf = heap_caps_malloc(CALL_SZ, MALLOC_CAP_8BIT | MALLOC_CAP_SPIRAM);
+    TEST_ASSERT(esp_ptr_external_ram(buf));
+    memset(buf, 0x54, CALL_SZ);
+
+    mbedtls_sha256_init(&sha256_ctx);
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts(&sha256_ctx, false));
+    for (int c = 0; c < CALLS; c++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&sha256_ctx, buf, CALL_SZ));
+    }
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish(&sha256_ctx, sha256));
+
+    free(buf);
+    mbedtls_sha256_free(&sha256_ctx);
+
+    /* Check the result. Reference value can be calculated using:
+     * dd if=/dev/zero bs=$((16*1024)) count=256 | tr '\000' '\124' | sha256sum
+     */
+    const char *expected_hash = "8d031167bd706ac337e07aa9129c34ae4ae792d0a79a2c70e7f012102e8adc3d";
+    char hash_str[sizeof(sha256) * 2 + 1];
+    utils_bin2hex(hash_str, sizeof(hash_str), sha256, sizeof(sha256));
+
+    TEST_ASSERT_EQUAL_STRING(expected_hash, hash_str);
+
+}
+#endif //CONFIG_SPIRAM_USE_MALLOC
+
+#if CONFIG_ESP_SYSTEM_RTC_FAST_MEM_AS_HEAP_DEPCHECK
+
+TEST_CASE("mbedtls SHA stack in RTC RAM", "[mbedtls]")
+{
+    done_sem = xSemaphoreCreateBinary();
+    static StaticTask_t rtc_task;
+    size_t STACK_SIZE = 3072;
+    uint8_t *rtc_stack = heap_caps_calloc(STACK_SIZE, 1, MALLOC_CAP_RTCRAM);
+
+    TEST_ASSERT(esp_ptr_in_rtc_dram_fast(rtc_stack));
+
+    TEST_ASSERT_NOT_NULL(xTaskCreateStatic(tskRunSHA256Test, "tskRunSHA256Test_task", STACK_SIZE, NULL,
+                                            3, rtc_stack, &rtc_task));
+    TEST_ASSERT_TRUE(xSemaphoreTake(done_sem, 10000 / portTICK_PERIOD_MS));
+
+     /* Give task time to cleanup before freeing stack */
+    vTaskDelay(1000 / portTICK_PERIOD_MS);
+    free(rtc_stack);
+
+    vSemaphoreDelete(done_sem);
+}
+
+#endif //CONFIG_ESP_SYSTEM_RTC_FAST_MEM_AS_HEAP_DEPCHECK
+
+#if CONFIG_SPIRAM_ALLOW_STACK_EXTERNAL_MEMORY && CONFIG_SPIRAM_USE_MALLOC
+
+TEST_CASE("mbedtls SHA stack in PSRAM", "[mbedtls]")
+{
+    done_sem = xSemaphoreCreateBinary();
+    static StaticTask_t psram_task;
+    size_t STACK_SIZE = 3072;
+    uint8_t *psram_stack = heap_caps_calloc(STACK_SIZE, 1, MALLOC_CAP_SPIRAM);
+
+    TEST_ASSERT(esp_ptr_external_ram(psram_stack));
+
+    TEST_ASSERT_NOT_NULL(xTaskCreateStatic(tskRunSHA256Test, "tskRunSHA256Test_task", STACK_SIZE, NULL,
+                                            3, psram_stack, &psram_task));
+    TEST_ASSERT_TRUE(xSemaphoreTake(done_sem, 10000 / portTICK_PERIOD_MS));
+
+    /* Give task time to cleanup before freeing stack */
+    vTaskDelay(1000 / portTICK_PERIOD_MS);
+    free(psram_stack);
+
+    vSemaphoreDelete(done_sem);
+}
+
+#endif //CONFIG_SPIRAM_ALLOW_STACK_EXTERNAL_MEMORY && CONFIG_SPIRAM_USE_MALLOC

components/mbedtls/test_apps/main/test_mbedtls_utils.c

@@ -0,0 +1,30 @@
+/*
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include <stdlib.h>
+#include <stdint.h>
+#include "test_mbedtls_utils.h"
+
+static inline char to_hex_digit(unsigned val)
+{
+    return (val < 10) ? ('0' + val) : ('a' + val - 10);
+}
+
+
+void utils_bin2hex(char *const hex, const size_t hex_maxlen, const unsigned char *const bin, const size_t bin_len)
+{
+    assert(bin_len < SIZE_MAX / 2);
+    assert(hex_maxlen > bin_len * 2U);
+    assert(hex);
+    assert(bin);
+
+    int i;
+    for (i = 0; i < bin_len; i++) {
+        hex[2*i] = to_hex_digit(bin[i] >> 4);
+        hex[2*i + 1] = to_hex_digit(bin[i] & 0xf);
+    }
+    hex[i * 2U] = 0U;
+}

components/mbedtls/test_apps/main/test_mbedtls_utils.h

@@ -0,0 +1,9 @@
+/*
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+#include <stddef.h>
+
+void utils_bin2hex(char *const hex, const size_t hex_maxlen, const unsigned char *const bin, const size_t bin_len);

components/mbedtls/test_apps/main/test_rsa.c

@@ -0,0 +1,603 @@
+/* mbedTLS RSA functionality tests
+ *
+ * Focus on testing functionality where we use ESP32 hardware
+ * accelerated crypto features
+ *
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <string.h>
+#include <stdbool.h>
+#include "esp_system.h"
+#include "esp_task_wdt.h"
+#include "mbedtls/rsa.h"
+#include "mbedtls/pk.h"
+#include "mbedtls/x509_crt.h"
+#include <mbedtls/entropy.h>
+#include <mbedtls/ctr_drbg.h>
+#include "entropy_poll.h"
+#include "freertos/FreeRTOS.h"
+#include "unity.h"
+#include "test_utils.h"
+#include "memory_checks.h"
+#include "ccomp_timer.h"
+
+#define PRINT_DEBUG_INFO
+
+/* Taken from openssl s_client -connect api.gigafive.com:443 -showcerts
+ */
+static const char *rsa4096_cert = "-----BEGIN CERTIFICATE-----\n"\
+    "MIIExzCCA6+gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBkjELMAkGA1UEBhMCVVMx\n"\
+    "CzAJBgNVBAgMAkNBMRQwEgYDVQQHDAtTYW50YSBDbGFyYTElMCMGA1UECgwcR2ln\n"\
+    "YWZpdmUgVGVjaG5vbG9neSBQYXJ0bmVyczEZMBcGA1UEAwwQR2lnYWZpdmUgUm9v\n"\
+    "dCBDQTEeMBwGCSqGSIb3DQEJARYPY2FAZ2lnYWZpdmUuY29tMB4XDTE2MDgyNzE2\n"\
+    "NDYyM1oXDTI2MDgyNTE2NDYyM1owgZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJD\n"\
+    "QTEUMBIGA1UEBwwLU2FudGEgQ2xhcmExKTAnBgNVBAoMIEdpZ2FmaXZlIFRlY2hu\n"\
+    "b2xvZ3kgUGFydG5lcnMgTExDMRkwFwYDVQQDDBBhcGkuZ2lnYWZpdmUuY29tMR8w\n"\
+    "HQYJKoZIhvcNAQkBFhBjcmxAZ2lnYWZpdmUuY29tMIICIjANBgkqhkiG9w0BAQEF\n"\
+    "AAOCAg8AMIICCgKCAgEAof82VrEpXMpsI/ddW6RLeTeSYtxiXZZkRbDKN6otYgEk\n"\
+    "vA8yRbzei2cO2A/8+Erhe9beYLAMXWF+bjoUAFwnuIcbmufgHprOYzX/7CYXCsrH\n"\
+    "LrJfVF6kvjCXy2W3xSvgh8ZgHNWnBGzl13tq19Fz8x0AhK5GQ9608oJCbnQjpVSI\n"\
+    "lZDl3JVOifCeXf2c7nMhVOC/reTeto0Gbchs8Ox50WyojmfYbVjOQcA7f8p1eI+D\n"\
+    "XUJK01cUGVu6/KarVArGHh5LsiyXOadbyeyOXPmjyrgarG3IIBeQSNECfJZPc/OW\n"\
+    "lFszjU4YLDckI4x+tReiuFQbQPN5sDplcEldmZZm/8XD36ddvAaDds+SYlPXxDK7\n"\
+    "7L8RBVUG2Ylc9YZf7RE6IMDmdQmsCZDX0VxySYEmzv5lnAx4mzzaXcgS+kHMOLyK\n"\
+    "n9UxmpzwQoqqC9tMZqwRaeKW1njR1dSwQLqirBPfGCWKkpkpm7C3HEfeeLrasral\n"\
+    "aPf6LAwN3A4ZKHa5Jmne7W+1eYS1aTXOAOLIPcXRAh1B80H+SusIdM9d6vk2YTIg\n"\
+    "khwGQV3sgM6nIO5+T/8z141UEjWbtP7pb/u0+G9Cg7TwvRoO2UukxdvOwNto1G2e\n"\
+    "J3rKB/JSYsYWnPHvvh9XR+55PZ4iCf9Rqw/IP82uyGipR9gxlHqN8WhMTj9tNEkC\n"\
+    "AwEAAaMhMB8wHQYDVR0OBBYEFISCemcSriz1HFhRXluw9H+Bv9lEMA0GCSqGSIb3\n"\
+    "DQEBCwUAA4IBAQCMetK0xe6Y/uZpb1ARh+hHYcHI3xI+IG4opWJeoB1gDh/xpNAW\n"\
+    "j6t5MGbLoqNMBXbqL26hnKVspyvCxw7ebI5ZJgjtbrD1t+0D8yrgIZzr7AWGA9Hj\n"\
+    "WIHqDHGDxwkmfjVVPmuO3l5RtJmL6KV6kVL2bOvVI6gECpFLddmOTtg+iXDfSw3x\n"\
+    "0+ueMYKr8QLF+TCxfzQTHvTHvOJtcZHecc1n7PYbRmI2p7tV6RoBpV69oM6NAVUV\n"\
+    "i2QoSxm0pYzDzavOaxwhEPHT34Tpg6fwXy1QokFD9OtxRFtdpTjL3bMWpatZE+ba\n"\
+    "cjvvf0utMW5fNjTTxu1nnpuxZM3ifTCqZJ+9\n"\
+    "-----END CERTIFICATE-----\n";
+
+static const char *rsa3072_cert = "-----BEGIN CERTIFICATE-----\n"\
+    "MIIEszCCAxugAwIBAgIUNTBsyv59/rRarOVm3KBA29zqEtUwDQYJKoZIhvcNAQEL\n"\
+    "BQAwaTELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFNoYW5naGFpMREwDwYDVQQHDAhT\n"\
+    "aGFuZ2hhaTESMBAGA1UECgwJRXNwcmVzc2lmMQwwCgYDVQQLDANJREYxEjAQBgNV\n"\
+    "BAMMCWVzcHJlc3NpZjAeFw0yMDA3MTQwODQ5NDdaFw0yMTA3MTQwODQ5NDdaMGkx\n"\
+    "CzAJBgNVBAYTAkNOMREwDwYDVQQIDAhTaGFuZ2hhaTERMA8GA1UEBwwIU2hhbmdo\n"\
+    "YWkxEjAQBgNVBAoMCUVzcHJlc3NpZjEMMAoGA1UECwwDSURGMRIwEAYDVQQDDAll\n"\
+    "c3ByZXNzaWYwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDMj3ZwPd2y\n"\
+    "+UxzmMUdZC5I5JQIzvUmHRNJWUe99Vht/rIEQuNSGg7xjyvuZoyeFo+Yg+QYUICa\n"\
+    "Ipe4y2bZS12QsTxUmeoEhYORDSeQXFEo4aUmWuKIs6Y41dBOL7eDYDL3FRmIgmcn\n"\
+    "qMonyCrSzXlcgHOVtMd8U8ifkX5u+nTigQLSIHVeAFz8CvC0tIiPm9YFurtMN15p\n"\
+    "P1K/AH17ljtwVqacrI/asZgX+ECY5rauNJLigEYgfr7+xV6GofaXp6rUpGgWbVxM\n"\
+    "hqKe/dbDuIzte3VK+zRDNDCeE5gPQjgoSDblOVmPemrq7KKjZ/PKmP47ct5a/0Ov\n"\
+    "zWcdCgaXDRoPiwbpmz3Z6uh3JdvsDf214svLK+z4EDIRzpvggM0pfDvOADatiPkr\n"\
+    "KmnFD1ZZx3R29/7IZ5OVvQL1hgWbm3cL4JADOc8PQKcqCzBE9JDdAVoa228ESaJ/\n"\
+    "n4b63qaqfgBnoaFzCEruEcXj5nuXBxlk19WWtgY1tZtAgoA8hTWxxH0CAwEAAaNT\n"\
+    "MFEwHQYDVR0OBBYEFPlwrvgkde/r+F8VRMMtpDUIxAtgMB8GA1UdIwQYMBaAFPlw\n"\
+    "rvgkde/r+F8VRMMtpDUIxAtgMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL\n"\
+    "BQADggGBAH9nBaEP+FWyaZnmxCblKhs8eIEYXzjxbnRUPo5b3uL/PAv1XD1kEUwY\n"\
+    "GWnJ7Z5HOSCdVMgo1opmKGLWuiVP6Vlt9QuA/tWh0bGScL4QfriPXuA7aXAcLbW/\n"\
+    "BqHNJ9Z+H2Fq09XktkZE4Nfnv3iTMMqfNCchM3t3iWZRf2sRVYIdd5OjhM+CLLUK\n"\
+    "kYNiseAgbcBX0/kqTdHlC6OS8Mcu9btJ/663DZy8tndf+PH+EB6fexQd9T31jWoj\n"\
+    "OkEkJ4vDRZP+0LceK7kNcMOcLx8DnF9LwUyHQitW7NMFServoTfxy8A0yep7nIOH\n"\
+    "M/ndECzirQ6WkR9jMG3cw0Jm5mZvA9IAvnLhUO45AyZGC8mShJ0AaXtqejqPg9ng\n"\
+    "//5VIpzoqwVkrMYlMA7ZrccQiRsd2nlBHr+64PRwRCp7y5FOxIzhGzsJibXUpO/V\n"\
+    "FNwuPz+VcnPvJE7r4gB1oRViiGYojMDQV3G+jbgvpTHKUKP6zzavSAKs+FlfEAmh\n"\
+    "EtmuT/beDA==\n"\
+    "-----END CERTIFICATE-----\n";
+
+/* Root cert from openssl s_client -connect google.com:443 -showcerts
+ */
+static const char *rsa2048_cert = "-----BEGIN CERTIFICATE-----\n"\
+    "MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT\n"\
+    "MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0\n"\
+    "aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw\n"\
+    "WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE\n"\
+    "AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"\
+    "CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m\n"\
+    "OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu\n"\
+    "T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c\n"\
+    "JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR\n"\
+    "Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz\n"\
+    "PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm\n"\
+    "aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM\n"\
+    "TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g\n"\
+    "LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO\n"\
+    "BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv\n"\
+    "dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB\n"\
+    "AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL\n"\
+    "NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W\n"\
+    "b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S\n"\
+    "-----END CERTIFICATE-----\n";
+
+
+/* Some random input bytes to public key encrypt */
+static const uint8_t pki_input[4096/8] = {
+    0, 1, 4, 6, 7, 9, 33, 103, 49, 11, 56, 211, 67, 92 };
+
+/* Result of an RSA4096 operation using cert's public key
+   (raw PKI, no padding/etc) */
+static const uint8_t pki_rsa4096_output[] = {
+    0x91, 0x87, 0xcd, 0x04, 0x80, 0x7c, 0x8b, 0x0b,
+    0x0c, 0xc0, 0x38, 0x37, 0x7a, 0xe3, 0x2c, 0x94,
+    0xea, 0xc4, 0xcb, 0x83, 0x2c, 0x77, 0x71, 0x14,
+    0x11, 0x85, 0x16, 0x61, 0xd3, 0x64, 0x2a, 0x0f,
+    0xf9, 0x6b, 0x45, 0x04, 0x66, 0x5d, 0x15, 0xf1,
+    0xcf, 0x69, 0x77, 0x90, 0xb9, 0x41, 0x68, 0xa9,
+    0xa6, 0xfd, 0x94, 0xdc, 0x6a, 0xce, 0xc7, 0xb6,
+    0x41, 0xd9, 0x44, 0x3c, 0x02, 0xb6, 0xc7, 0x26,
+    0xce, 0xec, 0x66, 0x21, 0xa8, 0xe8, 0xf4, 0xa9,
+    0x33, 0x4a, 0x6c, 0x28, 0x0f, 0x50, 0x30, 0x32,
+    0x28, 0x00, 0xbb, 0x2c, 0xc3, 0x44, 0x72, 0x31,
+    0x93, 0xd4, 0xde, 0x29, 0x6b, 0xfa, 0x31, 0xfd,
+    0x3a, 0x05, 0xc6, 0xb1, 0x28, 0x43, 0x57, 0x20,
+    0xf7, 0xf8, 0x13, 0x0c, 0x4a, 0x80, 0x00, 0xab,
+    0x1f, 0xe8, 0x88, 0xad, 0x56, 0xf2, 0xda, 0x5a,
+    0x50, 0xe9, 0x02, 0x09, 0x21, 0x2a, 0xfc, 0x82,
+    0x68, 0x34, 0xf9, 0x04, 0xa3, 0x25, 0xe1, 0x0f,
+    0xa8, 0x77, 0x29, 0x94, 0xb6, 0x9d, 0x5a, 0x08,
+    0x33, 0x8d, 0x27, 0x6a, 0xc0, 0x3b, 0xad, 0x91,
+    0x8a, 0x83, 0xa9, 0x2e, 0x48, 0xcd, 0x67, 0xa3,
+    0x3a, 0x35, 0x41, 0x85, 0xfa, 0x3f, 0x61, 0x1f,
+    0x80, 0xeb, 0xcd, 0x5a, 0xc5, 0x14, 0x7b, 0xab,
+    0x9c, 0x45, 0x11, 0xd2, 0x25, 0x9a, 0x16, 0xeb,
+    0x9c, 0xfa, 0xbe, 0x73, 0x18, 0xbd, 0x25, 0x8e,
+    0x99, 0x6d, 0xb3, 0xbc, 0xac, 0x2d, 0xa2, 0x53,
+    0xe8, 0x7c, 0x38, 0x1b, 0x7a, 0x75, 0xff, 0x76,
+    0x4f, 0x48, 0x5b, 0x39, 0x20, 0x5a, 0x7b, 0x82,
+    0xd3, 0x33, 0x33, 0x2a, 0xab, 0x6a, 0x7a, 0x42,
+    0x1d, 0x1f, 0xd1, 0x61, 0x58, 0xd7, 0x38, 0x52,
+    0xdf, 0xb0, 0x61, 0x98, 0x63, 0xb7, 0xa1, 0x4e,
+    0xdb, 0x9b, 0xcb, 0xb7, 0x85, 0xc4, 0x3e, 0x03,
+    0xe5, 0x59, 0x50, 0x28, 0x5a, 0x4d, 0x7f, 0x53,
+    0x2e, 0x99, 0x1d, 0x6d, 0x85, 0x27, 0x78, 0x34,
+    0x5e, 0xae, 0xc9, 0x1b, 0x37, 0x96, 0xde, 0x40,
+    0x87, 0x35, 0x3c, 0x1f, 0xe0, 0x8f, 0xfb, 0x3a,
+    0x58, 0x0e, 0x60, 0xe9, 0x06, 0xbd, 0x83, 0x03,
+    0x92, 0xde, 0x5e, 0x69, 0x28, 0xb1, 0x00, 0xeb,
+    0x44, 0xca, 0x3c, 0x49, 0x03, 0x10, 0xa8, 0x84,
+    0xa6, 0xbb, 0xd5, 0xda, 0x98, 0x8c, 0x6f, 0xa3,
+    0x0f, 0x39, 0xf3, 0xa7, 0x7d, 0xd5, 0x3b, 0xe2,
+    0x85, 0x12, 0xda, 0xa4, 0x4d, 0x80, 0x97, 0xcb,
+    0x11, 0xe0, 0x89, 0x90, 0xff, 0x5b, 0x72, 0x19,
+    0x59, 0xd1, 0x39, 0x23, 0x9f, 0xb0, 0x00, 0xe2,
+    0x45, 0x72, 0xc6, 0x9a, 0xbc, 0xe1, 0xd1, 0x51,
+    0x6b, 0x35, 0xd2, 0x49, 0xbf, 0xb6, 0xfe, 0xab,
+    0x09, 0xf7, 0x9d, 0xa4, 0x6e, 0x69, 0xb6, 0xf9,
+    0xde, 0xe3, 0x57, 0x0c, 0x1a, 0x96, 0xf1, 0xcc,
+    0x1c, 0x92, 0xdb, 0x44, 0xf4, 0x45, 0xfa, 0x8f,
+    0x87, 0xcf, 0xf4, 0xd2, 0xa1, 0xf8, 0x69, 0x18,
+    0xcf, 0xdc, 0xa0, 0x1f, 0xb0, 0x26, 0xad, 0x81,
+    0xab, 0xdf, 0x78, 0x18, 0xa2, 0x74, 0xba, 0x2f,
+    0xec, 0x70, 0xa2, 0x1f, 0x56, 0xee, 0xff, 0xc9,
+    0xfe, 0xb1, 0xe1, 0x9b, 0xea, 0x0e, 0x33, 0x14,
+    0x5f, 0x6e, 0xca, 0xee, 0x02, 0x56, 0x5a, 0x67,
+    0x42, 0x9a, 0xbf, 0x55, 0xc0, 0x0f, 0x8e, 0x01,
+    0x67, 0x63, 0x6e, 0xd1, 0x57, 0xf7, 0xf1, 0xc6,
+    0x92, 0x9e, 0xb5, 0x45, 0xe1, 0x50, 0x58, 0x94,
+    0x20, 0x90, 0x6a, 0x29, 0x2d, 0x4b, 0xd1, 0xb5,
+    0x68, 0x63, 0xb5, 0xe6, 0xd8, 0x6e, 0x84, 0x80,
+    0xad, 0xe6, 0x03, 0x1e, 0x51, 0xc2, 0xa8, 0x6d,
+    0x84, 0xec, 0x2d, 0x7c, 0x61, 0x02, 0xd1, 0xda,
+    0xf5, 0x94, 0xfa, 0x2d, 0xa6, 0xed, 0x89, 0x6a,
+    0x6a, 0xda, 0x07, 0x5d, 0x83, 0xfc, 0x43, 0x76,
+    0x7c, 0xca, 0x8c, 0x00, 0xfc, 0xb9, 0x2c, 0x23,
+};
+
+static const uint8_t pki_rsa3072_output[] = {
+    0x86, 0xc0, 0xe4, 0xa5, 0x4b, 0x45, 0xe4, 0xd4, 0x0f, 0xb7, 0xe3, 0x10, 0x4f, 0xea, 0x88, 0x91,
+    0x3d, 0xad, 0x43, 0x86, 0x90, 0xf0, 0xd8, 0xf0, 0x29, 0x21, 0xc7, 0x5c, 0x75, 0x49, 0x91, 0xce,
+    0xf8, 0x34, 0x91, 0xbd, 0x89, 0x61, 0xcf, 0x47, 0x0e, 0x4d, 0x3f, 0x29, 0xd1, 0x02, 0xa7, 0xa8,
+    0x8f, 0x6a, 0xda, 0x1a, 0xf2, 0xf1, 0x18, 0x92, 0x35, 0xf6, 0x0c, 0x07, 0x5a, 0x84, 0xfa, 0x65,
+    0xd3, 0x02, 0xe0, 0x53, 0x17, 0x5d, 0xf7, 0x45, 0x26, 0xcc, 0xf9, 0x26, 0xf5, 0x6a, 0x66, 0xbb,
+    0xef, 0x33, 0xcb, 0x03, 0x6e, 0x6a, 0x93, 0x6c, 0x2a, 0x27, 0xa7, 0xf7, 0x2c, 0xdc, 0x00, 0xdd,
+    0x98, 0x52, 0xfb, 0xce, 0x31, 0xe2, 0x96, 0x20, 0x98, 0x0a, 0xf4, 0x19, 0x0f, 0xbf, 0x22, 0xed,
+    0x37, 0xb2, 0x14, 0x10, 0x88, 0xa3, 0x6a, 0x43, 0x26, 0xb8, 0x54, 0xf1, 0xb8, 0xc6, 0x56, 0xb7,
+    0x89, 0x34, 0xc0, 0xba, 0xae, 0x38, 0x35, 0x2c, 0x13, 0x57, 0x7a, 0xa4, 0x4b, 0xf2, 0x21, 0x82,
+    0xf4, 0xea, 0x1a, 0x2c, 0xd8, 0x32, 0xe8, 0x5f, 0x37, 0x04, 0x52, 0x3d, 0xff, 0xc2, 0x85, 0x00,
+    0xd2, 0x8d, 0x84, 0x36, 0x61, 0x61, 0x7b, 0xea, 0x7c, 0x3d, 0xeb, 0x51, 0xea, 0xf2, 0x67, 0xc9,
+    0xb8, 0xa6, 0x98, 0x54, 0x3f, 0x5b, 0x8f, 0x1a, 0x8a, 0x93, 0x81, 0x05, 0xa3, 0x15, 0xf8, 0x54,
+    0x8f, 0x75, 0xe2, 0x01, 0xc3, 0x47, 0xc3, 0x8f, 0xc7, 0x6d, 0x04, 0xbc, 0x05, 0x88, 0xd9, 0x62,
+    0xcc, 0x14, 0xea, 0x30, 0x68, 0x73, 0xd5, 0xe5, 0x53, 0x7c, 0xb1, 0xa0, 0xe5, 0x6c, 0xd0, 0xa3,
+    0x07, 0x2a, 0x5e, 0x2a, 0x0f, 0x89, 0x39, 0xea, 0xf9, 0xf5, 0xfb, 0x3b, 0xee, 0x66, 0xd9, 0xd4,
+    0x04, 0x2d, 0x1b, 0xc9, 0xc2, 0x37, 0xc8, 0xa8, 0x71, 0xea, 0xa8, 0xf6, 0xe6, 0xc1, 0xdc, 0x5b,
+    0x70, 0x68, 0x89, 0xa5, 0x69, 0xc0, 0x7f, 0x15, 0x8b, 0x6d, 0xc6, 0x88, 0x41, 0x8b, 0x25, 0x8f,
+    0x2f, 0x5c, 0x81, 0x94, 0x1b, 0x8c, 0x52, 0x3f, 0xe5, 0x97, 0x6d, 0x4a, 0xc6, 0x42, 0x35, 0x0e,
+    0x59, 0xce, 0x00, 0x3c, 0x2b, 0x0f, 0x5a, 0xc5, 0x1b, 0x01, 0xf3, 0x02, 0x70, 0xb1, 0x88, 0xda,
+    0x7b, 0x5b, 0x4d, 0x3e, 0xd1, 0x15, 0x57, 0xc8, 0x39, 0x14, 0xff, 0x8d, 0x2b, 0x12, 0xf5, 0x5b,
+    0xaf, 0x78, 0x2e, 0x0b, 0xcd, 0x27, 0x83, 0xdb, 0x4e, 0xe1, 0x5d, 0xa5, 0xbd, 0xfe, 0x2b, 0x6e,
+    0x8b, 0x54, 0x7d, 0x14, 0x6f, 0x4d, 0xe1, 0x14, 0xc8, 0x30, 0x0e, 0x10, 0x23, 0x2a, 0xe1, 0xe5,
+    0xee, 0xa3, 0x69, 0x8d, 0xe2, 0x9a, 0xed, 0x0c, 0x23, 0x16, 0x8e, 0x95, 0xae, 0x1a, 0xa2, 0x28,
+    0x61, 0x25, 0xa2, 0x15, 0x74, 0xc4, 0xec, 0x6b, 0x73, 0xb2, 0x8c, 0xd2, 0x64, 0xfd, 0x2b, 0x92,
+};
+
+static const uint8_t pki_rsa2048_output[] = {
+    0x47, 0x0b, 0xe5, 0x8a, 0xcd, 0x2f, 0x78, 0x07,
+    0x69, 0x69, 0x70, 0xff, 0x81, 0xdf, 0x96, 0xf0,
+    0xed, 0x82, 0x3a, 0x3d, 0x46, 0xab, 0xe9, 0xc3,
+    0xb5, 0xd9, 0xca, 0xa2, 0x05, 0xa9, 0xf6, 0x6e,
+    0xad, 0x6c, 0xe0, 0xd1, 0xa2, 0xb4, 0xf2, 0x78,
+    0x4a, 0x93, 0xfc, 0x45, 0xe1, 0x9b, 0xdd, 0x62,
+    0xf9, 0x66, 0x2a, 0x14, 0x38, 0x12, 0xb6, 0x50,
+    0x0b, 0xe3, 0x53, 0x9c, 0x12, 0x56, 0xf1, 0xb7,
+    0x83, 0xd5, 0xf3, 0x24, 0x81, 0xcc, 0x5a, 0xeb,
+    0xec, 0xac, 0x68, 0xa8, 0x0c, 0xd7, 0x84, 0x7a,
+    0xbb, 0x77, 0x7b, 0xd5, 0x5b, 0xcf, 0x7b, 0x25,
+    0xd0, 0x75, 0x80, 0x21, 0x12, 0x97, 0x6b, 0xe1,
+    0xb6, 0x51, 0x12, 0x52, 0x6e, 0x01, 0x92, 0xb7,
+    0xcc, 0x70, 0x4b, 0x46, 0x11, 0x98, 0x5a, 0x84,
+    0x1c, 0x90, 0x45, 0x0f, 0x15, 0x77, 0xdb, 0x79,
+    0xe8, 0xff, 0x1f, 0xaa, 0x58, 0x95, 0xce, 0x3c,
+    0x65, 0x0c, 0x66, 0x29, 0xe1, 0x9c, 0x41, 0xbb,
+    0xde, 0x65, 0xb8, 0x29, 0x36, 0x94, 0xbd, 0x87,
+    0x93, 0x39, 0xc5, 0xeb, 0x49, 0x21, 0xc1, 0xeb,
+    0x48, 0xbd, 0x19, 0x13, 0x4d, 0x40, 0x90, 0x88,
+    0xc6, 0x12, 0xd9, 0xf7, 0xdd, 0xc8, 0x4f, 0x89,
+    0xc0, 0x91, 0xf8, 0xeb, 0xcf, 0xe3, 0x12, 0x17,
+    0x88, 0x9c, 0x88, 0xf4, 0xf5, 0xae, 0xf4, 0x15,
+    0xfe, 0x17, 0xf6, 0xa4, 0x74, 0x49, 0x02, 0x05,
+    0x11, 0x3b, 0x92, 0x25, 0x39, 0x2c, 0x4b, 0x08,
+    0x19, 0x76, 0x13, 0x8d, 0xf9, 0xda, 0xae, 0xdf,
+    0x30, 0xda, 0xcc, 0xbb, 0x3f, 0xb9, 0xb0, 0xd6,
+    0x5c, 0x78, 0x4b, 0x2b, 0x35, 0x51, 0x17, 0x48,
+    0xf5, 0xd4, 0x39, 0x7e, 0x05, 0x83, 0x68, 0x86,
+    0x44, 0x5f, 0x56, 0x1d, 0x2c, 0x53, 0xd3, 0x64,
+    0x3a, 0xb2, 0x0c, 0x4a, 0x85, 0xd6, 0x5b, 0x7e,
+    0xf9, 0xe9, 0x50, 0x29, 0x5d, 0x4f, 0xcc, 0xc9,
+};
+
+#ifdef CONFIG_MBEDTLS_HARDWARE_MPI
+/* Pregenerated RSA 4096 size keys using openssl */
+static const char privkey_4096_buf[] = "-----BEGIN RSA PRIVATE KEY-----\n"
+                                  "MIIJKAIBAAKCAgEA1blr9wfIzTylroJHxcoq+YFA765gF5vj9b6tfaPG0XQExSkjndHv5sra4ar7T+k2sBB4OcKKeGHkNk6wk8tGmOS79r2L74XZs1eB0UruG+huV7Sd+YiWzwN8y9jGImA9hIkf1qxIvkco5WTmT7cVwUnCQ7qiiVadD/LgyeGD04yKZpzv9UJzfjXz5ITTn/ejcn7423M9qz41nhRWwK4zw1jv7IB57d1dWOCbN3RO4dvfVndCz8DOmLzJrZAkLsz39vppbIwbMqTXKFxWqzZY2xrYmnMx9p3v4hLeju7ls3fsekESonoP0C76u50wJfZWO2XcIUo4pue/jHi2o9KouhLXW/vyasplXvE6FFrBjSpsm1Nar4KQMUolEkUbO9baGcQvH9G5WOH0kwPt7AOSqM2EUPvBd7Jv0tbMI/BRZVVltC/t6WhannCM/I6nZrlNe5tie/qYlFu474jp5/tpa8RykkDxwl9whejIqd4iQbvDiP/GXgBYtDJ9VU/S2KqHJhQFLDi+F3+ewOcF391fgt1e1J2vNYLKZOfxTOl/1vJbU/2IjRWTRQ7cXnmpR/GNCRfgH2as6Z/0oknBSVephguDnO5QlveP4Cx2EOVY/A/KgDpu8PumSrlIk+YQgLxdKsXaVI6eDY4rY7q2uCJH3yIAfZJXEeD+ResUuSZltvECAwEAAQKCAgBwR89+oipOGHR6b5tBP+q/1bXFtXhqLs3eBuSiQu5qj2cKJYi+mtJMD3paYDdTThQa/ywKPDf+8n6wQTrnCj32iQRupjnkBg/O9kQPLixVoRCHJy5vL+D6tLxVY3cEDEeFX3zIjQ5SWJQVn6KXcnoNZ7CVYHGPcV9mR5TsuntFImp7aituUBDY14NgJKABRFosBqS6tZpKYo5MlCbXZy1ujUTOnNhxrIAj9yvUQFhIs/hrNpB1ELf46gWSF03LAIesyvWjvx9yxcL7QzeNDyozQbFVwvsWsvaZcIxXzw4B8RjdSV5+2V2BY4z6D6SB7R50ahjxrEqC9PFe3PQmsL9OvFjV9idYwFOhxiWXGjIm3wwFFLOj3e0TShscj2Iw+Ghd3wApvSdBZxzdjap1NHC+Q6yYU+BnivxUHcopVPPM3rsLndyRC6zfrQw/OkOlAP3bNL1hRedPRmRDOz0V1ihEpgC1VfXx6XOu4eg8xWiJgWX+BGvT5GWjfQg2hB1Jm344r3l0eLhr25dO80GIac2QGT2+WmYkXcsQ3AiqAn2VF8UB5mU+Iyh96jmSFVVltGZgfp98yFYN63/7wB++lhVQmJZwbglutng1qjQBFslIULddIHiYvF+AVvkrO3Hc2zg8rT91tbE13k06A1zlNGcQuQKLax8e+2/BNjsZU2E4uQKCAQEA7L4obKWYRHgG6j1VEDRrQU8Vkm4L11B+ZD/rsEh3q7LbzViOPv+1dZ40jX2qYScWyaefI46bukJlk/mlNv4Dh3EnSFvHPCInDM3oImCYImwUx0hkbSRyRNwlwRwx81LJzIR84cCqpNWrXXcplomUSM62ea1E1vtNSZs9Bg2OLoWvFOTPgk/xDi6ezdb6JFiId6cARup/bmZ363mg8jCq0wpTLVdUGrezfMj4GpB1uQET5xqXleumQu/04cHPOfXwpV0ikIOId/ldY/PetiRd86B32aB2Xd4fHUpxHMY+63MFmL6SsqMQJMPubv+eIrOId4HhT+nXNFBZXolT5XG5NwKCAQEA5xvvccHNyCTL0AebxD6EihWnp0/Dd0DwXWxZw0Yhhc9xa/W/QtygB6kPb35oKGvCKdm4dWCIGln03dU5D6CMNkJlbkxpo8gybz34SJ/6OvU836rBLHZXE3Xiqbe5XkdMdarA7kTEhEUqekDXPxhws9dWh0YjtAnBPpm1GQppiykI2edkiIhRgju5ghe+/UjAjxrEgCKZeAODh46hwZHERRKQN2MFUOFcOVDq+2wTJem9r3h1uBQAiZn8PDyx0rlRkwH2dZSSauVW+I713N0JGucOV7FeMO0ebioqqckh0i91ZJNH//Io8Sp8WuBsU/vcP9jT+5BDkCbc71BRO/AFFwKCAQBj4a6oeA0QBhvUw9+ZoKQHv9f4GZnBU+KfZSCJFWn39NQrhMsu5S+n2gGOGJDDwHwqxB+uHsKxCMZWciM0WmMex6ytKJucUURscIsZxespyrPRiEdmjNPxHXiISt8AK9OcB+GwVVsphERygI35Rz5aoWv3VhUPJqNrBKXwYdO06Q3/ILIz5oprU1wIuER9BSU+ZiUFxnXRHEZIAN7Yj5Piyh5hqNCBHTQK17dlbcFdNokxHdUKmYth/l8wyFYnvA21lt+4XOY8x+aQ/xjde+ZvnSozlTGbVNWHxBqI61MsfzDDStQVrhpniIqWJh6PwXM4CIII9z2mgqfR7NqKmTptAoIBAQDTYQOigmZbFvyrayoXVi8XtTLAnv3jByxR5pY7OtvSbagJ3J1w5CYim4iYq39M6TKP4KkMApy5rWl/tFQabPeRcS0gsxc0TBmFEaMTme7fGgrxcFZ6+koubHZCUN5k0sWmIeWQiKlNaY2uf7vf49TBSMXFuGtTclCjlybCnnlmZMPJuhCDqFsUyNelm15+f5pPyWXM5NiFooEc7WIZj996Zb4uSo1EKruVWONzzqe814s9AOp60SCkuoiv97uVRxbLZNItPRSmXNktQmSx/CEl0AuYPYwvJ9HbZQncfTBH9ExlDyidernjyr4uyHGMZyJN614ICy0gncsZv9ZtAd1FAoIBAA4toGPU/VcKFmK92zgO05jsg5vJzw5xeoxRWKrLg7iby6Su6BuNgaVwfYWeZuOhnXakid7FvFXKH6x44o9gyFm5bKqFhaXDzAnxzqcLeM5V+gititOsstpZCbVOoKQOhgTHyxpFNVX3E/nB8EunydWyhQMxKme//NsRroFm1vWljQKyL3zER82AzyseEpEYZoB/6g0n5uF2lR7KllxeBlINsceQ8g3JkmJTdS1hoXcyUSsZ+EgrRbCykNB5aVC5G3/W1OSZsFHbbMrYHCMnaYKwMqLmOkb11o6nOrJJ4pgHj8CVcp2TNjfy3y0Ru6RZ42b0Q+3LktJBGu9r5d04FgI=\n"
+                                  "-----END RSA PRIVATE KEY-----";
+
+static const char privkey_2048_buf[] = "-----BEGIN RSA PRIVATE KEY-----\r\n"
+    "MIIEowIBAAKCAQEA8N8hdkemvj6Tpk975/OWhv9BrTsCBCu+ZYfDb5VI7U2meKBg\r\n"
+    "3dAkyyhRlY3fNwSRzBUMCzsHjpgnsB40wxOgiwlB9n6PMhq0qUVKAdCpKwFztsKd\r\n"
+    "JJAsCUC+Zlwxn4RpH6ZnMl3a/njRYjuDyI32kucMP/lBRo7ks1798Gy/j+x1h5xA\r\n"
+    "vZSlFoEXKjCC6S1DWhALePuZnk4m/jGP6g+YfyJXSTqsenKa/DcWndfn/JoElZ0J\r\n"
+    "nhud8lBXwVe6mMheE1yqfL+VTU1nwg/TPNZrZsFz2sXig/RQCKt6LuSuzhRpsLp+\r\n"
+    "BdwqEs9xrwlhZnp7j4kQBomISd6kAxQfYVROHQIDAQABAoIBAHgtO4rB8QWWPyCJ\r\n"
+    "I670r7OnA2OkvzrJgHMzq2SuvPX4+gfRLMM+qDzcXugZIrdWhk+maJ3p07lnXNXY\r\n"
+    "HEcAMedstQaA2n0LKfwSX/xL2TtlvBABRVoKvI3ZSaXUdcW60KBD69ULUsoICZ/T\r\n"
+    "Rcr4WX+t20TH3bOQc7ayvEwKVgE95xIUpTH9asw8uOPvKxW2j5OLQgZuWrWyUDg0\r\n"
+    "MFh92PhWtw3i5zq6OpTTsFJeceKYV/VstIYjZ+FslmhjQxJbr+2DJRbpHXKceqy6\r\n"
+    "9yWlSV0EM7neFCHlDa2WPhK8we+6IvMiNVQKj46fHGYNBaW/ZSX7TiG5J0Uqj2e9\r\n"
+    "0MUGJ8ECgYEA+frJabhfzW5+JfGjTObeznJZE6fAOjFzaBIwFu8Kz2mIjYpQlwVK\r\n"
+    "EepMkv2KkrJuqS4GnI+Nkq7G0BAUyUj9tTJ3HQzvtJrxsnxVi99Yofx1s1P4YAnu\r\n"
+    "c8t3ElJoQ4BRoQIs/hIvyYn22IxllBHiGESrnPQ38D82xyXQgd6S8JkCgYEA9qww\r\n"
+    "j7jx6Xpy/D1Dq8Dvalm7pz3J+yHnti4w2cqZ67grUoyGnNPtciNDdfi4JzLiKkUu\r\n"
+    "SDS3DacvFpFyND0m8sbpMjnR8Rvhj+bfH8KcOAowD+YR/+6vSb/P/aBt6gYXcaBn\r\n"
+    "cjepx+sE81mnC7UrHb4TjG4hO5t3ZTc6X28gyCUCgYAMZn9lSisecrO5SCJUp0M4\r\n"
+    "NH3stq6XdGqIKBbQnG0J2u9WLh1PUIjbGKdRx1f/bPCGXe0gCRL5yse7/IA7d+51\r\n"
+    "9ZnpDAI8EE+bDgXkWWD5MB/alHjGstdsURSICSR47L2f4g6/T8GlGr3vAg/r53My\r\n"
+    "xv1IXOkFdu1NtbeBKbxaSQKBgENDmw5mAVmIcXiFAEICn4ahp4EoYT6g9T2BhQKu\r\n"
+    "s6BKnU2qUj7Lr5ETOp8dzqGpx3B9Yux/q3cGotmFmd3S2x8SzJ5MlAoqbyy9aRSR\r\n"
+    "DeZeKNL9CuV+YcA7lOz1ZWOOe7AZbHwB38NLPBNb3CheI769iTkfAuLtNvabw8go\r\n"
+    "VokdAoGBALyvBhW+Squ5tx8NOEgAisakhAVOnT6jcoeKy6FyjcvKaWagmCOCC7Gz\r\n"
+    "QB9Yf1tJ+3di+aLtWWdmU494iKJHBtPMhfrYltCpxHHQGlUc/GLPY3Z5bBYYYWpb\r\n"
+    "Wzw4ZvDraKlAs7a9CRwS5cpktk5ptK4rc5noSXkvV+yOT75zXat2\r\n"
+    "-----END RSA PRIVATE KEY-----\r\n";
+
+static const char privkey_3072_buf[] = "-----BEGIN RSA PRIVATE KEY-----\r\n"
+    "MIIG4wIBAAKCAYEAoMPuYRnHVPP49qiPACIsYBLVuj8xH4XqAuXmurOyPPFfKSch\r\n"
+    "52dn97sXvfXQw6hj+iPBeMSzbSAompjx4mUHtwn2+EvyXjqUe8qtI0y12uzXgOr8\r\n"
+    "vdwNLJO1kTmUWxQIa/e6dZpiKcEYYZ6qWNUGVH9IiMB9HdIFLNIdCAAC+gsK+Q0w\r\n"
+    "OT2CwnGOoZ/PzOXHyfte9pJTDk6nQJDKVTBoOLgVcJoCLwctGf7VJ9YI9+YXJKvW\r\n"
+    "1ZYq8PXM8KAVE7KHN7KiskJxDLSR4xuplxdT//LIBJMRvxAEPYohe7QvejFjtQc6\r\n"
+    "WbEJxV/Y4vWHOb2PVGUHATNK2kQ7/N5HgEdxABgLrXQSkGfKKmWwoy/W5TVDS+qX\r\n"
+    "fR/7WeJa/2e2+ZZVSQtiXdrWSKdgEmVdmM43Aso5ppC2C5QBajHAw2MKMZwxLHbI\r\n"
+    "nhQJQMJdmRvXI8Kg/+WEgknxQLFWrRW4ss3wR+2KvZ0eynEuzHkQxtUAWB8xgNAH\r\n"
+    "Bch/tr+xq1g3DFNXAgMBAAECggGAFvaFiScWesLyb8D51AoNjpeCIb0+9gK5vzo5\r\n"
+    "b7eVIPFVJ1qolBYIGrGFnaOL8zaNOUB8NRTbkB3EzvhDrJPDu1hYB3VJpD330YrM\r\n"
+    "mjstypyD16049qGE3DYo/BpeX3gID+vtnTi1BsPHCMKSEGg1JEKeCLJ97JGAHbvR\r\n"
+    "W8AsrKyBH7vLhJGNqNpxhhJ+qwSzOd2G3e9en6+KYkWMMQjeCiP5JAFLiI4c2ha1\r\n"
+    "OaBv3YDnE1zcLdvqPErPwBsNh6e7QLYbEvQj5mZ84/kCbrwFy//+Bf7to0u6weOy\r\n"
+    "8E1HU8UKdJfWsKwh+5BGDnKs8qgVQWJdPJWy25PVgkzp0ZnSKzp2AddMCrI2YHRM\r\n"
+    "Q+G+9bET/D96y7/08EAobDdXCplcPeOVb8ETbQTNTrHJibUCB4fqkN8tR2ZZTQ1F\r\n"
+    "axhmHDThsVFqWk+629j8c6XOQbx2dvzb7YfLK06ShiBcD0V6E7VFXHzR+x/xA9ir\r\n"
+    "zUcgLt9zvzj9puxlkhtzBZKcF3nBAoHBANCtY4NDnFoO+QUS59iz9hsoPAe8+S+U\r\n"
+    "PkvMSN7iziUkiXbXjQsr0v/PLHCuuXRyARBORaI4moLxzbTA1l1C+gBulI29j9zH\r\n"
+    "GwNnl587u5VCpbzuzr5YwHtp85Y1la2/ti+x0Qaw5uoa8G2TqoU4V6SG0qwinQl2\r\n"
+    "9mdNZzVmIBMbE0tTTTzc+CRIPBl9lRQR3Ff3o6eUs6uPE6g1lGZR1ydb2MLBM/wV\r\n"
+    "NgUUf7L5h/s8abrRjS+dnPmtxNgrRZQe9wKBwQDFOQyBzD3xkBgTSFQkU8OgNZyW\r\n"
+    "gNYglE1vLA+wv49NVAErHfKzYf/yw3fkYLDo9JfTJ3KckU6J815VnPXJFNMvjr2J\r\n"
+    "ExXG2JSbZHeUBRgExLU0iFlhQaxbAhuJ6PDrkGy+1ZtsJxYCPpifyNwjkZ0QKQlf\r\n"
+    "n3SwTMXIp0wd80FXVSwKPSuWUlrhByBcJDVwdCIeD8Oi9DrmVe0E9fXDboY2HARb\r\n"
+    "cgrN3n9jnEF/asIsfaHg8EI2z/EVC+C1mHuZdqECgcA5d4ZwH65vHrB1NT+j7etY\r\n"
+    "jzv45ZG6CJkfRqLKvqsGj4lLsRCmgusYh3U1kuh/qOWiF+wVQIFMjkqX/IMMK+Wt\r\n"
+    "OMawQgPcSPind1/J+ikucawy25ET2l0nn4X1V8xgjOsfN1jY/t6YmdKcWo4bIekA\r\n"
+    "5iAeR2n3sUsqJ6bEjdtHZ61okQg0OqYbV8k1O+BSJpkHoKrw+4J/PGetaxPzGZam\r\n"
+    "wCRxfcNTKIQ34e1I3G8WQQzc5dh7xGv2VmRfI4uFvwECgcEAuNGAVfZ3KfNVjGRg\r\n"
+    "bXaNwYncBvIPN5KiigbpYUHyYY3SVnyHHvE8cFwa80plHrlvubGi5vQIfKAzC9m+\r\n"
+    "PsSkL1H9bgITizcU9BYPNQgc/QL1qJgJ4mkvwk1UT0Wa17WNIrx8HLr4Ffxg/IO3\r\n"
+    "QCHJ5QX/wbtlF32qbyHP49U8q0GmtqWiPglJHs2V1qMb7Rj3i+JL/F4RAB8PsXFo\r\n"
+    "8M6XOQfCUYuqckgKaudYPbZm5liJJYkhE8qD6qwp1SNi2GphAoHABjUL8DTHgBWn\r\n"
+    "sr9/XQyornm0sruHcwr7SmGqIJ/hZUUYd4UfDW76e8SjvhRQ7nkpR3f4+LEBCqaJ\r\n"
+    "LDJDhg+6AColwKaWRWV9M1GXHhVD4vaTM46JAvH9wbhmJDUORHq8viyHlwO9QKpK\r\n"
+    "iHE/MtcYb5QBGP5md5wc8LY1lcQazDsJMLlcYNk6ZICNWWrcc2loG4VeOERpHU02\r\n"
+    "6AsKaaMGqBp/T9wYwFPUzk1i+jWCu66xfCYKvEubNdxT/R5juXrd\r\n"
+    "-----END RSA PRIVATE KEY-----\r\n";
+
+#endif
+
+_Static_assert(sizeof(pki_rsa2048_output) == 2048/8, "rsa2048 output is wrong size");
+_Static_assert(sizeof(pki_rsa3072_output) == 3072/8, "rsa3072 output is wrong size");
+_Static_assert(sizeof(pki_rsa4096_output) == 4096/8, "rsa4096 output is wrong size");
+
+void mbedtls_mpi_printf(const char *name, const mbedtls_mpi *X);
+
+
+static void test_cert(const char *cert, const uint8_t *expected_output, size_t output_len);
+
+TEST_CASE("mbedtls RSA4096 cert", "[mbedtls]")
+{
+
+    test_cert(rsa4096_cert, pki_rsa4096_output, 4096/8);
+}
+
+TEST_CASE("mbedtls RSA3072 cert", "[mbedtls]")
+{
+
+    test_cert(rsa3072_cert, pki_rsa3072_output, 3072/8);
+}
+
+TEST_CASE("mbedtls RSA2048 cert", "[mbedtls]")
+{
+    test_cert(rsa2048_cert, pki_rsa2048_output, 2048/8);
+}
+
+static void test_cert(const char *cert, const uint8_t *expected_output, size_t output_len)
+{
+    mbedtls_x509_crt crt;
+    mbedtls_rsa_context *rsa;
+    char buf[output_len];
+    int res;
+
+    bzero(buf, output_len);
+
+    mbedtls_x509_crt_init(&crt);
+
+    TEST_ASSERT_EQUAL_HEX16_MESSAGE(0,
+                                    -mbedtls_x509_crt_parse(&crt,
+                                                            (const uint8_t *)cert,
+                                                            strlen(cert)+1),
+                                    "parse cert");
+
+    rsa = mbedtls_pk_rsa(crt.pk);
+    TEST_ASSERT_NOT_NULL(rsa);
+
+    res = mbedtls_rsa_check_pubkey(rsa);
+    TEST_ASSERT_EQUAL_HEX16_MESSAGE(0,
+                                    -res,
+                                    "check cert pubkey");
+
+    mbedtls_x509_crt_info(buf, sizeof(buf), "", &crt);
+    puts(buf);
+
+    res = mbedtls_rsa_public(rsa, pki_input, (uint8_t *)buf);
+    if (res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + MBEDTLS_ERR_RSA_PUBLIC_FAILED) {
+        mbedtls_x509_crt_free(&crt);
+        TEST_IGNORE_MESSAGE("Hardware does not support this key length");
+    }
+
+    TEST_ASSERT_EQUAL_HEX16_MESSAGE(0,
+                                    -res,
+                                    "RSA PK operation");
+
+    /*
+    // Dump buffer for debugging
+    for(int i = 0; i < output_len; i++) {
+        printf("0x%02x, ", buf[i]);
+    }
+    printf("\n");
+    */
+
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_output, buf, output_len);
+
+    mbedtls_x509_crt_free(&crt);
+}
+
+#ifdef CONFIG_MBEDTLS_HARDWARE_MPI
+static void rsa_key_operations(int keysize, bool check_performance, bool generate_new_rsa);
+
+static int myrand(void *rng_state, unsigned char *output, size_t len)
+{
+    size_t olen;
+    return mbedtls_hardware_poll(rng_state, output, len, &olen);
+}
+
+#ifdef PRINT_DEBUG_INFO
+static void print_rsa_details(mbedtls_rsa_context *rsa)
+{
+    mbedtls_mpi X[5];
+    for (int i=0; i<5; ++i) {
+        mbedtls_mpi_init( &X[i] );
+    }
+
+    if (0 == mbedtls_rsa_export(rsa, &X[0], &X[1], &X[2], &X[3], &X[4])) {
+        for (int i=0; i<5; ++i) {
+            mbedtls_mpi_printf((char*)"N\0P\0Q\0D\0E" + 2*i, &X[i]);
+            mbedtls_mpi_free( &X[i] );
+        }
+    }
+}
+#endif
+
+#if CONFIG_FREERTOS_SMP // IDF-5260
+TEST_CASE("test performance RSA key operations", "[bignum][timeout=60]")
+#else
+TEST_CASE("test performance RSA key operations", "[bignum]")
+#endif
+{
+    /** NOTE:
+    * For ESP32-S3, CONFIG_ESP_CONSOLE_SECONDARY_USB_SERIAL_JTAG is enabled
+    * by default; allocating a lock of 92 bytes, which is never freed.
+    *
+    * MR !18574 adds the MPI crypto lock for S3 increasing the leakage by
+    * 92 bytes. This caused the RSA UT to fail with a leakage more than
+    * 1024 bytes.
+    *
+    * The allocations made by ESP32-S2 (944 bytes) and ESP32-S3 are the same,
+    * except for the JTAG lock (92 + 944 > 1024).
+    */
+    TEST_ESP_OK(test_utils_set_leak_level(1088, ESP_LEAK_TYPE_CRITICAL, ESP_COMP_LEAK_GENERAL));
+    for (int keysize = 2048; keysize <= SOC_RSA_MAX_BIT_LEN; keysize += 1024) {
+        rsa_key_operations(keysize, true, false);
+    }
+}
+
+#if CONFIG_FREERTOS_SMP // IDF-5260
+TEST_CASE("test RSA-3072 calculations", "[bignum][timeout=60]")
+#else
+TEST_CASE("test RSA-3072 calculations", "[bignum]")
+#endif
+{
+    // use pre-genrated keys to make the test run a bit faster
+    rsa_key_operations(3072, false, false);
+}
+
+#if CONFIG_FREERTOS_SMP // IDF-5260
+TEST_CASE("test RSA-2048 calculations", "[bignum][timeout=60]")
+#else
+TEST_CASE("test RSA-2048 calculations", "[bignum]")
+#endif
+{
+    // use pre-genrated keys to make the test run a bit faster
+    rsa_key_operations(2048, false, false);
+}
+
+#if CONFIG_FREERTOS_SMP // IDF-5260
+TEST_CASE("test RSA-4096 calculations", "[bignum][timeout=60]")
+#else
+TEST_CASE("test RSA-4096 calculations", "[bignum]")
+#endif
+{
+    // use pre-genrated keys to make the test run a bit faster
+    rsa_key_operations(4096, false, false);
+}
+
+
+static void rsa_key_operations(int keysize, bool check_performance, bool generate_new_rsa)
+{
+    mbedtls_pk_context clientkey;
+    mbedtls_rsa_context rsa;
+    unsigned char orig_buf[4096 / 8];
+    unsigned char encrypted_buf[4096 / 8];
+    unsigned char decrypted_buf[4096 / 8];
+    int res = 0;
+
+    printf("First, orig_buf is encrypted by the public key, and then decrypted by the private key\n");
+    printf("keysize=%d check_performance=%d generate_new_rsa=%d\n", keysize, check_performance, generate_new_rsa);
+
+    memset(orig_buf, 0xAA, sizeof(orig_buf));
+    orig_buf[0] = 0; // Ensure that orig_buf is smaller than rsa.N
+    if (generate_new_rsa) {
+        mbedtls_rsa_init(&rsa);
+        TEST_ASSERT_EQUAL(0, mbedtls_rsa_gen_key(&rsa, myrand, NULL, keysize, 65537));
+    } else {
+        mbedtls_pk_init(&clientkey);
+
+        switch(keysize) {
+        case 4096:
+            res = mbedtls_pk_parse_key(&clientkey, (const uint8_t *)privkey_4096_buf, sizeof(privkey_4096_buf), NULL, 0, myrand, NULL);
+            break;
+        case 3072:
+            res = mbedtls_pk_parse_key(&clientkey, (const uint8_t *)privkey_3072_buf, sizeof(privkey_3072_buf), NULL, 0, myrand, NULL);
+            break;
+        case 2048:
+            res = mbedtls_pk_parse_key(&clientkey, (const uint8_t *)privkey_2048_buf, sizeof(privkey_2048_buf), NULL, 0, myrand, NULL);
+            break;
+        default:
+            TEST_FAIL_MESSAGE("unsupported keysize, pass generate_new_rsa=true or update test");
+        }
+
+        TEST_ASSERT_EQUAL_HEX16(0, -res);
+
+        memcpy(&rsa, mbedtls_pk_rsa(clientkey), sizeof(mbedtls_rsa_context));
+    }
+
+#ifdef PRINT_DEBUG_INFO
+    print_rsa_details(&rsa);
+#endif
+
+    TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(len) * 8);
+    TEST_ASSERT_EQUAL(keysize, (int)rsa.MBEDTLS_PRIVATE(D).MBEDTLS_PRIVATE(n) * sizeof(mbedtls_mpi_uint) * 8); // The private exponent
+
+#ifdef SOC_CCOMP_TIMER_SUPPORTED
+    int public_perf, private_perf;
+    ccomp_timer_start();
+    res = mbedtls_rsa_public(&rsa, orig_buf, encrypted_buf);
+    public_perf = ccomp_timer_stop();
+
+    if (res == MBEDTLS_ERR_MPI_NOT_ACCEPTABLE + MBEDTLS_ERR_RSA_PUBLIC_FAILED) {
+        mbedtls_rsa_free(&rsa);
+        TEST_IGNORE_MESSAGE("Hardware does not support this key length");
+    }
+    TEST_ASSERT_EQUAL_HEX16(0, -res);
+
+    ccomp_timer_start();
+    res =  mbedtls_rsa_private(&rsa, myrand, NULL, encrypted_buf, decrypted_buf);
+    private_perf = ccomp_timer_stop();
+    TEST_ASSERT_EQUAL_HEX16(0, -res);
+
+    if (check_performance && keysize == 2048) {
+        TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_2048KEY_PUBLIC_OP, "%d us", public_perf);
+        TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_2048KEY_PRIVATE_OP, "%d us", private_perf);
+    } else if (check_performance && keysize == 4096) {
+        TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PUBLIC_OP, "%d us", public_perf);
+        TEST_PERFORMANCE_CCOMP_LESS_THAN(RSA_4096KEY_PRIVATE_OP, "%d us", private_perf);
+    }
+#else
+    res = mbedtls_rsa_public(&rsa, orig_buf, encrypted_buf);
+    TEST_ASSERT_EQUAL_HEX16(0, -res);
+    res =  mbedtls_rsa_private(&rsa, myrand, NULL, encrypted_buf, decrypted_buf);
+    TEST_ASSERT_EQUAL_HEX16(0, -res);
+    TEST_IGNORE_MESSAGE("Performance check skipped! (soc doesn't support ccomp timer)");
+#endif
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(orig_buf, decrypted_buf, keysize / 8, "RSA operation");
+
+    mbedtls_rsa_free(&rsa);
+}
+
+
+TEST_CASE("mbedtls RSA Generate Key", "[mbedtls][timeout=60]")
+{
+
+    mbedtls_rsa_context ctx;
+    mbedtls_entropy_context entropy;
+    mbedtls_ctr_drbg_context ctr_drbg;
+
+    const unsigned int key_size = 2048;
+    const int exponent = 65537;
+
+#if CONFIG_MBEDTLS_MPI_USE_INTERRUPT && CONFIG_ESP_TASK_WDT_EN && !CONFIG_ESP_TASK_WDT_INIT
+    /* Check that generating keys doesnt starve the watchdog if interrupt-based driver is used */
+    esp_task_wdt_config_t twdt_config = {
+        .timeout_ms = 1000,
+        .idle_core_mask = (1 << 0), // Watch core 0 idle
+        .trigger_panic = true,
+    };
+    TEST_ASSERT_EQUAL(ESP_OK, esp_task_wdt_init(&twdt_config));
+#endif // CONFIG_MBEDTLS_MPI_USE_INTERRUPT && CONFIG_ESP_TASK_WDT_EN && !CONFIG_ESP_TASK_WDT_INIT
+
+    mbedtls_rsa_init(&ctx);
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+
+    mbedtls_entropy_init(&entropy);
+    TEST_ASSERT_FALSE( mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0) );
+
+    TEST_ASSERT_FALSE( mbedtls_rsa_gen_key(&ctx, mbedtls_ctr_drbg_random, &ctr_drbg, key_size, exponent) );
+
+    mbedtls_rsa_free(&ctx);
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+    mbedtls_entropy_free(&entropy);
+
+#if CONFIG_MBEDTLS_MPI_USE_INTERRUPT && CONFIG_ESP_TASK_WDT_EN && !CONFIG_ESP_TASK_WDT_INIT
+    TEST_ASSERT_EQUAL(ESP_OK, esp_task_wdt_deinit());
+#endif // CONFIG_MBEDTLS_MPI_USE_INTERRUPT && CONFIG_ESP_TASK_WDT_EN && !CONFIG_ESP_TASK_WDT_INIT
+
+}
+
+#endif // CONFIG_MBEDTLS_HARDWARE_MPI

components/mbedtls/test_apps/main/test_sha.c

@@ -0,0 +1,137 @@
+/*
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "esp_types.h"
+#include "esp_log.h"
+#include "ccomp_timer.h"
+#include "esp_heap_caps.h"
+#include "idf_performance.h"
+#include "esp_private/esp_clk.h"
+
+#include "soc/soc_caps.h"
+
+#include "unity.h"
+#include "test_utils.h"
+#include "mbedtls/sha1.h"
+#include "mbedtls/sha256.h"
+
+#if SOC_SHA_SUPPORT_SHA512
+#include "mbedtls/sha512.h"
+#endif
+
+#include "sha/sha_parallel_engine.h"
+
+/* Note: Most of the SHA functions are called as part of mbedTLS, so
+are tested as part of mbedTLS tests. Only esp_sha() is different.
+*/
+
+#define TAG "sha_test"
+
+TEST_CASE("Test esp_sha()", "[hw_crypto]")
+{
+    const size_t BUFFER_SZ = 32 * 1024 + 6; // NB: not an exact multiple of SHA block size
+
+    int64_t elapsed;
+    uint32_t us_sha1;
+    uint8_t sha1_result[20] = { 0 };
+
+#if SOC_SHA_SUPPORT_SHA512
+    uint32_t us_sha512;
+    uint8_t sha512_result[64] = { 0 };
+#endif
+
+    void *buffer = heap_caps_malloc(BUFFER_SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL);
+    TEST_ASSERT_NOT_NULL(buffer);
+    memset(buffer, 0xEE, BUFFER_SZ);
+
+    const uint8_t sha1_expected[20] = { 0xc7, 0xbb, 0xd3, 0x74, 0xf2, 0xf6, 0x20, 0x86,
+                                        0x61, 0xf4, 0x50, 0xd5, 0xf5, 0x18, 0x44, 0xcc,
+                                        0x7a, 0xb7, 0xa5, 0x4a };
+#if SOC_SHA_SUPPORT_SHA512
+    const uint8_t sha512_expected[64] = { 0xc7, 0x7f, 0xda, 0x8c, 0xb3, 0x58, 0x14, 0x8a,
+                                          0x52, 0x3b, 0x46, 0x04, 0xc0, 0x85, 0xc5, 0xf0,
+                                          0x46, 0x64, 0x14, 0xd5, 0x96, 0x7a, 0xa2, 0x80,
+                                          0x20, 0x9c, 0x04, 0x27, 0x7d, 0x3b, 0xf9, 0x1f,
+                                          0xb2, 0xa3, 0x45, 0x3c, 0xa1, 0x6a, 0x8d, 0xdd,
+                                          0x35, 0x5e, 0x35, 0x57, 0x76, 0x22, 0x74, 0xd8,
+                                          0x1e, 0x07, 0xc6, 0xa2, 0x9e, 0x3b, 0x65, 0x75,
+                                          0x80, 0x7d, 0xe6, 0x6e, 0x47, 0x61, 0x2c, 0x94 };
+#endif
+
+    ccomp_timer_start();
+    esp_sha(SHA1, buffer, BUFFER_SZ, sha1_result);
+    elapsed = ccomp_timer_stop();
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(sha1_expected, sha1_result, sizeof(sha1_expected));
+    us_sha1 = elapsed;
+    ESP_LOGI(TAG, "esp_sha() 32KB SHA1 in %u us", us_sha1);
+
+#if SOC_SHA_SUPPORT_SHA512
+    ccomp_timer_start();
+    esp_sha(SHA2_512, buffer, BUFFER_SZ, sha512_result);
+    elapsed = ccomp_timer_stop();
+    TEST_ASSERT_EQUAL_HEX8_ARRAY(sha512_expected, sha512_result, sizeof(sha512_expected));
+
+    us_sha512 = elapsed;
+    ESP_LOGI(TAG, "esp_sha() 32KB SHA512 in %u us", us_sha512);
+#endif
+
+    free(buffer);
+
+    TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA1_32KB, "%dus", us_sha1);
+
+#if SOC_SHA_SUPPORT_SHA512
+    TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA512_32KB, "%dus", us_sha512);
+#endif
+}
+
+TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
+{
+    const void* ptr;
+    spi_flash_mmap_handle_t handle;
+    uint8_t sha1_espsha[20] = { 0 };
+    uint8_t sha1_mbedtls[20] = { 0 };
+    uint8_t sha256_espsha[32] = { 0 };
+    uint8_t sha256_mbedtls[32] = { 0 };
+
+#if SOC_SHA_SUPPORT_SHA512
+    uint8_t sha512_espsha[64] = { 0 };
+    uint8_t sha512_mbedtls[64] = { 0 };
+#endif
+
+    const size_t LEN = 1024 * 1024;
+
+    /* mmap() 1MB of flash, we don't care what it is really */
+    esp_err_t err = spi_flash_mmap(0x0, LEN, SPI_FLASH_MMAP_DATA, &ptr, &handle);
+
+    TEST_ASSERT_EQUAL_HEX32(ESP_OK, err);
+    TEST_ASSERT_NOT_NULL(ptr);
+
+    /* Compare esp_sha() result to the mbedTLS result, should always be the same */
+
+    esp_sha(SHA1, ptr, LEN, sha1_espsha);
+    int r = mbedtls_sha1(ptr, LEN, sha1_mbedtls);
+    TEST_ASSERT_EQUAL(0, r);
+
+    esp_sha(SHA2_256, ptr, LEN, sha256_espsha);
+    r = mbedtls_sha256(ptr, LEN, sha256_mbedtls, 0);
+    TEST_ASSERT_EQUAL(0, r);
+
+#if SOC_SHA_SUPPORT_SHA512
+    esp_sha(SHA2_512, ptr, LEN, sha512_espsha);
+    r = mbedtls_sha512(ptr, LEN, sha512_mbedtls, 0);
+    TEST_ASSERT_EQUAL(0, r);
+#endif
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match");
+
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match");
+
+#if SOC_SHA_SUPPORT_SHA512
+    TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_espsha, sha512_mbedtls, sizeof(sha512_espsha), "SHA512 results should match");
+#endif
+}

components/mbedtls/test_apps/main/test_sha_perf.c

@@ -0,0 +1,62 @@
+/*
+ * SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/*
+ * mbedTLS SHA performance test
+ */
+#include <stdio.h>
+#include <stdbool.h>
+#include <string.h>
+#include "mbedtls/sha256.h"
+#include "unity.h"
+#include "sdkconfig.h"
+#include "esp_heap_caps.h"
+#include "test_utils.h"
+#include "ccomp_timer.h"
+#include "test_mbedtls_utils.h"
+
+TEST_CASE("mbedtls SHA performance", "[aes]")
+{
+    const unsigned CALLS = 256;
+    const unsigned CALL_SZ = 16 * 1024;
+    mbedtls_sha256_context sha256_ctx;
+    float elapsed_usec;
+    unsigned char sha256[32];
+
+    // allocate internal memory
+    uint8_t *buf = heap_caps_malloc(CALL_SZ, MALLOC_CAP_DMA | MALLOC_CAP_8BIT | MALLOC_CAP_INTERNAL);
+    TEST_ASSERT_NOT_NULL(buf);
+    memset(buf, 0x55, CALL_SZ);
+
+    mbedtls_sha256_init(&sha256_ctx);
+    ccomp_timer_start();
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_starts(&sha256_ctx, false));
+    for (int c = 0; c < CALLS; c++) {
+        TEST_ASSERT_EQUAL(0, mbedtls_sha256_update(&sha256_ctx, buf, CALL_SZ));
+    }
+    TEST_ASSERT_EQUAL(0, mbedtls_sha256_finish(&sha256_ctx, sha256));
+    elapsed_usec = ccomp_timer_stop();
+
+    free(buf);
+    mbedtls_sha256_free(&sha256_ctx);
+
+    /* Check the result. Reference value can be calculated using:
+     * dd if=/dev/zero bs=$((16*1024)) count=256 | tr '\000' '\125' | sha256sum
+     */
+    const char *expected_hash = "c88df2638fb9699abaad05780fa5e0fdb6058f477069040eac8bed3231286275";
+    char hash_str[sizeof(sha256) * 2 + 1];
+    utils_bin2hex(hash_str, sizeof(hash_str), sha256, sizeof(sha256));
+
+    TEST_ASSERT_EQUAL_STRING(expected_hash, hash_str);
+
+    // bytes/usec = MB/sec
+    float mb_sec = (CALL_SZ * CALLS) / elapsed_usec;
+    printf("SHA256 rate %.3fMB/sec\n", mb_sec);
+#ifdef CONFIG_MBEDTLS_HARDWARE_SHA
+    // Don't put a hard limit on software SHA performance
+    TEST_PERFORMANCE_CCOMP_GREATER_THAN(SHA256_THROUGHPUT_MBSEC, "%.3fMB/sec", mb_sec);
+#endif
+}

components/mbedtls/test_apps/pytest_mbedtls_ut.py

@@ -0,0 +1,64 @@
+# SPDX-FileCopyrightText: 2022 Espressif Systems (Shanghai) CO LTD
+# SPDX-License-Identifier: CC0-1.0
+
+import pytest
+from pytest_embedded import Dut
+
+
+@pytest.mark.supported_targets
+@pytest.mark.generic
+def test_mbedtls(dut: Dut) -> None:
+    dut.expect_exact('Press ENTER to see the list of tests')
+    dut.write('*')
+    dut.expect_unity_test_output(timeout=120)
+
+
+@pytest.mark.esp32
+@pytest.mark.esp32s2
+@pytest.mark.esp32s3
+@pytest.mark.esp32c3
+@pytest.mark.generic
+@pytest.mark.parametrize(
+    'config',
+    [
+        'aes_no_hw',
+    ],
+    indirect=True,
+)
+def test_mbedtls_aes_no_hw(dut: Dut) -> None:
+    dut.expect_exact('Press ENTER to see the list of tests')
+    dut.write('*')
+    dut.expect_unity_test_output(timeout=120)
+
+
+@pytest.mark.esp32
+@pytest.mark.esp32s2
+@pytest.mark.esp32s3
+@pytest.mark.generic
+@pytest.mark.parametrize(
+    'config',
+    [
+        'psram',
+    ],
+    indirect=True,
+)
+def test_mbedtls_psram(dut: Dut) -> None:
+    dut.expect_exact('Press ENTER to see the list of tests')
+    dut.write('*')
+    dut.expect_unity_test_output(timeout=120)
+
+
+@pytest.mark.esp32
+@pytest.mark.generic
+@pytest.mark.parametrize(
+    'config',
+    [
+        'psram_esp32',
+        'psram_all_ext',
+    ],
+    indirect=True,
+)
+def test_mbedtls_psram_esp32(dut: Dut) -> None:
+    dut.expect_exact('Press ENTER to see the list of tests')
+    dut.write('*')
+    dut.expect_unity_test_output(timeout=120)

components/mbedtls/test_apps/sdkconfig.ci.aes_no_hw

@@ -0,0 +1,2 @@
+CONFIG_MBEDTLS_HARDWARE_AES=n
+CONFIG_MBEDTLS_MPI_USE_INTERRUPT=n

components/mbedtls/test_apps/sdkconfig.ci.psram

@@ -0,0 +1 @@
+CONFIG_SPIRAM=y

components/mbedtls/test_apps/sdkconfig.ci.psram_all_ext

@@ -0,0 +1,4 @@
+CONFIG_SPIRAM=y
+CONFIG_ESP_INT_WDT_TIMEOUT_MS=800
+CONFIG_SPIRAM_ALLOW_STACK_EXTERNAL_MEMORY=y
+CONFIG_SPIRAM_MALLOC_ALWAYSINTERNAL=0

components/mbedtls/test_apps/sdkconfig.ci.psram_esp32

@@ -0,0 +1,3 @@
+CONFIG_SPIRAM=y
+CONFIG_ESP_INT_WDT_TIMEOUT_MS=800
+CONFIG_SPIRAM_ALLOW_STACK_EXTERNAL_MEMORY=y

components/mbedtls/test_apps/sdkconfig.defaults

@@ -0,0 +1,9 @@
+# General options for additional checks
+CONFIG_HEAP_POISONING_COMPREHENSIVE=y
+CONFIG_COMPILER_WARN_WRITE_STRINGS=y
+CONFIG_BOOTLOADER_LOG_LEVEL_WARN=y
+CONFIG_FREERTOS_WATCHPOINT_END_OF_STACK=y
+CONFIG_COMPILER_STACK_CHECK_MODE_STRONG=y
+CONFIG_COMPILER_STACK_CHECK=y
+
+CONFIG_ESP_TASK_WDT=n

components/mbedtls/test_apps/sdkconfig.defaults.esp32

@@ -0,0 +1,3 @@
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
+CONFIG_XTAL_FREQ_AUTO=y
+CONFIG_SPI_FLASH_SHARE_SPI1_BUS=y

components/mbedtls/test_apps/sdkconfig.defaults.esp32c2

@@ -0,0 +1,2 @@
+CONFIG_ESP_SYSTEM_MEMPROT_FEATURE=n
+CONFIG_ESPTOOLPY_FLASHSIZE_2MB=y

components/mbedtls/test_apps/sdkconfig.defaults.esp32c3

@@ -0,0 +1 @@
+CONFIG_ESP_SYSTEM_MEMPROT_FEATURE=n

components/mbedtls/test_apps/sdkconfig.defaults.esp32s2

@@ -0,0 +1,2 @@
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
+CONFIG_ESP_SYSTEM_MEMPROT_FEATURE=n

components/mbedtls/test_apps/sdkconfig.defaults.esp32s3

@@ -0,0 +1,2 @@
+CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240=y
+CONFIG_ESP_SYSTEM_MEMPROT_FEATURE=n