Security
   * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back
     from the output buffer. This fixes a potential policy bypass or decryption
     oracle vulnerability if the output buffer is in memory that is shared with
     an untrusted application.