From 0b71bf693dbe32836d6b03df42e9ef1405307ce5 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Fri, 17 Feb 2023 22:46:16 +0100
Subject: [PATCH] Added CMAC tests.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 tests/conftest.py              |  4 ++++
 tests/pico-hsm/test_060_mac.py | 16 +++++++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/tests/conftest.py b/tests/conftest.py
index cc94815..38e872b 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -447,6 +447,10 @@ class Device:
         resp = self.send(cla=0x80, command=0x78, p1=keyid, p2=0x51, data=data)
         return resp
 
+    def cmac(self, keyid, data):
+        resp = self.send(cla=0x80, command=0x78, p1=keyid, p2=Algorithm.ALGO_AES_CMAC.value, data=data)
+        return resp
+
 
 @pytest.fixture(scope="session")
 def device():
diff --git a/tests/pico-hsm/test_060_mac.py b/tests/pico-hsm/test_060_mac.py
index 549e457..e4a75f7 100644
--- a/tests/pico-hsm/test_060_mac.py
+++ b/tests/pico-hsm/test_060_mac.py
@@ -19,7 +19,8 @@
 
 import pytest
 import os
-from cryptography.hazmat.primitives import hashes, hmac
+from cryptography.hazmat.primitives import hashes, hmac, cmac
+from cryptography.hazmat.primitives.ciphers import algorithms
 from utils import Algorithm, DOPrefixes
 from const import DEFAULT_DKEK_SHARES, DEFAULT_DKEK
 
@@ -44,3 +45,16 @@ def test_mac_hmac(device, size, algo):
     h.update(MESSAGE)
     resB = h.finalize()
     assert(bytes(resA) == resB)
+
+@pytest.mark.parametrize(
+    "size", [128, 192, 256]
+)
+def test_mac_cmac(device, size):
+    pkey = os.urandom(size // 8)
+    keyid = device.import_key(pkey)
+    resA = device.cmac(keyid, MESSAGE)
+    c = cmac.CMAC(algorithms.AES(pkey))
+    c.update(MESSAGE)
+    resB = c.finalize()
+    assert(bytes(resA) == resB)
+