Hi Christian,
On 30/08/2023 19:35, Christian Huitema via mbed-tls wrote:
The example of AEAD encryption in "aead_demo" is very useful. Is there a similar example for decryption?
It's odd that this program doesn't do decryption. I've filed an issue to improve it (https://github.com/Mbed-TLS/mbedtls/issues/8139).
There's an example of one-shot AEAD in key_ladder_demo.
The documentation of psa_aead_decrypt_setup https://mbed-tls.readthedocs.io/projects/api/en/development/api/group/group__aead/#group__aead_1gaaa5c5018e67a7a6514b7e76b9a14de26 doesn't have a code sample, but it does describe the order of operations. There's a slightly different presentation of the flow of operation in the (not yet reviewed) migration guide https://github.com/Mbed-TLS/mbedtls/blob/909cf5a3ecc1e91c62e148f96f03400ca88... from https://github.com/Mbed-TLS/mbedtls/pull/7766 .
Test code tends to be overly complicated compared to application code, but you can find a working example in tests/suites/test_suite_psa_crypto.function in the function aead_multipart_verify().
Best regards,