Remove temporary AEAD CCM implementation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index 6cb05e4..a4479d7 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -3756,14 +3756,6 @@
*/
//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
-/**
- * Internal define that removes the zeroization of the output when decrypting
- * CCM and the tag check fails. This is for internal use only, and was added so
- * that PSA multipart CCM could be implmented. This option will be removed at
- * some point in the future when proper CCM multipart support is implemented.
- * Use at own risk.
- */
-//#define MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
/* \} name SECTION: Customisation configuration options */
/* Target and application specific configurations
diff --git a/library/ccm.c b/library/ccm.c
index d52e7b0..424ee77 100644
--- a/library/ccm.c
+++ b/library/ccm.c
@@ -386,9 +386,7 @@
if( diff != 0 )
{
-#ifndef MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
mbedtls_platform_zeroize( output, length );
-#endif
return( MBEDTLS_ERR_CCM_AUTH_FAILED );
}
diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c
index 10849b2..fb86775 100644
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@@ -346,6 +346,13 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
+ {
+ return ( PSA_ERROR_NOT_SUPPORTED );
+ }
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+
status = psa_aead_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
@@ -366,7 +373,12 @@
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- (void) key_buffer_size;
+ #if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+ if( operation->alg == PSA_ALG_CCM )
+ {
+ return ( PSA_ERROR_NOT_SUPPORTED );
+ }
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
status = psa_aead_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
@@ -405,18 +417,10 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
- operation->nonce = mbedtls_calloc( 1, nonce_length );
+ ( void ) nonce;
+ ( void ) nonce_length;
- if( operation->nonce == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
- /* Multipart CCM not supported as yet, so CCM is basically operating
- in oneshot mode. Store the nonce as we need this later */
- memcpy( operation->nonce, nonce, nonce_length );
-
- /* We know that nonce size cannot exceed the uint8_t size */
- operation->nonce_length = nonce_length;
- status = PSA_SUCCESS;
+ return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@@ -527,21 +531,10 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
- /* CCM requires all additional data to be passed in in one go at the
- minute, as we are basically operating in oneshot mode. */
- if( operation->ad_started )
- return( PSA_ERROR_NOT_SUPPORTED );
+ (void) input;
+ (void) input_length;
- /* Save the additional data for later, this will be passed in
- when we have the body. */
- operation->ad_buffer = ( uint8_t * ) mbedtls_calloc( 1, input_length );
-
- if( operation->ad_buffer == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
- memcpy( operation->ad_buffer, input, input_length );
- operation->ad_length = input_length;
- status = PSA_SUCCESS;
+ return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@@ -580,7 +573,6 @@
{
size_t update_output_length;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
update_output_length = input_length;
@@ -609,67 +601,10 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
- /* CCM does not support multipart yet, so all the input has to be
- passed in in one go. */
- if( operation->body_started )
- return( PSA_ERROR_NOT_SUPPORTED );
+ (void) input;
+ (void) input_length;
- /* Need to store tag for Finish() / Verify() */
- operation->tag_buffer =
- ( uint8_t * ) mbedtls_calloc( 1, operation->tag_length );
-
- if( operation->tag_buffer == NULL)
- {
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- }
-
- if( operation->is_encrypt )
- {
- /* Perform oneshot CCM encryption with additional data already
- stored, as CCM does not support multipart yet.*/
- status = mbedtls_to_psa_error(
- mbedtls_ccm_encrypt_and_tag( &operation->ctx.ccm,
- input_length,
- operation->nonce,
- operation->nonce_length,
- operation->ad_buffer,
- operation->ad_length,
- input,
- output,
- operation->tag_buffer,
- operation->tag_length ) );
-
- }
- else
- {
- /* Need to back up the body data so we can do this again
- later.*/
- operation->body_buffer =
- ( uint8_t * ) mbedtls_calloc(1, input_length );
-
- if( operation->body_buffer == NULL)
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
- memcpy( operation->body_buffer, input, input_length );
- operation->body_length = input_length;
-
- /* this will fail, as the tag is clearly false, but will
- write the decrypted data to the output buffer.*/
- ret = mbedtls_ccm_auth_decrypt( &operation->ctx.ccm,
- input_length,
- operation->nonce,
- operation->nonce_length,
- operation->ad_buffer,
- operation->ad_length,
- input, output,
- operation->tag_buffer,
- operation->tag_length );
-
- if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
- status = PSA_SUCCESS;
- else
- status = mbedtls_to_psa_error( ret );
- }
+ return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@@ -752,10 +687,14 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
- /* Copy the previously generated tag into place */
- memcpy( tag, operation->tag_buffer, operation->tag_length );
+ ( void ) ciphertext;
+ ( void ) ciphertext_size;
+ ( void ) ciphertext_length;
+ ( void ) tag;
+ ( void ) tag_size;
+ ( void ) tag_length;
- status = PSA_SUCCESS;
+ return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@@ -797,10 +736,6 @@
size_t tag_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
-
- uint8_t * temp_buffer;
- size_t temp_buffer_size;
size_t finish_output_size = 0;
@@ -825,38 +760,13 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
- /* Perform oneshot CCM decryption *again*, as its the
- * only way to get the tag, but this time throw away the
- results, as verify cannot write that much data. */
- temp_buffer_size = PSA_AEAD_UPDATE_OUTPUT_SIZE( operation->key_type,
- operation->alg,
- operation->body_length
- );
+ ( void ) plaintext;
+ ( void ) plaintext_size;
+ ( void ) plaintext_length;
+ ( void ) tag;
+ ( void ) tag_length;
- temp_buffer = ( uint8_t * ) mbedtls_calloc(1, temp_buffer_size );
-
- if( temp_buffer == NULL)
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
-
- ret = mbedtls_ccm_auth_decrypt( &operation->ctx.ccm,
- operation->body_length,
- operation->nonce,
- operation->nonce_length,
- operation->ad_buffer,
- operation->ad_length,
- operation->body_buffer,
- temp_buffer, tag, tag_length );
-
- if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
- status = PSA_ERROR_INVALID_SIGNATURE;
- else
- {
- status = mbedtls_to_psa_error( ret );
- do_tag_check = 0;
- }
-
- /* Even if the above operation fails, we no longer need the data */
- mbedtls_free( temp_buffer );
+ return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
diff --git a/programs/test/query_config.c b/programs/test/query_config.c
index 647279d..450e2fb 100644
--- a/programs/test/query_config.c
+++ b/programs/test/query_config.c
@@ -2723,14 +2723,6 @@
}
#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
-#if defined(MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL)
- if( strcmp( "MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL", config ) == 0 )
- {
- MACRO_EXPANSION_TO_STR( MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL );
- return( 0 );
- }
-#endif /* MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL */
-
/* If the symbol is not found, return an error */
return( 1 );
}
diff --git a/scripts/config.py b/scripts/config.py
index f9f0605..a77ead0 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -197,7 +197,6 @@
'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature
'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS
'MBEDTLS_X509_REMOVE_INFO', # removes a feature
- 'MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL', # lowers security of CCM
])
def is_seamless_alt(name):
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 177d688..c2e80e1 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -2062,118 +2062,6 @@
depends_on:MBEDTLS_CHACHA20_C
aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_NOT_SUPPORTED
-PSA Multipart AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":-1:"0C0D0E0F101112131415161718191A1B1C1D1E":-1:PSA_SUCCESS
-
-PSA Multipart AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":-1:"B96B49E21D621741632875DB7F6C9243D2D7C2":-1:PSA_SUCCESS
-
-PSA Multipart AEAD encrypt/decrypt: DES-CCM not supported
-depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":-1:"B96B49E21D621741632875DB7F6C9243D2D7C2":-1:PSA_ERROR_NOT_SUPPORTED
-
-PSA Multipart AEAD encrypt: AES-CCM, 23 bytes
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":-1:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":-1:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
-
-PSA Multipart AEAD encrypt: AES-CCM, 24 bytes
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
-
-PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=4
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
-
-PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=6
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
-
-PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=8
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
-
-PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=10
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
-
-PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=12
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
-
-PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=14
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
-
-PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=16
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
-
-PSA Multipart AEAD decrypt: AES-CCM, 39 bytes
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":-1:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":-1:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt, AES-CCM, 40 bytes
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=4
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=6
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=8
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=10
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=12
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=14
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=16
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
-
-PSA Multipart AEAD decrypt: AES-CCM, invalid signature
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
-
-PSA Multipart AEAD decrypt: AES-CCM, invalid signature, T=4
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
-
-PSA Multipart AEAD decrypt: AES-CCM, T=4, tag is truncated tag for T=16
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
-
-PSA Multipart AEAD decrypt: AES-CCM, invalid tag length 0
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA Multipart AEAD decrypt: AES-CCM, invalid tag length 2
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA Multipart AEAD decrypt: AES-CCM, invalid tag length 15
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
-PSA Multipart AEAD decrypt: AES-CCM, invalid tag length 18
-depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
-aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
-
PSA Multipart AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":-1:"0C0D0E0F101112131415161718191A1B1C1D1E":-1:PSA_SUCCESS