AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Split multipart AEAD contexts into two parts

Browse Source 
Split to data required for internal implementation and data required for
driver implementation with data left over for the PSA layer.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2021-05-10 18:19:46 +01:00
parent 2df40057b3
commit cbbde5f28c
8 changed files with 321 additions and 183 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
include/psa/crypto_builtin_primitives.h
View File

@ -118,6 +118,62 @@ typedef struct {
#define MBEDTLS_PSA_CIPHER_OPERATION_INIT {0, 0, 0, {0}}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CCM) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
#define MBEDTLS_PSA_BUILTIN_AEAD 1
#endif
/* Context structure for the Mbed TLS cipher implementation. */
typedef struct
{
psa_algorithm_t alg;
psa_key_type_t key_type;
unsigned int lengths_set : 1;
unsigned int is_encrypt : 1;
unsigned int ad_started : 1;
unsigned int body_started : 1;
uint8_t tag_length;
uint8_t nonce_length;
size_t ad_remaining;
size_t body_remaining;
/* Buffers for AD/data - only required until CCM gets proper multipart
support. */
uint8_t *ad_buffer;
size_t ad_length;
uint8_t *body_buffer;
size_t body_length;
uint8_t *tag_buffer;
/* buffer to store Nonce - only required until CCM and GCM get proper
multipart support. */
uint8_t nonce[PSA_AEAD_NONCE_MAX_SIZE];
union
{
unsigned dummy; /* Enable easier initializing of the union. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
mbedtls_ccm_context ccm;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
mbedtls_gcm_context gcm;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
mbedtls_chachapoly_context chachapoly;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
} ctx;
} mbedtls_psa_aead_operation_t;
#define MBEDTLS_PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, {0}, {0}}
/*
* BEYOND THIS POINT, TEST DRIVER DECLARATIONS ONLY.
*/
@ -130,6 +186,9 @@ typedef mbedtls_psa_hash_operation_t mbedtls_transparent_test_driver_hash_operat
typedef mbedtls_psa_cipher_operation_t
mbedtls_transparent_test_driver_cipher_operation_t;
typedef mbedtls_psa_aead_operation_t
mbedtls_transparent_test_driver_aead_operation_t;
typedef struct {
unsigned int initialised : 1;
mbedtls_transparent_test_driver_cipher_operation_t ctx;

8
include/psa/crypto_driver_contexts_primitives.h
View File

@ -65,5 +65,13 @@ typedef union {
#endif
} psa_driver_cipher_context_t;
typedef union {
unsigned dummy; /* Make sure this union is always non-empty */
mbedtls_psa_aead_operation_t mbedtls_ctx;
#if defined(PSA_CRYPTO_DRIVER_TEST)
mbedtls_transparent_test_driver_aead_operation_t transparent_test_driver_ctx;
#endif
} psa_driver_aead_context_t;
#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_PRIMITIVES_H */
/* End of automatically generated file. */

43
include/psa/crypto_struct.h
View File

@ -153,8 +153,6 @@ static inline struct psa_mac_operation_s psa_mac_operation_init( void )
struct psa_aead_operation_s
{
psa_algorithm_t alg;
psa_key_type_t key_type;
/** Unique ID indicating which driver got assigned to do the
* operation. Since driver contexts are driver-specific, swapping
@ -164,50 +162,19 @@ struct psa_aead_operation_s
* any driver (i.e. none of the driver contexts are active). */
unsigned int id;
psa_algorithm_t alg;
psa_key_type_t key_type;
unsigned int key_set : 1;
unsigned int nonce_set : 1;
unsigned int lengths_set : 1;
unsigned int is_encrypt : 1;
unsigned int ad_started : 1;
unsigned int body_started : 1;
uint8_t tag_length;
uint8_t nonce_length;
size_t ad_remaining;
size_t body_remaining;
/* Buffers for AD/data - only required until CCM gets proper multipart
support. */
uint8_t *ad_buffer;
size_t ad_length;
uint8_t *body_buffer;
size_t body_length;
uint8_t *tag_buffer;
/* buffer to store Nonce - only required until CCM and GCM get proper
multipart support. */
uint8_t nonce[PSA_AEAD_NONCE_MAX_SIZE];
union
{
unsigned dummy; /* Enable easier initializing of the union. */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
mbedtls_ccm_context ccm;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
mbedtls_gcm_context gcm;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
mbedtls_chachapoly_context chachapoly;
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
} ctx;
psa_driver_aead_context_t ctx;
};
#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, {0}, {0}}
#define PSA_AEAD_OPERATION_INIT {0, 0, 0, 0, 0, 0, 0, 0, {0}}
static inline struct psa_aead_operation_s psa_aead_operation_init( void )
{
const struct psa_aead_operation_s v = PSA_AEAD_OPERATION_INIT;

100
library/psa_crypto.c
View File

@ -3214,6 +3214,25 @@ psa_status_t psa_aead_decrypt( mbedtls_svc_key_id_t key,
return( status );
}
/* Helper function to get the base algorithm from its variants. */
static psa_algorithm_t psa_aead_get_base_algorithm(psa_algorithm_t alg)
{
switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) )
{
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
return( PSA_ALG_CCM );
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
return( PSA_ALG_GCM );
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
return( PSA_ALG_CHACHA20_POLY1305 );
default:
return( PSA_ERROR_NOT_SUPPORTED );
}
}
/* Set the key for a multipart authenticated encryption operation. */
psa_status_t psa_aead_encrypt_setup( psa_aead_operation_t *operation,
mbedtls_svc_key_id_t key,
@ -3226,6 +3245,12 @@ psa_status_t psa_aead_encrypt_setup( psa_aead_operation_t *operation,
if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) )
return( PSA_ERROR_NOT_SUPPORTED );
if( operation->key_set || operation->nonce_set ||
operation->ad_started || operation->body_started )
{
return( PSA_ERROR_BAD_STATE );
}
status = psa_get_and_lock_key_slot_with_policy(
key, &slot, PSA_KEY_USAGE_ENCRYPT, alg );
@ -3242,6 +3267,7 @@ psa_status_t psa_aead_encrypt_setup( psa_aead_operation_t *operation,
&attributes, slot->key.data,
slot->key.bytes, alg );
operation->key_type = psa_get_key_type( &attributes );
unlock_status = psa_unlock_key_slot( slot );
@ -3250,6 +3276,12 @@ psa_status_t psa_aead_encrypt_setup( psa_aead_operation_t *operation,
return( unlock_status );
}
if( status == PSA_SUCCESS )
{
operation->alg = psa_aead_get_base_algorithm( alg );
operation->key_set = 1;
}
return( status );
}
@ -3265,6 +3297,12 @@ psa_status_t psa_aead_decrypt_setup( psa_aead_operation_t *operation,
if( !PSA_ALG_IS_AEAD( alg ) || PSA_ALG_IS_WILDCARD( alg ) )
return( PSA_ERROR_NOT_SUPPORTED );
if( operation->key_set || operation->nonce_set ||
operation->ad_started || operation->body_started )
{
return( PSA_ERROR_BAD_STATE );
}
status = psa_get_and_lock_key_slot_with_policy(
key, &slot, PSA_KEY_USAGE_DECRYPT, alg );
@ -3281,6 +3319,7 @@ psa_status_t psa_aead_decrypt_setup( psa_aead_operation_t *operation,
&attributes, slot->key.data,
slot->key.bytes, alg );
operation->key_type = psa_get_key_type( &attributes );
unlock_status = psa_unlock_key_slot( slot );
@ -3289,6 +3328,12 @@ psa_status_t psa_aead_decrypt_setup( psa_aead_operation_t *operation,
return( unlock_status );
}
if( status == PSA_SUCCESS )
{
operation->alg = psa_aead_get_base_algorithm( alg );
operation->key_set = 1;
}
return( status );
}
@ -3341,14 +3386,23 @@ psa_status_t psa_aead_set_nonce( psa_aead_operation_t *operation,
const uint8_t *nonce,
size_t nonce_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
if( !operation->key_set || operation->nonce_set ||
operation->ad_started || operation->body_started )
{
return( PSA_ERROR_BAD_STATE );
}
return( psa_driver_wrapper_aead_set_nonce( operation, nonce,
nonce_length ) );
status = psa_driver_wrapper_aead_set_nonce( operation, nonce,
nonce_length );
if( status == PSA_SUCCESS )
{
operation->nonce_set = 1;
}
return( status );
}
/* Declare the lengths of the message and additional data for multipart AEAD. */
@ -3356,26 +3410,44 @@ psa_status_t psa_aead_set_lengths( psa_aead_operation_t *operation,
size_t ad_length,
size_t plaintext_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
if( !operation->key_set || operation->lengths_set )
{
return( PSA_ERROR_BAD_STATE );
}
return( psa_driver_wrapper_aead_set_lengths( operation, ad_length,
plaintext_length ) );
status = psa_driver_wrapper_aead_set_lengths( operation, ad_length,
plaintext_length );
if( status == PSA_SUCCESS )
{
operation->lengths_set = 1;
}
return status;
}
/* Pass additional data to an active multipart AEAD operation. */
psa_status_t psa_aead_update_ad( psa_aead_operation_t *operation,
const uint8_t *input,
size_t input_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
if( !operation->nonce_set || !operation->key_set )
{
return( PSA_ERROR_BAD_STATE );
}
return( psa_driver_wrapper_aead_update_ad( operation, input,
input_length ) );
status = psa_driver_wrapper_aead_update_ad( operation, input,
input_length );
if( status == PSA_SUCCESS )
{
operation->ad_started = 1;
}
return status;
}
/* Encrypt or decrypt a message fragment in an active multipart AEAD
@ -3387,6 +3459,7 @@ psa_status_t psa_aead_update( psa_aead_operation_t *operation,
size_t output_size,
size_t *output_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
*output_length = 0;
@ -3395,9 +3468,16 @@ psa_status_t psa_aead_update( psa_aead_operation_t *operation,
return( PSA_ERROR_BAD_STATE );
}
return( psa_driver_wrapper_aead_update( operation, input, input_length,
output, output_size,
output_length ) );
status = psa_driver_wrapper_aead_update( operation, input, input_length,
output, output_size,
output_length );
if( status == PSA_SUCCESS )
{
operation->body_started = 1;
}
return status;
}
/* Finish encrypting a message in a multipart AEAD operation. */
@ -3422,6 +3502,7 @@ psa_status_t psa_aead_finish( psa_aead_operation_t *operation,
ciphertext_size,
ciphertext_length,
tag, tag_size, tag_length ) );
}
/* Finish authenticating and decrypting a message in a multipart AEAD
@ -3466,7 +3547,6 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
operation->key_set = 0;
operation->nonce_set = 0;
operation->lengths_set = 0;
operation->is_encrypt = 0;
operation->ad_started = 0;
operation->body_started = 0;

54
library/psa_crypto_aead.c
View File

@ -20,7 +20,6 @@
#include "common.h"
#if defined(MBEDTLS_PSA_CRYPTO_C)
#include "psa_crypto_aead.h"
@ -55,7 +54,7 @@ static inline int safer_memcmp( const uint8_t *a, const uint8_t *b, size_t n )
static psa_status_t psa_aead_setup(
psa_aead_operation_t *operation,
mbedtls_psa_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer,
psa_algorithm_t alg )
@ -66,12 +65,6 @@ static psa_status_t psa_aead_setup(
mbedtls_cipher_id_t cipher_id;
size_t full_tag_length = 0;
if( operation->key_set || operation->nonce_set ||
operation->ad_started || operation->body_started )
{
return( PSA_ERROR_BAD_STATE );
}
key_bits = attributes->core.bits;
cipher_info = mbedtls_cipher_info_from_psa( alg,
@ -146,12 +139,12 @@ static psa_status_t psa_aead_setup(
> full_tag_length )
return( PSA_ERROR_INVALID_ARGUMENT );
operation->tag_length = PSA_AEAD_TAG_LENGTH( attributes->core.type,
operation->key_type = psa_get_key_type( attributes );
operation->tag_length = PSA_AEAD_TAG_LENGTH( operation->key_type,
key_bits,
alg );
operation->key_set = 1;
return( PSA_SUCCESS );
}
@ -165,7 +158,7 @@ psa_status_t mbedtls_psa_aead_encrypt(
uint8_t *ciphertext, size_t ciphertext_size, size_t *ciphertext_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
mbedtls_psa_aead_operation_t operation = MBEDTLS_PSA_AEAD_OPERATION_INIT;
uint8_t *tag;
(void) key_buffer_size;
@ -275,7 +268,7 @@ psa_status_t mbedtls_psa_aead_decrypt(
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_aead_operation_t operation = PSA_AEAD_OPERATION_INIT;
mbedtls_psa_aead_operation_t operation = MBEDTLS_PSA_AEAD_OPERATION_INIT;
const uint8_t *tag = NULL;
(void) key_buffer_size;
@ -354,7 +347,8 @@ exit:
/* Set the key and algorithm for a multipart authenticated encryption
* operation. */
psa_status_t mbedtls_psa_aead_encrypt_setup( psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_encrypt_setup( mbedtls_psa_aead_operation_t
*operation,
const psa_key_attributes_t
*attributes,
const uint8_t *key_buffer,
@ -377,7 +371,8 @@ psa_status_t mbedtls_psa_aead_encrypt_setup( psa_aead_operation_t *operation,
/* Set the key and algorithm for a multipart authenticated decryption
* operation. */
psa_status_t mbedtls_psa_aead_decrypt_setup( psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_decrypt_setup( mbedtls_psa_aead_operation_t
*operation,
const psa_key_attributes_t
*attributes,
const uint8_t *key_buffer,
@ -399,7 +394,8 @@ psa_status_t mbedtls_psa_aead_decrypt_setup( psa_aead_operation_t *operation,
}
/* Set a nonce for the multipart AEAD operation*/
psa_status_t mbedtls_psa_aead_set_nonce( psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_set_nonce( mbedtls_psa_aead_operation_t
*operation,
const uint8_t *nonce,
size_t nonce_length )
{
@ -454,15 +450,11 @@ psa_status_t mbedtls_psa_aead_set_nonce( psa_aead_operation_t *operation,
return ( PSA_ERROR_NOT_SUPPORTED );
}
if( status == PSA_SUCCESS )
{
operation->nonce_set = 1;
}
return( status );
}
/* Declare the lengths of the message and additional data for AEAD. */
psa_status_t mbedtls_psa_aead_set_lengths( psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_set_lengths( mbedtls_psa_aead_operation_t
*operation,
size_t ad_length,
size_t plaintext_length )
{
@ -512,7 +504,8 @@ psa_status_t mbedtls_psa_aead_set_lengths( psa_aead_operation_t *operation,
}
/* Pass additional data to an active multipart AEAD operation. */
psa_status_t mbedtls_psa_aead_update_ad( psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_update_ad( mbedtls_psa_aead_operation_t
*operation,
const uint8_t *input,
size_t input_length )
{
@ -611,7 +604,7 @@ psa_status_t mbedtls_psa_aead_update_ad( psa_aead_operation_t *operation,
/* Encrypt or decrypt a message fragment in an active multipart AEAD
* operation.*/
psa_status_t mbedtls_psa_aead_update( psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_update( mbedtls_psa_aead_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
@ -786,7 +779,7 @@ psa_status_t mbedtls_psa_aead_update( psa_aead_operation_t *operation,
/* Common checks for both mbedtls_psa_aead_finish() and
mbedtls_psa_aead_verify() */
static psa_status_t mbedtls_psa_aead_finish_checks( psa_aead_operation_t
static psa_status_t mbedtls_psa_aead_finish_checks( mbedtls_psa_aead_operation_t
*operation,
size_t output_size,
size_t tag_size )
@ -828,7 +821,7 @@ static psa_status_t mbedtls_psa_aead_finish_checks( psa_aead_operation_t
}
/* Finish encrypting a message in a multipart AEAD operation. */
psa_status_t mbedtls_psa_aead_finish( psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_finish( mbedtls_psa_aead_operation_t *operation,
uint8_t *ciphertext,
size_t ciphertext_size,
size_t *ciphertext_length,
@ -903,7 +896,7 @@ psa_status_t mbedtls_psa_aead_finish( psa_aead_operation_t *operation,
/* Finish authenticating and decrypting a message in a multipart AEAD
* operation.*/
psa_status_t mbedtls_psa_aead_verify( psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_verify( mbedtls_psa_aead_operation_t *operation,
uint8_t *plaintext,
size_t plaintext_size,
size_t *plaintext_length,
@ -1033,7 +1026,7 @@ psa_status_t mbedtls_psa_aead_verify( psa_aead_operation_t *operation,
}
/* Abort an AEAD operation */
psa_status_t mbedtls_psa_aead_abort( psa_aead_operation_t *operation )
psa_status_t mbedtls_psa_aead_abort( mbedtls_psa_aead_operation_t *operation )
{
switch( operation->alg )
{
@ -1054,6 +1047,11 @@ psa_status_t mbedtls_psa_aead_abort( psa_aead_operation_t *operation )
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
}
operation->lengths_set = 0;
operation->is_encrypt = 0;
operation->ad_started = 0;
operation->body_started = 0;
mbedtls_free(operation->ad_buffer);
operation->ad_buffer = NULL;
operation->ad_length = 0;

138
library/psa_crypto_aead.h
View File

@ -160,37 +160,39 @@ psa_status_t mbedtls_psa_aead_decrypt(
* -# Allocate an operation object which will be passed to all the functions
* listed here.
* -# Initialize the operation object with one of the methods described in the
* documentation for #psa_aead_operation_t, e.g.
* #PSA_AEAD_OPERATION_INIT.
* documentation for #mbedtls_psa_aead_operation_t, e.g.
* #MBEDTLS_PSA_AEAD_OPERATION_INIT.
* -# Call mbedtls_psa_aead_encrypt_setup() to specify the algorithm and key.
* -# If needed, call mbedtls_psa_aead_set_lengths() to specify the length of
* the inputs to the subsequent calls to mbedtls_psa_aead_update_ad() and
* mbedtls_psa_aead_update(). See the documentation of mbedtls_psa_aead_set_lengths()
* for details.
* mbedtls_psa_aead_update(). See the documentation of
* mbedtls_psa_aead_set_lengths() for details.
* -# Call either psa_aead_generate_nonce() or
* mbedtls_psa_aead_set_nonce() to generate or set the nonce. You should use
* psa_aead_generate_nonce() unless the protocol you are implementing
* requires a specific nonce value.
* -# Call mbedtls_psa_aead_update_ad() zero, one or more times, passing a fragment
* of the non-encrypted additional authenticated data each time.
* -# Call mbedtls_psa_aead_update_ad() zero, one or more times, passing
* a fragment of the non-encrypted additional authenticated data each time.
* -# Call mbedtls_psa_aead_update() zero, one or more times, passing a fragment
* of the message to encrypt each time.
* -# Call mbedtls_psa_aead_finish().
*
* If an error occurs at any step after a call to mbedtls_psa_aead_encrypt_setup(),
* the operation will need to be reset by a call to mbedtls_psa_aead_abort(). The
* application may call mbedtls_psa_aead_abort() at any time after the operation
* has been initialized.
* If an error occurs at any step after a call to
* mbedtls_psa_aead_encrypt_setup(), the operation will need to be reset by a
* call to mbedtls_psa_aead_abort(). The application may call
* mbedtls_psa_aead_abort() at any time after the operation has been
* initialized.
*
* After a successful call to mbedtls_psa_aead_encrypt_setup(), the application must
* eventually terminate the operation. The following events terminate an
* After a successful call to mbedtls_psa_aead_encrypt_setup(), the application
* must eventually terminate the operation. The following events terminate an
* operation:
* - A successful call to mbedtls_psa_aead_finish().
* - A call to mbedtls_psa_aead_abort().
*
* \param[in,out] operation The operation object to set up. It must have
* been initialized as per the documentation for
* #mbedtls_psa_aead_operation_t and not yet in use.
* #mbedtls_psa_aead_operation_t and not yet in
* use.
* \param[in] attributes The attributes of the key to use for the
* operation.
* \param[in] key_buffer The buffer containing the key context.
@ -219,9 +221,12 @@ psa_status_t mbedtls_psa_aead_decrypt(
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_encrypt_setup(psa_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_status_t mbedtls_psa_aead_encrypt_setup(mbedtls_psa_aead_operation_t
*operation,
const psa_key_attributes_t
*attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg);
/** Set the key for a multipart authenticated decryption operation.
@ -236,34 +241,36 @@ psa_status_t mbedtls_psa_aead_encrypt_setup(psa_aead_operation_t *operation,
* -# Allocate an operation object which will be passed to all the functions
* listed here.
* -# Initialize the operation object with one of the methods described in the
* documentation for #psa_aead_operation_t, e.g.
* documentation for #mbedtls_psa_aead_operation_t, e.g.
* #PSA_AEAD_OPERATION_INIT.
* -# Call mbedtls_psa_aead_decrypt_setup() to specify the algorithm and key.
* -# If needed, call mbedtls_psa_aead_set_lengths() to specify the length of the
* inputs to the subsequent calls to mbedtls_psa_aead_update_ad() and
* mbedtls_psa_aead_update(). See the documentation of mbedtls_psa_aead_set_lengths()
* for details.
* -# If needed, call mbedtls_psa_aead_set_lengths() to specify the length of
* the inputs to the subsequent calls to mbedtls_psa_aead_update_ad() and
* mbedtls_psa_aead_update(). See the documentation of
* mbedtls_psa_aead_set_lengths() for details.
* -# Call mbedtls_psa_aead_set_nonce() with the nonce for the decryption.
* -# Call mbedtls_psa_aead_update_ad() zero, one or more times, passing a fragment
* of the non-encrypted additional authenticated data each time.
* -# Call mbedtls_psa_aead_update_ad() zero, one or more times, passing a
* fragment of the non-encrypted additional authenticated data each time.
* -# Call mbedtls_psa_aead_update() zero, one or more times, passing a fragment
* of the ciphertext to decrypt each time.
* -# Call mbedtls_psa_aead_verify().
*
* If an error occurs at any step after a call to mbedtls_psa_aead_decrypt_setup(),
* the operation will need to be reset by a call to mbedtls_psa_aead_abort(). The
* application may call mbedtls_psa_aead_abort() at any time after the operation
* has been initialized.
* If an error occurs at any step after a call to
* mbedtls_psa_aead_decrypt_setup(), the operation will need to be reset by a
* call to mbedtls_psa_aead_abort(). The application may call
* mbedtls_psa_aead_abort() at any time after the operation has been
* initialized.
*
* After a successful call to mbedtls_psa_aead_decrypt_setup(), the application must
* eventually terminate the operation. The following events terminate an
* After a successful call to mbedtls_psa_aead_decrypt_setup(), the application
* must eventually terminate the operation. The following events terminate an
* operation:
* - A successful call to mbedtls_psa_aead_verify().
* - A call to mbedtls_psa_aead_abort().
*
* \param[in,out] operation The operation object to set up. It must have
* been initialized as per the documentation for
* #psa_aead_operation_t and not yet in use.
* #mbedtls_psa_aead_operation_t and not yet in
* use.
* \param[in] attributes The attributes of the key to use for the
* operation.
* \param[in] key_buffer The buffer containing the key context.
@ -292,9 +299,12 @@ psa_status_t mbedtls_psa_aead_encrypt_setup(psa_aead_operation_t *operation,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_decrypt_setup(psa_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_status_t mbedtls_psa_aead_decrypt_setup(mbedtls_psa_aead_operation_t
*operation,
const psa_key_attributes_t
*attributes,
const uint8_t *key_buffer,
size_t key_buffer_size,
psa_algorithm_t alg);
/** Set the nonce for an authenticated encryption or decryption operation.
@ -313,9 +323,9 @@ psa_status_t mbedtls_psa_aead_decrypt_setup(psa_aead_operation_t *operation,
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling mbedtls_psa_aead_abort().
*
* \note When encrypting, applications should use mbedtls_psa_aead_generate_nonce()
* instead of this function, unless implementing a protocol that requires
* a non-random IV.
* \note When encrypting, applications should use
* mbedtls_psa_aead_generate_nonce() instead of this function, unless
* implementing a protocol that requires a non-random IV.
*
* \param[in,out] operation Active AEAD operation.
* \param[in] nonce Buffer containing the nonce to use.
@ -338,7 +348,7 @@ psa_status_t mbedtls_psa_aead_decrypt_setup(psa_aead_operation_t *operation,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_set_nonce(psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_set_nonce(mbedtls_psa_aead_operation_t *operation,
const uint8_t *nonce,
size_t nonce_length);
@ -350,10 +360,10 @@ psa_status_t mbedtls_psa_aead_set_nonce(psa_aead_operation_t *operation,
* specification for transparent drivers.
*
* The application must call this function before calling
* mbedtls_psa_aead_update_ad() or mbedtls_psa_aead_update() if the algorithm for
* the operation requires it. If the algorithm does not require it,
* calling this function is optional, but if this function is called
* then the implementation must enforce the lengths.
* mbedtls_psa_aead_update_ad() or mbedtls_psa_aead_update() if the algorithm
* for the operation requires it. If the algorithm does not require it, calling
* this function is optional, but if this function is called then the
* implementation must enforce the lengths.
*
* You may call this function before or after setting the nonce with
* mbedtls_psa_aead_set_nonce() or psa_aead_generate_nonce().
@ -375,8 +385,8 @@ psa_status_t mbedtls_psa_aead_set_nonce(psa_aead_operation_t *operation,
* Success.
* \retval #PSA_ERROR_BAD_STATE
* The operation state is not valid (it must be active, and
* mbedtls_psa_aead_update_ad() and mbedtls_psa_aead_update() must not have been
* called yet).
* mbedtls_psa_aead_update_ad() and mbedtls_psa_aead_update() must not
* have been called yet).
* \retval #PSA_ERROR_INVALID_ARGUMENT
* At least one of the lengths is not acceptable for the chosen
* algorithm.
@ -389,7 +399,8 @@ psa_status_t mbedtls_psa_aead_set_nonce(psa_aead_operation_t *operation,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_set_lengths(psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_set_lengths(mbedtls_psa_aead_operation_t
*operation,
size_t ad_length,
size_t plaintext_length);
@ -407,18 +418,19 @@ psa_status_t mbedtls_psa_aead_set_lengths(psa_aead_operation_t *operation,
* data to encrypt or decrypt with mbedtls_psa_aead_update().
*
* Before calling this function, you must:
* 1. Call either mbedtls_psa_aead_encrypt_setup() or mbedtls_psa_aead_decrypt_setup().
* 2. Set the nonce with psa_aead_generate_nonce() or
* mbedtls_psa_aead_set_nonce().
* 1. Call either mbedtls_psa_aead_encrypt_setup() or
* mbedtls_psa_aead_decrypt_setup(). 2. Set the nonce with
* psa_aead_generate_nonce() or mbedtls_psa_aead_set_nonce().
*
* If this function returns an error status, the operation enters an error
* state and must be aborted by calling mbedtls_psa_aead_abort().
*
* \warning When decrypting, until mbedtls_psa_aead_verify() has returned #PSA_SUCCESS,
* there is no guarantee that the input is valid. Therefore, until
* you have called mbedtls_psa_aead_verify() and it has returned #PSA_SUCCESS,
* treat the input as untrusted and prepare to undo any action that
* depends on the input if mbedtls_psa_aead_verify() returns an error status.
* \warning When decrypting, until mbedtls_psa_aead_verify() has returned
* #PSA_SUCCESS, there is no guarantee that the input is valid.
* Therefore, until you have called mbedtls_psa_aead_verify() and it
* has returned #PSA_SUCCESS, treat the input as untrusted and prepare
* to undo any action that depends on the input if
* mbedtls_psa_aead_verify() returns an error status.
*
* \note For the time being #PSA_ALG_CCM and #PSA_ALG_GCM require the entire
* additional data to be passed in in one go, i.e. only call
@ -448,7 +460,7 @@ psa_status_t mbedtls_psa_aead_set_lengths(psa_aead_operation_t *operation,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_update_ad(psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_update_ad(mbedtls_psa_aead_operation_t *operation,
const uint8_t *input,
size_t input_length);
@ -460,9 +472,9 @@ psa_status_t mbedtls_psa_aead_update_ad(psa_aead_operation_t *operation,
* transparent drivers.
*
* Before calling this function, you must:
* 1. Call either mbedtls_psa_aead_encrypt_setup() or mbedtls_psa_aead_decrypt_setup().
* The choice of setup function determines whether this function
* encrypts or decrypts its input.
* 1. Call either mbedtls_psa_aead_encrypt_setup() or
* mbedtls_psa_aead_decrypt_setup(). The choice of setup function determines
* whether this function encrypts or decrypts its input.
* 2. Set the nonce with psa_aead_generate_nonce() or
* mbedtls_psa_aead_set_nonce(). 3. Call mbedtls_psa_aead_update_ad() to pass
* all the additional data.
@ -537,7 +549,7 @@ psa_status_t mbedtls_psa_aead_update_ad(psa_aead_operation_t *operation,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_update(psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_update(mbedtls_psa_aead_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
@ -618,7 +630,7 @@ psa_status_t mbedtls_psa_aead_update(psa_aead_operation_t *operation,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_finish(psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_finish(mbedtls_psa_aead_operation_t *operation,
uint8_t *ciphertext,
size_t ciphertext_size,
size_t *ciphertext_length,
@ -703,7 +715,7 @@ psa_status_t mbedtls_psa_aead_finish(psa_aead_operation_t *operation,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_verify(psa_aead_operation_t *operation,
psa_status_t mbedtls_psa_aead_verify(mbedtls_psa_aead_operation_t *operation,
uint8_t *plaintext,
size_t plaintext_size,
size_t *plaintext_length,
@ -723,11 +735,11 @@ psa_status_t mbedtls_psa_aead_verify(psa_aead_operation_t *operation,
* mbedtls_psa_aead_encrypt_setup() or mbedtls_psa_aead_decrypt_setup() again.
*
* You may call this function any time after the operation object has
* been initialized as described in #psa_aead_operation_t.
* been initialized as described in #mbedtls_psa_aead_operation_t.
*
* In particular, calling mbedtls_psa_aead_abort() after the operation has been
* terminated by a call to mbedtls_psa_aead_abort(), mbedtls_psa_aead_finish() or
* mbedtls_psa_aead_verify() is safe and has no effect.
* terminated by a call to mbedtls_psa_aead_abort(), mbedtls_psa_aead_finish()
* or mbedtls_psa_aead_verify() is safe and has no effect.
*
* \param[in,out] operation Initialized AEAD operation.
*
@ -740,7 +752,7 @@ psa_status_t mbedtls_psa_aead_verify(psa_aead_operation_t *operation,
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
psa_status_t mbedtls_psa_aead_abort(psa_aead_operation_t *operation);
psa_status_t mbedtls_psa_aead_abort(mbedtls_psa_aead_operation_t *operation);
#endif /* PSA_CRYPTO_AEAD */

84
library/psa_crypto_driver_wrappers.c
View File

@ -1310,10 +1310,9 @@ psa_status_t psa_driver_wrapper_aead_encrypt_setup(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
status = PSA_ERROR_NOT_SUPPORTED;
status = mbedtls_test_transparent_aead_encrypt_setup(
operation, attributes,
key_buffer, key_buffer_size,
&operation->ctx.transparent_test_driver_ctx,
attributes, key_buffer, key_buffer_size,
alg );
/* Declared with fallback == true */
operation->id = PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID;
@ -1325,7 +1324,7 @@ psa_status_t psa_driver_wrapper_aead_encrypt_setup(
/* Fell through, meaning no accelerator supports this operation */
status = mbedtls_psa_aead_encrypt_setup(
operation, attributes,
&operation->ctx.mbedtls_ctx, attributes,
key_buffer, key_buffer_size,
alg );
@ -1360,9 +1359,9 @@ psa_status_t psa_driver_wrapper_aead_decrypt_setup(
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
status = PSA_ERROR_NOT_SUPPORTED;
status = mbedtls_test_transparent_aead_decrypt_setup(
operation, attributes,
&operation->ctx.transparent_test_driver_ctx,
attributes,
key_buffer, key_buffer_size,
alg );
/* Declared with fallback == true */
@ -1375,7 +1374,8 @@ psa_status_t psa_driver_wrapper_aead_decrypt_setup(
/* Fell through, meaning no accelerator supports this operation */
status = mbedtls_psa_aead_decrypt_setup(
operation, attributes,
&operation->ctx.mbedtls_ctx,
attributes,
key_buffer, key_buffer_size,
alg );
@ -1401,16 +1401,18 @@ psa_status_t psa_driver_wrapper_aead_set_nonce(
{
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
return( mbedtls_psa_aead_set_nonce( operation, nonce,
return( mbedtls_psa_aead_set_nonce( &operation->ctx.mbedtls_ctx,
nonce,
nonce_length ) );
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
return( mbedtls_test_transparent_aead_set_nonce(
operation, nonce, nonce_length ) );
&operation->ctx.transparent_test_driver_ctx,
nonce, nonce_length ) );
/* Add cases for opaque driver here */
@ -1431,18 +1433,20 @@ psa_status_t psa_driver_wrapper_aead_set_lengths(
{
switch( operation->id )
{
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
return( mbedtls_psa_aead_set_lengths( operation, ad_length,
return( mbedtls_psa_aead_set_lengths( &operation->ctx.mbedtls_ctx,
ad_length,
plaintext_length ) );
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
return( mbedtls_test_transparent_aead_set_lengths(
operation, ad_length, plaintext_length ) );
&operation->ctx.transparent_test_driver_ctx,
ad_length, plaintext_length ) );
/* Add cases for opaque driver here */
@ -1463,18 +1467,20 @@ psa_status_t psa_driver_wrapper_aead_update_ad(
{
switch( operation->id )
{
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
return( mbedtls_psa_aead_update_ad( operation, input,
return( mbedtls_psa_aead_update_ad( &operation->ctx.mbedtls_ctx,
input,
input_length ) );
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
return( mbedtls_test_transparent_aead_update_ad(
operation, input, input_length ) );
&operation->ctx.transparent_test_driver_ctx,
input, input_length ) );
/* Add cases for opaque driver here */
@ -1498,19 +1504,21 @@ psa_status_t psa_driver_wrapper_aead_update(
{
switch( operation->id )
{
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
return( mbedtls_psa_aead_update( operation, input, input_length,
return( mbedtls_psa_aead_update( &operation->ctx.mbedtls_ctx,
input, input_length,
output, output_size,
output_length ) );
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
return( mbedtls_test_transparent_aead_update(
operation, input, input_length, output, output_size,
&operation->ctx.transparent_test_driver_ctx,
input, input_length, output, output_size,
output_length ) );
/* Add cases for opaque driver here */
@ -1539,20 +1547,22 @@ psa_status_t psa_driver_wrapper_aead_finish(
{
switch( operation->id )
{
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
return( mbedtls_psa_aead_finish( operation, ciphertext,
return( mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx,
ciphertext,
ciphertext_size,
ciphertext_length, tag,
tag_size, tag_length ) );
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
return( mbedtls_test_transparent_aead_finish(
operation, ciphertext, ciphertext_size,
&operation->ctx.transparent_test_driver_ctx,
ciphertext, ciphertext_size,
ciphertext_length, tag, tag_size, tag_length ) );
/* Add cases for opaque driver here */
@ -1581,19 +1591,22 @@ psa_status_t psa_driver_wrapper_aead_verify(
{
switch( operation->id )
{
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
return( mbedtls_psa_aead_verify( operation, plaintext,
plaintext_size, plaintext_length,
return( mbedtls_psa_aead_verify( &operation->ctx.mbedtls_ctx,
plaintext,
plaintext_size,
plaintext_length,
tag, tag_length ) );
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
return( mbedtls_test_transparent_aead_verify(
operation, plaintext, plaintext_size,
&operation->ctx.transparent_test_driver_ctx,
plaintext, plaintext_size,
plaintext_length, tag, tag_length ) );
/* Add cases for opaque driver here */
@ -1616,16 +1629,17 @@ psa_status_t psa_driver_wrapper_aead_abort(
{
switch( operation->id )
{
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
return( mbedtls_psa_aead_abort( operation ) );
return( mbedtls_psa_aead_abort( &operation->ctx.mbedtls_ctx ) );
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */
#endif /* MBEDTLS_PSA_BUILTIN_AEAD */
#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
#if defined(PSA_CRYPTO_DRIVER_TEST)
case PSA_CRYPTO_TRANSPARENT_TEST_DRIVER_ID:
return( mbedtls_test_transparent_aead_abort( operation ) );
return( mbedtls_test_transparent_aead_abort(
&operation->ctx.transparent_test_driver_ctx ) );
/* Add cases for opaque driver here */

18
tests/src/drivers/test_driver_aead.c
View File

@ -94,7 +94,7 @@ psa_status_t mbedtls_test_transparent_aead_decrypt(
}
psa_status_t mbedtls_test_transparent_aead_encrypt_setup(
psa_aead_operation_t *operation,
mbedtls_transparent_test_driver_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
@ -117,7 +117,7 @@ psa_status_t mbedtls_test_transparent_aead_encrypt_setup(
}
psa_status_t mbedtls_test_transparent_aead_decrypt_setup(
psa_aead_operation_t *operation,
mbedtls_transparent_test_driver_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg )
@ -140,7 +140,7 @@ psa_status_t mbedtls_test_transparent_aead_decrypt_setup(
}
psa_status_t mbedtls_test_transparent_aead_set_nonce(
psa_aead_operation_t *operation,
mbedtls_transparent_test_driver_aead_operation_t *operation,
const uint8_t *nonce,
size_t nonce_length )
{
@ -161,7 +161,7 @@ psa_status_t mbedtls_test_transparent_aead_set_nonce(
}
psa_status_t mbedtls_test_transparent_aead_set_lengths(
psa_aead_operation_t *operation,
mbedtls_transparent_test_driver_aead_operation_t *operation,
size_t ad_length,
size_t plaintext_length )
{
@ -183,7 +183,7 @@ psa_status_t mbedtls_test_transparent_aead_set_lengths(
}
psa_status_t mbedtls_test_transparent_aead_update_ad(
psa_aead_operation_t *operation,
mbedtls_transparent_test_driver_aead_operation_t *operation,
const uint8_t *input,
size_t input_length )
{
@ -204,7 +204,7 @@ psa_status_t mbedtls_test_transparent_aead_update_ad(
}
psa_status_t mbedtls_test_transparent_aead_update(
psa_aead_operation_t *operation,
mbedtls_transparent_test_driver_aead_operation_t *operation,
const uint8_t *input,
size_t input_length,
uint8_t *output,
@ -229,7 +229,7 @@ psa_status_t mbedtls_test_transparent_aead_update(
}
psa_status_t mbedtls_test_transparent_aead_finish(
psa_aead_operation_t *operation,
mbedtls_transparent_test_driver_aead_operation_t *operation,
uint8_t *ciphertext,
size_t ciphertext_size,
size_t *ciphertext_length,
@ -256,7 +256,7 @@ psa_status_t mbedtls_test_transparent_aead_finish(
}
psa_status_t mbedtls_test_transparent_aead_verify(
psa_aead_operation_t *operation,
mbedtls_transparent_test_driver_aead_operation_t *operation,
uint8_t *plaintext,
size_t plaintext_size,
size_t *plaintext_length,
@ -281,7 +281,7 @@ psa_status_t mbedtls_test_transparent_aead_verify(
}
psa_status_t mbedtls_test_transparent_aead_abort(
psa_aead_operation_t *operation )
mbedtls_transparent_test_driver_aead_operation_t *operation )
{
mbedtls_test_driver_aead_hooks.hits++;