From 5211efb317d8a0867e1bc9f2b945dbe6cd976c4b Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Mon, 6 May 2019 15:56:05 +0200
Subject: [PATCH] Add output parameter for psa_aead_verify

Like psa_aead_finish(), psa_aead_verify() needs to produce output from
the last partial block of input if psa_aead_update() cannot produce
output byte by byte.
---
 include/psa/crypto.h | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 2e680b101..374f985c6 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -2602,6 +2602,14 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
  * When this function returns, the operation becomes inactive.
  *
  * \param[in,out] operation     Active AEAD operation.
+ * \param[out] plaintext        Buffer where the last part of the plaintext
+ *                              is to be written. This is the remaining
+ *                              from previous calls to psa_aead_update()
+ *                              that could not be processed until the end
+ *                              of the input.
+ * \param plaintext_size        Size of the \p plaintext buffer in bytes.
+ * \param[out] plaintext_length On success, the number of bytes of
+ *                              returned plaintext.
  * \param[in] tag               Buffer containing the authentication tag.
  * \param tag_length            Size of the \p tag buffer in bytes.
  *
@@ -2624,6 +2632,9 @@ psa_status_t psa_aead_finish(psa_aead_operation_t *operation,
  * \retval #PSA_ERROR_TAMPERING_DETECTED
  */
 psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
+                             uint8_t *plaintext,
+                             size_t plaintext_size,
+                             size_t *plaintext_length,
                              const uint8_t *tag,
                              size_t tag_length);