Switch to the new code style
Signed-off-by: David Horstmann <david.horstmann@arm.com>
diff --git a/library/psa_crypto_cipher.c b/library/psa_crypto_cipher.c
index 13006fa..d216339 100644
--- a/library/psa_crypto_cipher.c
+++ b/library/psa_crypto_cipher.c
@@ -35,18 +35,17 @@
psa_algorithm_t alg,
psa_key_type_t key_type,
size_t key_bits,
- mbedtls_cipher_id_t* cipher_id )
+ mbedtls_cipher_id_t *cipher_id)
{
mbedtls_cipher_mode_t mode;
mbedtls_cipher_id_t cipher_id_tmp;
- if( PSA_ALG_IS_AEAD( alg ) )
- alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 );
+ if (PSA_ALG_IS_AEAD(alg)) {
+ alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(alg, 0);
+ }
- if( PSA_ALG_IS_CIPHER( alg ) || PSA_ALG_IS_AEAD( alg ) )
- {
- switch( alg )
- {
+ if (PSA_ALG_IS_CIPHER(alg) || PSA_ALG_IS_AEAD(alg)) {
+ switch (alg) {
#if defined(MBEDTLS_PSA_BUILTIN_ALG_STREAM_CIPHER)
case PSA_ALG_STREAM_CIPHER:
mode = MBEDTLS_MODE_STREAM;
@@ -83,31 +82,30 @@
break;
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
- case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, 0):
mode = MBEDTLS_MODE_CCM;
break;
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
- case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_GCM, 0):
mode = MBEDTLS_MODE_GCM;
break;
#endif
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
- case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
+ case PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305, 0):
mode = MBEDTLS_MODE_CHACHAPOLY;
break;
#endif
default:
- return( NULL );
+ return NULL;
}
- }
- else if( alg == PSA_ALG_CMAC )
+ } else if (alg == PSA_ALG_CMAC) {
mode = MBEDTLS_MODE_ECB;
- else
- return( NULL );
+ } else {
+ return NULL;
+ }
- switch( key_type )
- {
+ switch (key_type) {
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_AES)
case PSA_KEY_TYPE_AES:
cipher_id_tmp = MBEDTLS_CIPHER_ID_AES;
@@ -122,15 +120,17 @@
case PSA_KEY_TYPE_DES:
/* key_bits is 64 for Single-DES, 128 for two-key Triple-DES,
* and 192 for three-key Triple-DES. */
- if( key_bits == 64 )
+ if (key_bits == 64) {
cipher_id_tmp = MBEDTLS_CIPHER_ID_DES;
- else
+ } else {
cipher_id_tmp = MBEDTLS_CIPHER_ID_3DES;
+ }
/* mbedtls doesn't recognize two-key Triple-DES as an algorithm,
* but two-key Triple-DES is functionally three-key Triple-DES
* with K1=K3, so that's how we present it to mbedtls. */
- if( key_bits == 128 )
+ if (key_bits == 128) {
key_bits = 192;
+ }
break;
#endif
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_CAMELLIA)
@@ -149,13 +149,14 @@
break;
#endif
default:
- return( NULL );
+ return NULL;
}
- if( cipher_id != NULL )
+ if (cipher_id != NULL) {
*cipher_id = cipher_id_tmp;
+ }
- return( mbedtls_cipher_info_from_values( cipher_id_tmp,
- (int) key_bits, mode ) );
+ return mbedtls_cipher_info_from_values(cipher_id_tmp,
+ (int) key_bits, mode);
}
#if defined(MBEDTLS_PSA_BUILTIN_CIPHER)
@@ -165,110 +166,112 @@
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
psa_algorithm_t alg,
- mbedtls_operation_t cipher_operation )
+ mbedtls_operation_t cipher_operation)
{
int ret = 0;
size_t key_bits;
const mbedtls_cipher_info_t *cipher_info = NULL;
psa_key_type_t key_type = attributes->core.type;
- (void)key_buffer_size;
+ (void) key_buffer_size;
- mbedtls_cipher_init( &operation->ctx.cipher );
+ mbedtls_cipher_init(&operation->ctx.cipher);
operation->alg = alg;
key_bits = attributes->core.bits;
- cipher_info = mbedtls_cipher_info_from_psa( alg, key_type,
- key_bits, NULL );
- if( cipher_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
+ cipher_info = mbedtls_cipher_info_from_psa(alg, key_type,
+ key_bits, NULL);
+ if (cipher_info == NULL) {
+ return PSA_ERROR_NOT_SUPPORTED;
+ }
- ret = mbedtls_cipher_setup( &operation->ctx.cipher, cipher_info );
- if( ret != 0 )
+ ret = mbedtls_cipher_setup(&operation->ctx.cipher, cipher_info);
+ if (ret != 0) {
goto exit;
+ }
#if defined(MBEDTLS_PSA_BUILTIN_KEY_TYPE_DES)
- if( key_type == PSA_KEY_TYPE_DES && key_bits == 128 )
- {
+ if (key_type == PSA_KEY_TYPE_DES && key_bits == 128) {
/* Two-key Triple-DES is 3-key Triple-DES with K1=K3 */
uint8_t keys[24];
- memcpy( keys, key_buffer, 16 );
- memcpy( keys + 16, key_buffer, 8 );
- ret = mbedtls_cipher_setkey( &operation->ctx.cipher,
- keys,
- 192, cipher_operation );
- }
- else
+ memcpy(keys, key_buffer, 16);
+ memcpy(keys + 16, key_buffer, 8);
+ ret = mbedtls_cipher_setkey(&operation->ctx.cipher,
+ keys,
+ 192, cipher_operation);
+ } else
#endif
{
- ret = mbedtls_cipher_setkey( &operation->ctx.cipher, key_buffer,
- (int) key_bits, cipher_operation );
+ ret = mbedtls_cipher_setkey(&operation->ctx.cipher, key_buffer,
+ (int) key_bits, cipher_operation);
}
- if( ret != 0 )
+ if (ret != 0) {
goto exit;
+ }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7)
- switch( alg )
- {
+ switch (alg) {
case PSA_ALG_CBC_NO_PADDING:
- ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
- MBEDTLS_PADDING_NONE );
+ ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher,
+ MBEDTLS_PADDING_NONE);
break;
case PSA_ALG_CBC_PKCS7:
- ret = mbedtls_cipher_set_padding_mode( &operation->ctx.cipher,
- MBEDTLS_PADDING_PKCS7 );
+ ret = mbedtls_cipher_set_padding_mode(&operation->ctx.cipher,
+ MBEDTLS_PADDING_PKCS7);
break;
default:
/* The algorithm doesn't involve padding. */
ret = 0;
break;
}
- if( ret != 0 )
+ if (ret != 0) {
goto exit;
+ }
#endif /* MBEDTLS_PSA_BUILTIN_ALG_CBC_NO_PADDING ||
MBEDTLS_PSA_BUILTIN_ALG_CBC_PKCS7 */
- operation->block_length = ( PSA_ALG_IS_STREAM_CIPHER( alg ) ? 1 :
- PSA_BLOCK_CIPHER_BLOCK_LENGTH( key_type ) );
- operation->iv_length = PSA_CIPHER_IV_LENGTH( key_type, alg );
+ operation->block_length = (PSA_ALG_IS_STREAM_CIPHER(alg) ? 1 :
+ PSA_BLOCK_CIPHER_BLOCK_LENGTH(key_type));
+ operation->iv_length = PSA_CIPHER_IV_LENGTH(key_type, alg);
exit:
- return( mbedtls_to_psa_error( ret ) );
+ return mbedtls_to_psa_error(ret);
}
psa_status_t mbedtls_psa_cipher_encrypt_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg )
+ psa_algorithm_t alg)
{
- return( psa_cipher_setup( operation, attributes,
- key_buffer, key_buffer_size,
- alg, MBEDTLS_ENCRYPT ) );
+ return psa_cipher_setup(operation, attributes,
+ key_buffer, key_buffer_size,
+ alg, MBEDTLS_ENCRYPT);
}
psa_status_t mbedtls_psa_cipher_decrypt_setup(
mbedtls_psa_cipher_operation_t *operation,
const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, size_t key_buffer_size,
- psa_algorithm_t alg )
+ psa_algorithm_t alg)
{
- return( psa_cipher_setup( operation, attributes,
- key_buffer, key_buffer_size,
- alg, MBEDTLS_DECRYPT ) );
+ return psa_cipher_setup(operation, attributes,
+ key_buffer, key_buffer_size,
+ alg, MBEDTLS_DECRYPT);
}
psa_status_t mbedtls_psa_cipher_set_iv(
mbedtls_psa_cipher_operation_t *operation,
- const uint8_t *iv, size_t iv_length )
+ const uint8_t *iv, size_t iv_length)
{
- if( iv_length != operation->iv_length )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ if (iv_length != operation->iv_length) {
+ return PSA_ERROR_INVALID_ARGUMENT;
+ }
- return( mbedtls_to_psa_error(
- mbedtls_cipher_set_iv( &operation->ctx.cipher,
- iv, iv_length ) ) );
+ return mbedtls_to_psa_error(
+ mbedtls_cipher_set_iv(&operation->ctx.cipher,
+ iv, iv_length));
}
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING)
@@ -300,43 +303,42 @@
const uint8_t *input,
size_t input_length,
uint8_t *output,
- size_t *output_length )
+ size_t *output_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t block_size = ctx->cipher_info->block_size;
size_t internal_output_length = 0;
*output_length = 0;
- if( input_length == 0 )
- {
+ if (input_length == 0) {
status = PSA_SUCCESS;
goto exit;
}
- if( ctx->unprocessed_len > 0 )
- {
+ if (ctx->unprocessed_len > 0) {
/* Fill up to block size, and run the block if there's a full one. */
size_t bytes_to_copy = block_size - ctx->unprocessed_len;
- if( input_length < bytes_to_copy )
+ if (input_length < bytes_to_copy) {
bytes_to_copy = input_length;
+ }
- memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
- input, bytes_to_copy );
+ memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]),
+ input, bytes_to_copy);
input_length -= bytes_to_copy;
input += bytes_to_copy;
ctx->unprocessed_len += bytes_to_copy;
- if( ctx->unprocessed_len == block_size )
- {
+ if (ctx->unprocessed_len == block_size) {
status = mbedtls_to_psa_error(
- mbedtls_cipher_update( ctx,
- ctx->unprocessed_data,
- block_size,
- output, &internal_output_length ) );
+ mbedtls_cipher_update(ctx,
+ ctx->unprocessed_data,
+ block_size,
+ output, &internal_output_length));
- if( status != PSA_SUCCESS )
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
output += internal_output_length;
*output_length += internal_output_length;
@@ -344,16 +346,16 @@
}
}
- while( input_length >= block_size )
- {
+ while (input_length >= block_size) {
/* Run all full blocks we have, one by one */
status = mbedtls_to_psa_error(
- mbedtls_cipher_update( ctx, input,
- block_size,
- output, &internal_output_length ) );
+ mbedtls_cipher_update(ctx, input,
+ block_size,
+ output, &internal_output_length));
- if( status != PSA_SUCCESS )
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
input_length -= block_size;
input += block_size;
@@ -362,174 +364,175 @@
*output_length += internal_output_length;
}
- if( input_length > 0 )
- {
+ if (input_length > 0) {
/* Save unprocessed bytes for later processing */
- memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ),
- input, input_length );
+ memcpy(&(ctx->unprocessed_data[ctx->unprocessed_len]),
+ input, input_length);
ctx->unprocessed_len += input_length;
}
status = PSA_SUCCESS;
exit:
- return( status );
+ return status;
}
#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING */
psa_status_t mbedtls_psa_cipher_update(
mbedtls_psa_cipher_operation_t *operation,
const uint8_t *input, size_t input_length,
- uint8_t *output, size_t output_size, size_t *output_length )
+ uint8_t *output, size_t output_size, size_t *output_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
size_t expected_output_size;
- if( ! PSA_ALG_IS_STREAM_CIPHER( operation->alg ) )
- {
+ if (!PSA_ALG_IS_STREAM_CIPHER(operation->alg)) {
/* Take the unprocessed partial block left over from previous
* update calls, if any, plus the input to this call. Remove
* the last partial block, if any. You get the data that will be
* output in this call. */
expected_output_size =
- ( operation->ctx.cipher.unprocessed_len + input_length )
+ (operation->ctx.cipher.unprocessed_len + input_length)
/ operation->block_length * operation->block_length;
- }
- else
- {
+ } else {
expected_output_size = input_length;
}
- if( output_size < expected_output_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
+ if (output_size < expected_output_size) {
+ return PSA_ERROR_BUFFER_TOO_SMALL;
+ }
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING)
- if( operation->alg == PSA_ALG_ECB_NO_PADDING )
- {
+ if (operation->alg == PSA_ALG_ECB_NO_PADDING) {
/* mbedtls_cipher_update has an API inconsistency: it will only
- * process a single block at a time in ECB mode. Abstract away that
- * inconsistency here to match the PSA API behaviour. */
- status = psa_cipher_update_ecb( &operation->ctx.cipher,
- input,
- input_length,
- output,
- output_length );
- }
- else
+ * process a single block at a time in ECB mode. Abstract away that
+ * inconsistency here to match the PSA API behaviour. */
+ status = psa_cipher_update_ecb(&operation->ctx.cipher,
+ input,
+ input_length,
+ output,
+ output_length);
+ } else
#endif /* MBEDTLS_PSA_BUILTIN_ALG_ECB_NO_PADDING */
{
status = mbedtls_to_psa_error(
- mbedtls_cipher_update( &operation->ctx.cipher, input,
- input_length, output, output_length ) );
+ mbedtls_cipher_update(&operation->ctx.cipher, input,
+ input_length, output, output_length));
- if( *output_length > output_size )
- return( PSA_ERROR_CORRUPTION_DETECTED );
+ if (*output_length > output_size) {
+ return PSA_ERROR_CORRUPTION_DETECTED;
+ }
}
- return( status );
+ return status;
}
psa_status_t mbedtls_psa_cipher_finish(
mbedtls_psa_cipher_operation_t *operation,
- uint8_t *output, size_t output_size, size_t *output_length )
+ uint8_t *output, size_t output_size, size_t *output_length)
{
psa_status_t status = PSA_ERROR_GENERIC_ERROR;
uint8_t temp_output_buffer[MBEDTLS_MAX_BLOCK_LENGTH];
- if( operation->ctx.cipher.unprocessed_len != 0 )
- {
- if( operation->alg == PSA_ALG_ECB_NO_PADDING ||
- operation->alg == PSA_ALG_CBC_NO_PADDING )
- {
+ if (operation->ctx.cipher.unprocessed_len != 0) {
+ if (operation->alg == PSA_ALG_ECB_NO_PADDING ||
+ operation->alg == PSA_ALG_CBC_NO_PADDING) {
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
}
status = mbedtls_to_psa_error(
- mbedtls_cipher_finish( &operation->ctx.cipher,
- temp_output_buffer,
- output_length ) );
- if( status != PSA_SUCCESS )
+ mbedtls_cipher_finish(&operation->ctx.cipher,
+ temp_output_buffer,
+ output_length));
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
- if( *output_length == 0 )
+ if (*output_length == 0) {
; /* Nothing to copy. Note that output may be NULL in this case. */
- else if( output_size >= *output_length )
- memcpy( output, temp_output_buffer, *output_length );
- else
+ } else if (output_size >= *output_length) {
+ memcpy(output, temp_output_buffer, *output_length);
+ } else {
status = PSA_ERROR_BUFFER_TOO_SMALL;
+ }
exit:
- mbedtls_platform_zeroize( temp_output_buffer,
- sizeof( temp_output_buffer ) );
+ mbedtls_platform_zeroize(temp_output_buffer,
+ sizeof(temp_output_buffer));
- return( status );
+ return status;
}
psa_status_t mbedtls_psa_cipher_abort(
- mbedtls_psa_cipher_operation_t *operation )
+ mbedtls_psa_cipher_operation_t *operation)
{
/* Sanity check (shouldn't happen: operation->alg should
* always have been initialized to a valid value). */
- if( ! PSA_ALG_IS_CIPHER( operation->alg ) )
- return( PSA_ERROR_BAD_STATE );
+ if (!PSA_ALG_IS_CIPHER(operation->alg)) {
+ return PSA_ERROR_BAD_STATE;
+ }
- mbedtls_cipher_free( &operation->ctx.cipher );
+ mbedtls_cipher_free(&operation->ctx.cipher);
- return( PSA_SUCCESS );
+ return PSA_SUCCESS;
}
-psa_status_t mbedtls_psa_cipher_encrypt( const psa_key_attributes_t *attributes,
- const uint8_t *key_buffer,
- size_t key_buffer_size,
- psa_algorithm_t alg,
- const uint8_t *iv,
- size_t iv_length,
- const uint8_t *input,
- size_t input_length,
- uint8_t *output,
- size_t output_size,
- size_t *output_length )
+psa_status_t mbedtls_psa_cipher_encrypt(const psa_key_attributes_t *attributes,
+ const uint8_t *key_buffer,
+ size_t key_buffer_size,
+ psa_algorithm_t alg,
+ const uint8_t *iv,
+ size_t iv_length,
+ const uint8_t *input,
+ size_t input_length,
+ uint8_t *output,
+ size_t output_size,
+ size_t *output_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
size_t update_output_length, finish_output_length;
- status = mbedtls_psa_cipher_encrypt_setup( &operation, attributes,
- key_buffer, key_buffer_size,
- alg );
- if( status != PSA_SUCCESS )
+ status = mbedtls_psa_cipher_encrypt_setup(&operation, attributes,
+ key_buffer, key_buffer_size,
+ alg);
+ if (status != PSA_SUCCESS) {
goto exit;
-
- if( iv_length > 0 )
- {
- status = mbedtls_psa_cipher_set_iv( &operation, iv, iv_length );
- if( status != PSA_SUCCESS )
- goto exit;
}
- status = mbedtls_psa_cipher_update( &operation, input, input_length,
- output, output_size, &update_output_length );
- if( status != PSA_SUCCESS )
+ if (iv_length > 0) {
+ status = mbedtls_psa_cipher_set_iv(&operation, iv, iv_length);
+ if (status != PSA_SUCCESS) {
+ goto exit;
+ }
+ }
+
+ status = mbedtls_psa_cipher_update(&operation, input, input_length,
+ output, output_size, &update_output_length);
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
status = mbedtls_psa_cipher_finish(
&operation,
- mbedtls_buffer_offset( output, update_output_length ),
- output_size - update_output_length, &finish_output_length );
- if( status != PSA_SUCCESS )
+ mbedtls_buffer_offset(output, update_output_length),
+ output_size - update_output_length, &finish_output_length);
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
*output_length = update_output_length + finish_output_length;
exit:
- if( status == PSA_SUCCESS )
- status = mbedtls_psa_cipher_abort( &operation );
- else
- mbedtls_psa_cipher_abort( &operation );
+ if (status == PSA_SUCCESS) {
+ status = mbedtls_psa_cipher_abort(&operation);
+ } else {
+ mbedtls_psa_cipher_abort(&operation);
+ }
- return( status );
+ return status;
}
psa_status_t mbedtls_psa_cipher_decrypt(
@@ -541,52 +544,56 @@
size_t input_length,
uint8_t *output,
size_t output_size,
- size_t *output_length )
+ size_t *output_length)
{
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
mbedtls_psa_cipher_operation_t operation = MBEDTLS_PSA_CIPHER_OPERATION_INIT;
size_t olength, accumulated_length;
- status = mbedtls_psa_cipher_decrypt_setup( &operation, attributes,
- key_buffer, key_buffer_size,
- alg );
- if( status != PSA_SUCCESS )
+ status = mbedtls_psa_cipher_decrypt_setup(&operation, attributes,
+ key_buffer, key_buffer_size,
+ alg);
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
- if( operation.iv_length > 0 )
- {
- status = mbedtls_psa_cipher_set_iv( &operation,
- input, operation.iv_length );
- if( status != PSA_SUCCESS )
+ if (operation.iv_length > 0) {
+ status = mbedtls_psa_cipher_set_iv(&operation,
+ input, operation.iv_length);
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
}
status = mbedtls_psa_cipher_update(
&operation,
- mbedtls_buffer_offset_const( input, operation.iv_length ),
+ mbedtls_buffer_offset_const(input, operation.iv_length),
input_length - operation.iv_length,
- output, output_size, &olength );
- if( status != PSA_SUCCESS )
+ output, output_size, &olength);
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
accumulated_length = olength;
status = mbedtls_psa_cipher_finish(
&operation,
- mbedtls_buffer_offset( output, accumulated_length ),
- output_size - accumulated_length, &olength );
- if( status != PSA_SUCCESS )
+ mbedtls_buffer_offset(output, accumulated_length),
+ output_size - accumulated_length, &olength);
+ if (status != PSA_SUCCESS) {
goto exit;
+ }
*output_length = accumulated_length + olength;
exit:
- if ( status == PSA_SUCCESS )
- status = mbedtls_psa_cipher_abort( &operation );
- else
- mbedtls_psa_cipher_abort( &operation );
+ if (status == PSA_SUCCESS) {
+ status = mbedtls_psa_cipher_abort(&operation);
+ } else {
+ mbedtls_psa_cipher_abort(&operation);
+ }
- return( status );
+ return status;
}
#endif /* MBEDTLS_PSA_BUILTIN_CIPHER */