Remove temporary AEAD CCM implementation

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
Paul Elliott 2021-05-20 18:57:02 +01:00
parent e715f88d9d
commit 60aa203e30
6 changed files with 35 additions and 256 deletions

View file

@ -3756,14 +3756,6 @@
*/
//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
/**
* Internal define that removes the zeroization of the output when decrypting
* CCM and the tag check fails. This is for internal use only, and was added so
* that PSA multipart CCM could be implmented. This option will be removed at
* some point in the future when proper CCM multipart support is implemented.
* Use at own risk.
*/
//#define MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
/* \} name SECTION: Customisation configuration options */
/* Target and application specific configurations

View file

@ -386,9 +386,7 @@ int mbedtls_ccm_star_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
if( diff != 0 )
{
#ifndef MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
mbedtls_platform_zeroize( output, length );
#endif
return( MBEDTLS_ERR_CCM_AUTH_FAILED );
}

View file

@ -346,6 +346,13 @@ psa_status_t mbedtls_psa_aead_encrypt_setup(
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
return ( PSA_ERROR_NOT_SUPPORTED );
}
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
status = psa_aead_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
@ -366,7 +373,12 @@ psa_status_t mbedtls_psa_aead_decrypt_setup(
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
(void) key_buffer_size;
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
return ( PSA_ERROR_NOT_SUPPORTED );
}
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
status = psa_aead_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
@ -405,18 +417,10 @@ psa_status_t mbedtls_psa_aead_set_nonce(
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
operation->nonce = mbedtls_calloc( 1, nonce_length );
( void ) nonce;
( void ) nonce_length;
if( operation->nonce == NULL )
return( PSA_ERROR_INSUFFICIENT_MEMORY );
/* Multipart CCM not supported as yet, so CCM is basically operating
in oneshot mode. Store the nonce as we need this later */
memcpy( operation->nonce, nonce, nonce_length );
/* We know that nonce size cannot exceed the uint8_t size */
operation->nonce_length = nonce_length;
status = PSA_SUCCESS;
return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@ -527,21 +531,10 @@ psa_status_t mbedtls_psa_aead_update_ad(
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
/* CCM requires all additional data to be passed in in one go at the
minute, as we are basically operating in oneshot mode. */
if( operation->ad_started )
return( PSA_ERROR_NOT_SUPPORTED );
(void) input;
(void) input_length;
/* Save the additional data for later, this will be passed in
when we have the body. */
operation->ad_buffer = ( uint8_t * ) mbedtls_calloc( 1, input_length );
if( operation->ad_buffer == NULL )
return( PSA_ERROR_INSUFFICIENT_MEMORY );
memcpy( operation->ad_buffer, input, input_length );
operation->ad_length = input_length;
status = PSA_SUCCESS;
return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@ -580,7 +573,6 @@ psa_status_t mbedtls_psa_aead_update(
{
size_t update_output_length;
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
update_output_length = input_length;
@ -609,67 +601,10 @@ psa_status_t mbedtls_psa_aead_update(
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
/* CCM does not support multipart yet, so all the input has to be
passed in in one go. */
if( operation->body_started )
return( PSA_ERROR_NOT_SUPPORTED );
(void) input;
(void) input_length;
/* Need to store tag for Finish() / Verify() */
operation->tag_buffer =
( uint8_t * ) mbedtls_calloc( 1, operation->tag_length );
if( operation->tag_buffer == NULL)
{
return( PSA_ERROR_INSUFFICIENT_MEMORY );
}
if( operation->is_encrypt )
{
/* Perform oneshot CCM encryption with additional data already
stored, as CCM does not support multipart yet.*/
status = mbedtls_to_psa_error(
mbedtls_ccm_encrypt_and_tag( &operation->ctx.ccm,
input_length,
operation->nonce,
operation->nonce_length,
operation->ad_buffer,
operation->ad_length,
input,
output,
operation->tag_buffer,
operation->tag_length ) );
}
else
{
/* Need to back up the body data so we can do this again
later.*/
operation->body_buffer =
( uint8_t * ) mbedtls_calloc(1, input_length );
if( operation->body_buffer == NULL)
return( PSA_ERROR_INSUFFICIENT_MEMORY );
memcpy( operation->body_buffer, input, input_length );
operation->body_length = input_length;
/* this will fail, as the tag is clearly false, but will
write the decrypted data to the output buffer.*/
ret = mbedtls_ccm_auth_decrypt( &operation->ctx.ccm,
input_length,
operation->nonce,
operation->nonce_length,
operation->ad_buffer,
operation->ad_length,
input, output,
operation->tag_buffer,
operation->tag_length );
if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
status = PSA_SUCCESS;
else
status = mbedtls_to_psa_error( ret );
}
return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@ -752,10 +687,14 @@ psa_status_t mbedtls_psa_aead_finish(
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
/* Copy the previously generated tag into place */
memcpy( tag, operation->tag_buffer, operation->tag_length );
( void ) ciphertext;
( void ) ciphertext_size;
( void ) ciphertext_length;
( void ) tag;
( void ) tag_size;
( void ) tag_length;
status = PSA_SUCCESS;
return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
@ -797,10 +736,6 @@ psa_status_t mbedtls_psa_aead_verify(
size_t tag_length )
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
uint8_t * temp_buffer;
size_t temp_buffer_size;
size_t finish_output_size = 0;
@ -825,38 +760,13 @@ psa_status_t mbedtls_psa_aead_verify(
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
if( operation->alg == PSA_ALG_CCM )
{
/* Perform oneshot CCM decryption *again*, as its the
* only way to get the tag, but this time throw away the
results, as verify cannot write that much data. */
temp_buffer_size = PSA_AEAD_UPDATE_OUTPUT_SIZE( operation->key_type,
operation->alg,
operation->body_length
);
( void ) plaintext;
( void ) plaintext_size;
( void ) plaintext_length;
( void ) tag;
( void ) tag_length;
temp_buffer = ( uint8_t * ) mbedtls_calloc(1, temp_buffer_size );
if( temp_buffer == NULL)
return( PSA_ERROR_INSUFFICIENT_MEMORY );
ret = mbedtls_ccm_auth_decrypt( &operation->ctx.ccm,
operation->body_length,
operation->nonce,
operation->nonce_length,
operation->ad_buffer,
operation->ad_length,
operation->body_buffer,
temp_buffer, tag, tag_length );
if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
status = PSA_ERROR_INVALID_SIGNATURE;
else
{
status = mbedtls_to_psa_error( ret );
do_tag_check = 0;
}
/* Even if the above operation fails, we no longer need the data */
mbedtls_free( temp_buffer );
return ( PSA_ERROR_NOT_SUPPORTED );
}
else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */

View file

@ -2723,14 +2723,6 @@ int query_config( const char *config )
}
#endif /* MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
#if defined(MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL)
if( strcmp( "MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL", config ) == 0 )
{
MACRO_EXPANSION_TO_STR( MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL );
return( 0 );
}
#endif /* MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL */
/* If the symbol is not found, return an error */
return( 1 );
}

View file

@ -197,7 +197,6 @@ EXCLUDE_FROM_FULL = frozenset([
'MBEDTLS_TEST_NULL_ENTROPY', # removes a feature
'MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION', # influences the use of X.509 in TLS
'MBEDTLS_X509_REMOVE_INFO', # removes a feature
'MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL', # lowers security of CCM
])
def is_seamless_alt(name):

View file

@ -2062,118 +2062,6 @@ PSA AEAD encrypt/decrypt: invalid algorithm (ChaCha20)
depends_on:MBEDTLS_CHACHA20_C
aead_encrypt_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_STREAM_CIPHER:"":"":"":PSA_ERROR_NOT_SUPPORTED
PSA Multipart AEAD encrypt/decrypt: AES-CCM, 19 bytes #1
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_CCM:"000102030405060708090A0B":"000102030405060708090A0B":-1:"0C0D0E0F101112131415161718191A1B1C1D1E":-1:PSA_SUCCESS
PSA Multipart AEAD encrypt/decrypt: AES-CCM, 19 bytes #2
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":-1:"B96B49E21D621741632875DB7F6C9243D2D7C2":-1:PSA_SUCCESS
PSA Multipart AEAD encrypt/decrypt: DES-CCM not supported
depends_on:MBEDTLS_DES_C:MBEDTLS_CCM_C:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt_decrypt:PSA_KEY_TYPE_DES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"000102030405060708090A0B":"EC46BB63B02520C33C49FD70":-1:"B96B49E21D621741632875DB7F6C9243D2D7C2":-1:PSA_ERROR_NOT_SUPPORTED
PSA Multipart AEAD encrypt: AES-CCM, 23 bytes
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":-1:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":-1:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8"
PSA Multipart AEAD encrypt: AES-CCM, 24 bytes
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=4
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39"
PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=6
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc"
PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=8
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776"
PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=10
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e"
PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=12
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846"
PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=14
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f"
PSA Multipart AEAD encrypt: AES-CCM, 24 bytes, T=16
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_encrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9"
PSA Multipart AEAD decrypt: AES-CCM, 39 bytes
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CCM:"00412B4EA9CDBE3C9696766CFA":"0BE1A88BACE018B1":-1:"4CB97F86A2A4689A877947AB8091EF5386A6FFBDD080F8120333D1FCB691F3406CBF531F83A4D8":-1:"08E8CF97D820EA258460E96AD9CF5289054D895CEAC47C":PSA_SUCCESS
PSA Multipart AEAD decrypt, AES-CCM, 40 bytes
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=4
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f39":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=6
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 6 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b63fdffcd729bc":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=8
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 8 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b64cf2c3bf5f220776":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=10
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 10 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69613343621327defd18e":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=12
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 12 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b69a2e5d8faee3138fa5cf9846":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=14
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 14 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6c99af01cdb6aa76df73c8646c27f":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA Multipart AEAD decrypt: AES-CCM, 24 bytes, T=16
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 16 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_SUCCESS
PSA Multipart AEAD decrypt: AES-CCM, invalid signature
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_CCM:"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26d56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6d80e8bf80f4a46cab06d4313f0db9be9":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
PSA Multipart AEAD decrypt: AES-CCM, invalid signature, T=4
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6643b4f38":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
PSA Multipart AEAD decrypt: AES-CCM, T=4, tag is truncated tag for T=16
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 4 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_SIGNATURE
PSA Multipart AEAD decrypt: AES-CCM, invalid tag length 0
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA Multipart AEAD decrypt: AES-CCM, invalid tag length 2
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 2 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA Multipart AEAD decrypt: AES-CCM, invalid tag length 15
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 15 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA Multipart AEAD decrypt: AES-CCM, invalid tag length 18
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES:MBEDTLS_INTERNAL_CCM_NO_ZEROIZE_ON_TAG_FAIL
aead_multipart_decrypt:PSA_KEY_TYPE_AES:"4189351B5CAEA375A0299E81C621BF43":PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 18 ):"48c0906930561e0ab0ef4cd972":"40a27c1d1e23ea3dbe8056b2774861a4a201cce49f19997d19206d8c8a343951":-1:"26c56961c035a7e452cce61bc6ee220d77b3f94d18fd10b6":-1:"4535d12b4377928a7c0a61c9f825a48671ea05910748c8ef":PSA_ERROR_INVALID_ARGUMENT
PSA Multipart AEAD encrypt/decrypt, AES-GCM, 19 bytes #1
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES
aead_multipart_encrypt_decrypt:PSA_KEY_TYPE_AES:"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF":PSA_ALG_GCM:"000102030405060708090A0B0C0D0E0F":"000102030405060708090A0B":-1:"0C0D0E0F101112131415161718191A1B1C1D1E":-1:PSA_SUCCESS