From a06b22d7092f5c37dd1dcf634b22432c34384144 Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Mon, 24 Jun 2024 14:59:34 +0200
Subject: [PATCH] psasim: add AUT for symmetric encryption/decryption

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 tests/psa-client-server/psasim/src/aut_main.c |  12 +-
 ...{aut_psa_aead.c => aut_psa_aead_encrypt.c} |  52 +--------
 .../psasim/src/aut_psa_aead_encrypt_decrypt.c | 109 ++++++++++++++++++
 3 files changed, 117 insertions(+), 56 deletions(-)
 rename tests/psa-client-server/psasim/src/{aut_psa_aead.c => aut_psa_aead_encrypt.c} (77%)
 create mode 100644 tests/psa-client-server/psasim/src/aut_psa_aead_encrypt_decrypt.c

diff --git a/tests/psa-client-server/psasim/src/aut_main.c b/tests/psa-client-server/psasim/src/aut_main.c
index 3eee631619..b0f96bee8b 100644
--- a/tests/psa-client-server/psasim/src/aut_main.c
+++ b/tests/psa-client-server/psasim/src/aut_main.c
@@ -21,7 +21,8 @@
 
 int psa_hash_compute_main(void);
 int psa_hash_main(void);
-int psa_aead_main(char *cipher_name);
+int psa_aead_encrypt_main(char *cipher_name);
+int psa_aead_encrypt_decrypt_main(void);
 int psa_random_main(void);
 int psa_mac_main(void);
 int psa_key_agreement_main(void);
@@ -47,16 +48,17 @@ int main()
     TEST_MODULE(psa_hash_compute_main());
     TEST_MODULE(psa_hash_main());
 
-    TEST_MODULE(psa_aead_main("aes128-gcm"));
-    TEST_MODULE(psa_aead_main("aes256-gcm"));
-    TEST_MODULE(psa_aead_main("aes128-gcm_8"));
-    TEST_MODULE(psa_aead_main("chachapoly"));
+    TEST_MODULE(psa_aead_encrypt_main("aes128-gcm"));
+    TEST_MODULE(psa_aead_encrypt_main("aes256-gcm"));
+    TEST_MODULE(psa_aead_encrypt_main("aes128-gcm_8"));
+    TEST_MODULE(psa_aead_encrypt_main("chachapoly"));
 
     TEST_MODULE(psa_random_main());
 
     TEST_MODULE(psa_mac_main());
     TEST_MODULE(psa_key_agreement_main());
     TEST_MODULE(psa_sign_verify_main());
+    TEST_MODULE(psa_aead_encrypt_decrypt_main());
 
 exit:
     return (ret != 0) ? 1 : 0;
diff --git a/tests/psa-client-server/psasim/src/aut_psa_aead.c b/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt.c
similarity index 77%
rename from tests/psa-client-server/psasim/src/aut_psa_aead.c
rename to tests/psa-client-server/psasim/src/aut_psa_aead_encrypt.c
index aa9dfb0950..64463f57fc 100644
--- a/tests/psa-client-server/psasim/src/aut_psa_aead.c
+++ b/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt.c
@@ -1,37 +1,8 @@
-/**
- * PSA API multi-part AEAD demonstration.
- *
- * This program AEAD-encrypts a message, using the algorithm and key size
- * specified on the command line, using the multi-part API.
- *
- * It comes with a companion program cipher/cipher_aead_demo.c, which does the
- * same operations with the legacy Cipher API. The goal is that comparing the
- * two programs will help people migrating to the PSA Crypto API.
- *
- * When used with multi-part AEAD operations, the `mbedtls_cipher_context`
- * serves a triple purpose (1) hold the key, (2) store the algorithm when no
- * operation is active, and (3) save progress information for the current
- * operation. With PSA those roles are held by disinct objects: (1) a
- * psa_key_id_t to hold the key, a (2) psa_algorithm_t to represent the
- * algorithm, and (3) a psa_operation_t for multi-part progress.
- *
- * On the other hand, with PSA, the algorithms encodes the desired tag length;
- * with Cipher the desired tag length needs to be tracked separately.
- *
- * This program and its companion cipher/cipher_aead_demo.c illustrate this by
- * doing the same sequence of multi-part AEAD computation with both APIs;
- * looking at the two side by side should make the differences and
- * similarities clear.
- */
-
 /*
  *  Copyright The Mbed TLS Contributors
  *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  */
 
-/* First include Mbed TLS headers to get the Mbed TLS configuration and
- * platform definitions that we'll use in this program. Also include
- * standard C headers for functions we'll use here. */
 #include "mbedtls/build_info.h"
 
 #include "psa/crypto.h"
@@ -40,25 +11,6 @@
 #include <stdio.h>
 #include <string.h>
 
-/* If the build options we need are not enabled, compile a placeholder. */
-#if !defined(MBEDTLS_PSA_CRYPTO_CLIENT) && \
-    (!defined(MBEDTLS_PSA_CRYPTO_C) || \
-    !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_GCM_C) || \
-    !defined(MBEDTLS_CHACHAPOLY_C) || \
-    defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER))
-int psa_aead_main(void)
-{
-    printf("MBEDTLS_PSA_CRYPTO_CLIENT or "
-           "MBEDTLS_PSA_CRYPTO_C and/or "
-           "MBEDTLS_AES_C and/or MBEDTLS_GCM_C and/or "
-           "MBEDTLS_CHACHAPOLY_C not defined, and/or "
-           "MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined\r\n");
-    return 0;
-}
-#else
-
-/* The real program starts here. */
-
 const char usage[] =
     "Usage: aead_demo [aes128-gcm|aes256-gcm|aes128-gcm_8|chachapoly]";
 
@@ -257,7 +209,7 @@ exit:
 /*
  * Main function
  */
-int psa_aead_main(char *cipher_name)
+int psa_aead_encrypt_main(char *cipher_name)
 {
     psa_status_t status = PSA_SUCCESS;
 
@@ -273,5 +225,3 @@ int psa_aead_main(char *cipher_name)
 exit:
     return status == PSA_SUCCESS ? EXIT_SUCCESS : EXIT_FAILURE;
 }
-
-#endif
diff --git a/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt_decrypt.c b/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt_decrypt.c
new file mode 100644
index 0000000000..ca090ccc66
--- /dev/null
+++ b/tests/psa-client-server/psasim/src/aut_psa_aead_encrypt_decrypt.c
@@ -0,0 +1,109 @@
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#include "psa/crypto.h"
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#define BUFFER_SIZE 500
+
+static void print_bytestr(const uint8_t *bytes, size_t len)
+{
+    for (unsigned int idx = 0; idx < len; idx++) {
+        printf("%02X", bytes[idx]);
+    }
+}
+
+int psa_aead_encrypt_decrypt_main(void)
+{
+    psa_status_t status;
+    psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+    psa_key_id_t key_id = 0;
+    uint8_t encrypt[BUFFER_SIZE] = { 0 };
+    uint8_t decrypt[BUFFER_SIZE] = { 0 };
+    const uint8_t plaintext[] = "Hello World!";
+    const uint8_t key_bytes[32] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+    uint8_t nonce[PSA_AEAD_NONCE_LENGTH(PSA_KEY_TYPE_AES, PSA_ALG_CCM)];
+    size_t nonce_length = sizeof(nonce);
+    size_t ciphertext_length;
+    size_t plaintext_length;
+
+    status = psa_crypto_init();
+    if (status != PSA_SUCCESS) {
+        printf("psa_crypto_init failed\n");
+        return EXIT_FAILURE;
+    }
+
+    psa_set_key_usage_flags(&attributes,
+                            PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
+    psa_set_key_algorithm(&attributes, PSA_ALG_CCM);
+    psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
+    psa_set_key_bits(&attributes, 256);
+
+    status = psa_import_key(&attributes, key_bytes, sizeof(key_bytes), &key_id);
+    if (status != PSA_SUCCESS) {
+        printf("psa_import_key failed\n");
+        return EXIT_FAILURE;
+    }
+
+    status = psa_generate_random(nonce, nonce_length);
+    if (status != PSA_SUCCESS) {
+        printf("psa_generate_random failed\n");
+        return EXIT_FAILURE;
+    }
+
+    status = psa_aead_encrypt(key_id,                            // key
+                              PSA_ALG_CCM,                       // algorithm
+                              nonce, nonce_length,               // nonce
+                              NULL, 0,                           // additional data
+                              plaintext, sizeof(plaintext),      // plaintext
+                              encrypt, sizeof(encrypt),          // ciphertext
+                              &ciphertext_length);               // length of output
+    if (status != PSA_SUCCESS) {
+        printf("psa_aead_encrypt failed\n");
+        return EXIT_FAILURE;
+    }
+
+    printf("AES-CCM encryption:\n");
+    printf("- Plaintext: '%s':\n", plaintext);
+    printf("- Key: ");
+    print_bytestr(key_bytes, sizeof(key_bytes));
+    printf("\n- Nonce: ");
+    print_bytestr(nonce, nonce_length);
+    printf("\n- No additional data\n");
+    printf("- Ciphertext:\n");
+
+    for (size_t j = 0; j < ciphertext_length; j++) {
+        if (j % 8 == 0) {
+            printf("\n    ");
+        }
+        printf("%02x ", encrypt[j]);
+    }
+
+    printf("\n");
+
+    status = psa_aead_decrypt(key_id,                       // key
+                              PSA_ALG_CCM,                  // algorithm
+                              nonce, nonce_length,          // nonce
+                              NULL, 0,                      // additional data
+                              encrypt, ciphertext_length,   // ciphertext
+                              decrypt, sizeof(decrypt),     // plaintext
+                              &plaintext_length);           // length of output
+    if (status != PSA_SUCCESS) {
+        printf("psa_aead_decrypt failed\n");
+        return EXIT_FAILURE;
+    }
+
+    if (memcmp(plaintext, decrypt, sizeof(plaintext)) != 0) {
+        printf("\nEncryption/Decryption failed!\n");
+    } else {
+        printf("\nEncryption/Decryption successful!\n");
+    }
+
+    psa_destroy_key(key_id);
+    mbedtls_psa_crypto_free();
+    return 0;
+}