From e9829e59c50878680344bf167aa0be616bf83457 Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Mon, 24 Jun 2024 16:37:27 +0200
Subject: [PATCH] psasim: add AUT for cipher encryption/decryption

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tests/psa-client-server/psasim/src/aut_main.c |  4 +-
 .../src/aut_psa_cipher_encrypt_decrypt.c      | 81 +++++++++++++++++++
 2 files changed, 84 insertions(+), 1 deletion(-)
 create mode 100644 tests/psa-client-server/psasim/src/aut_psa_cipher_encrypt_decrypt.c

diff --git a/tests/psa-client-server/psasim/src/aut_main.c b/tests/psa-client-server/psasim/src/aut_main.c
index f0cd1a09b..2c4a8fb90 100644
--- a/tests/psa-client-server/psasim/src/aut_main.c
+++ b/tests/psa-client-server/psasim/src/aut_main.c
@@ -23,6 +23,7 @@ int psa_hash_compute_main(void);
 int psa_hash_main(void);
 int psa_aead_encrypt_main(char *cipher_name);
 int psa_aead_encrypt_decrypt_main(void);
+int psa_cipher_encrypt_decrypt_main(void);
 int psa_random_main(void);
 int psa_mac_main(void);
 int psa_key_agreement_main(void);
@@ -53,13 +54,14 @@ int main()
     TEST_MODULE(psa_aead_encrypt_main("aes256-gcm"));
     TEST_MODULE(psa_aead_encrypt_main("aes128-gcm_8"));
     TEST_MODULE(psa_aead_encrypt_main("chachapoly"));
+    TEST_MODULE(psa_aead_encrypt_decrypt_main());
+    TEST_MODULE(psa_cipher_encrypt_decrypt_main());
 
     TEST_MODULE(psa_random_main());
 
     TEST_MODULE(psa_mac_main());
     TEST_MODULE(psa_key_agreement_main());
     TEST_MODULE(psa_sign_verify_main());
-    TEST_MODULE(psa_aead_encrypt_decrypt_main());
     TEST_MODULE(psa_hkdf_main());
 
 exit:
diff --git a/tests/psa-client-server/psasim/src/aut_psa_cipher_encrypt_decrypt.c b/tests/psa-client-server/psasim/src/aut_psa_cipher_encrypt_decrypt.c
new file mode 100644
index 000000000..a923feb61
--- /dev/null
+++ b/tests/psa-client-server/psasim/src/aut_psa_cipher_encrypt_decrypt.c
@@ -0,0 +1,81 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "psa/crypto.h"
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define BUFFER_SIZE 4096
+
+static void print_bytestr(const uint8_t *bytes, size_t len)
+{
+    for (unsigned int idx = 0; idx < len; idx++) {
+        printf("%02X", bytes[idx]);
+    }
+}
+
+int psa_cipher_encrypt_decrypt_main(void)
+{
+    psa_status_t status;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t key_id = 0;
+    uint8_t original[BUFFER_SIZE] = { 0 };
+    uint8_t encrypt[BUFFER_SIZE] = { 0 };
+    uint8_t decrypt[BUFFER_SIZE] = { 0 };
+    const uint8_t key_bytes[32] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+    size_t encrypted_length;
+    size_t decrypted_length;
+
+    status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        printf("psa_crypto_init failed\n");
+        return EXIT_FAILURE;
+    }
+
+    status = psa_generate_random(original, sizeof(original));
+    if (status != PSA_SUCCESS) {
+        printf("psa_generate_random() failed\n");
+        return EXIT_FAILURE;
+    }
+
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, PSA_ALG_ECB_NO_PADDING);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+    psa_set_key_bits(&attributes, 256);
+
+    status = psa_import_key(&attributes, key_bytes, sizeof(key_bytes), &key_id);
+    if (status != PSA_SUCCESS) {
+        printf("psa_import_key failed\n");
+        return EXIT_FAILURE;
+    }
+
+    status = psa_cipher_encrypt(key_id, PSA_ALG_ECB_NO_PADDING,
+                                original, sizeof(original),
+                                encrypt, sizeof(encrypt), &encrypted_length);
+    if (status != PSA_SUCCESS) {
+        printf("psa_cipher_encrypt failed\n");
+        return EXIT_FAILURE;
+    }
+
+    status = psa_cipher_decrypt(key_id, PSA_ALG_ECB_NO_PADDING,
+                                encrypt, encrypted_length,
+                                decrypt, sizeof(decrypt), &decrypted_length);
+    if (status != PSA_SUCCESS) {
+        printf("psa_cipher_decrypt failed\n");
+        return EXIT_FAILURE;
+    }
+
+    if (memcmp(original, decrypt, sizeof(original)) != 0) {
+        printf("\nEncryption/Decryption failed!\n");
+    } else {
+        printf("\nEncryption/Decryption successful!\n");
+    }
+
+    psa_destroy_key(key_id);
+    mbedtls_psa_crypto_free();
+    return 0;
+}