Hi Christian,
On 30/08/2023 19:35, Christian Huitema via mbed-tls wrote:
The
example of AEAD encryption in "aead_demo" is very useful. Is there
a similar example for decryption?
It's odd that this program doesn't do decryption. I've filed an
issue to improve it (https://github.com/Mbed-TLS/mbedtls/issues/8139).
There's an example of one-shot AEAD in key_ladder_demo.
The documentation
of psa_aead_decrypt_setup doesn't have a code sample, but it
does describe the order of operations. There's a slightly different
presentation of the flow of operation in the (not yet reviewed)
migration guide https://github.com/Mbed-TLS/mbedtls/blob/909cf5a3ecc1e91c62e148f96f03400ca88869ff/docs/psa-transition.md#authenticated-cipher-operations
from https://github.com/Mbed-TLS/mbedtls/pull/7766
.
Test code tends to be overly complicated compared to application
code, but you can find a working example in
tests/suites/test_suite_psa_crypto.function in the function
aead_multipart_verify().
Best regards,
--
Gilles Peskine
Mbed TLS developer