Remove internal aead_verify endpoint

The internal verify endpoint was only calling the finish endpoint to get
a tag to compare against the tag passed in. Moved this logic to the
driver wrapper (still allowing a driver to call verify if required) and
removed the internal implementation endpoint.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c
index 9ac2646..9f67359 100644
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@@ -607,18 +607,6 @@
     return( status );
 }
 
-/* Common checks for both mbedtls_psa_aead_finish() and
-   mbedtls_psa_aead_verify() */
-static psa_status_t mbedtls_psa_aead_finish_checks(
-    mbedtls_psa_aead_operation_t *operation,
-    size_t tag_size )
-{
-    if( tag_size < operation->tag_length )
-        return ( PSA_ERROR_BUFFER_TOO_SMALL );
-
-    return ( PSA_SUCCESS );
-}
-
 /* Finish encrypting a message in a multipart AEAD operation. */
 psa_status_t mbedtls_psa_aead_finish(
     mbedtls_psa_aead_operation_t *operation,
@@ -632,10 +620,8 @@
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     size_t finish_output_size = 0;
 
-    status = mbedtls_psa_aead_finish_checks( operation, tag_size );
-
-    if( status != PSA_SUCCESS )
-        return status;
+    if( tag_size < operation->tag_length )
+        return( PSA_ERROR_BUFFER_TOO_SMALL );
 
 #if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
     if( operation->alg == PSA_ALG_GCM )
@@ -672,66 +658,6 @@
     return ( status );
 }
 
-/* Finish authenticating and decrypting a message in a multipart AEAD
- * operation.*/
-psa_status_t mbedtls_psa_aead_verify(
-    mbedtls_psa_aead_operation_t *operation,
-    uint8_t *plaintext,
-    size_t plaintext_size,
-    size_t *plaintext_length,
-    const uint8_t *tag,
-    size_t tag_length )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-    size_t finish_output_size = 0;
-    int do_tag_check = 1;
-    uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];
-
-    status = mbedtls_psa_aead_finish_checks( operation, tag_length );
-
-    if( status != PSA_SUCCESS )
-        return status;
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
-    if( operation->alg == PSA_ALG_GCM )
-        /* Call finish to get the tag for comparison */
-        status =  mbedtls_to_psa_error(
-           mbedtls_gcm_finish( &operation->ctx.gcm,
-                               plaintext, plaintext_size,
-                               check_tag, operation->tag_length ) );
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
-    if( operation->alg == PSA_ALG_CHACHA20_POLY1305 )
-        // call finish to get the tag for comparison.
-        status = mbedtls_to_psa_error(
-           mbedtls_chachapoly_finish( &operation->ctx.chachapoly,
-                                      check_tag ) );
-
-    else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
-    {
-        ( void ) plaintext;
-        ( void ) plaintext_size;
-        ( void ) plaintext_length;
-        ( void ) tag;
-        ( void ) tag_length;
-
-        return ( PSA_ERROR_NOT_SUPPORTED );
-    }
-
-    if( status == PSA_SUCCESS )
-    {
-        *plaintext_length = finish_output_size;
-
-        if( do_tag_check && ( tag_length != operation->tag_length ||
-            mbedtls_psa_safer_memcmp(tag, check_tag, tag_length) != 0 ) )
-            status = PSA_ERROR_INVALID_SIGNATURE;
-    }
-
-    return ( status );
-}
-
 /* Abort an AEAD operation */
 psa_status_t mbedtls_psa_aead_abort(
    mbedtls_psa_aead_operation_t *operation )
diff --git a/library/psa_crypto_aead.h b/library/psa_crypto_aead.h
index c664f9f..38202b6 100644
--- a/library/psa_crypto_aead.h
+++ b/library/psa_crypto_aead.h
@@ -491,77 +491,6 @@
     size_t tag_size,
     size_t *tag_length );
 
-/** Finish authenticating and decrypting a message in an AEAD operation.
- *
- *  \note The signature of this function is that of a PSA driver
- *       aead_verify entry point. This function behaves as an aead_verify entry
- *       point as defined in the PSA driver interface specification for
- *       transparent drivers.
- *
- * The operation must have been set up by the PSA core with
- * mbedtls_psa_aead_decrypt_setup().
- *
- * This function finishes the authenticated decryption of the message
- * components:
- *
- * -  The additional data consisting of the concatenation of the inputs
- *    passed to preceding calls to mbedtls_psa_aead_update_ad().
- * -  The ciphertext consisting of the concatenation of the inputs passed to
- *    preceding calls to mbedtls_psa_aead_update().
- * -  The tag passed to this function call.
- *
- * If the authentication tag is correct, this function outputs any remaining
- * plaintext and reports success. If the authentication tag is not correct,
- * this function returns #PSA_ERROR_INVALID_SIGNATURE.
- *
- * Whether or not this function returns successfully, the PSA core subsequently
- * calls mbedtls_psa_aead_abort() to deactivate the operation.
- *
- * \note Implementations shall make the best effort to ensure that the
- * comparison between the actual tag and the expected tag is performed
- * in constant time.
- *
- * \param[in,out] operation     Active AEAD operation.
- * \param[out] plaintext        Buffer where the last part of the plaintext
- *                              is to be written. This is the remaining data
- *                              from previous calls to mbedtls_psa_aead_update()
- *                              that could not be processed until the end
- *                              of the input.
- * \param plaintext_size        Size of the \p plaintext buffer in bytes.
- *                              This must be appropriate for the selected
- *                              algorithm and key:
- *                              - A sufficient output size is
- *                                #PSA_AEAD_VERIFY_OUTPUT_SIZE(\c key_type,
- *                                \c alg) where \c key_type is the type of key
- *                                and \c alg is the algorithm that were used to
- *                                set up the operation.
- *                              - #PSA_AEAD_VERIFY_OUTPUT_MAX_SIZE evaluates to
- *                                the maximum output size of any supported AEAD
- *                                algorithm.
- * \param[out] plaintext_length On success, the number of bytes of
- *                              returned plaintext.
- * \param[in] tag               Buffer containing the authentication tag.
- * \param tag_length            Size of the \p tag buffer in bytes.
- *
- * \retval #PSA_SUCCESS
- *         Success.
- * \retval #PSA_ERROR_INVALID_SIGNATURE
- *         The calculations were successful, but the authentication tag is
- *         not correct.
- * \retval #PSA_ERROR_BUFFER_TOO_SMALL
- *         The size of the \p tag buffer is too small.
- *         #PSA_AEAD_TAG_LENGTH(\c key_type, key_bits, \c alg) or
- *         #PSA_AEAD_TAG_MAX_SIZE can be used to determine the required \p tag
- *         buffer size.
- */
-psa_status_t mbedtls_psa_aead_verify(
-    mbedtls_psa_aead_operation_t *operation,
-    uint8_t *plaintext,
-    size_t plaintext_size,
-    size_t *plaintext_length,
-    const uint8_t *tag,
-    size_t tag_length );
-
 /** Abort an AEAD operation.
  *
  *  \note The signature of this function is that of a PSA driver
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index 48410c0..09fff0c 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -1739,11 +1739,29 @@
     {
 #if defined(MBEDTLS_PSA_BUILTIN_AEAD)
         case PSA_CRYPTO_MBED_TLS_DRIVER_ID:
-            return( mbedtls_psa_aead_verify( &operation->ctx.mbedtls_ctx,
-                                             plaintext,
-                                             plaintext_size,
-                                             plaintext_length,
-                                             tag, tag_length ) );
+            {
+                psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+                uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];
+                size_t check_tag_length;
+
+                status = mbedtls_psa_aead_finish( &operation->ctx.mbedtls_ctx,
+                                                  plaintext,
+                                                  plaintext_size,
+                                                  plaintext_length,
+                                                  check_tag,
+                                                  tag_length,
+                                                  &check_tag_length );
+
+                if( status == PSA_SUCCESS )
+                {
+                    if( tag_length != check_tag_length ||
+                        mbedtls_psa_safer_memcmp( tag, check_tag, tag_length )
+                        != 0 )
+                        status = PSA_ERROR_INVALID_SIGNATURE;
+                }
+
+                return( status );
+            }
 
 #endif /* MBEDTLS_PSA_BUILTIN_AEAD */