From ad3304a3847b616d34014c85fee8d2a4293bb850 Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Wed, 22 Mar 2023 23:29:31 +0100
Subject: [PATCH] Added AES XTS tests, with and without IV.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 tests/pico-hsm/test_052_aes_ext.py | 40 ++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

diff --git a/tests/pico-hsm/test_052_aes_ext.py b/tests/pico-hsm/test_052_aes_ext.py
index 42b95a9..03bcd89 100644
--- a/tests/pico-hsm/test_052_aes_ext.py
+++ b/tests/pico-hsm/test_052_aes_ext.py
@@ -219,3 +219,43 @@ def test_aes_gcm_iv(device, size):
     assert(dtA == dtB)
     assert(dtA == MESSAGE)
     device.delete_key(keyid)
+
+@pytest.mark.parametrize(
+    "size", [256, 512]
+)
+def test_aes_xts_no_iv(device, size):
+    pkey, keyid = generate_key(device, size)
+    ctA = device.aes(keyid, EncryptionMode.ENCRYPT, AES.XTS, MESSAGE)
+
+    iv = b'\x00' * 16
+    cipher = Cipher(algorithms.AES(pkey), modes.XTS(iv))
+    encryptor = cipher.encryptor()
+    ctB = encryptor.update(MESSAGE) + encryptor.finalize()
+    assert(ctA == ctB)
+
+    dtA = device.aes(keyid, EncryptionMode.DECRYPT, AES.XTS, ctA)
+    decryptor = cipher.decryptor()
+    dtB = decryptor.update(ctB) + decryptor.finalize()
+    assert(dtA == dtB)
+    assert(dtA == MESSAGE)
+    device.delete_key(keyid)
+
+@pytest.mark.parametrize(
+    "size", [256, 512]
+)
+def test_aes_xts_iv(device, size):
+    pkey, keyid = generate_key(device, size)
+    iv = os.urandom(16)
+    ctA = device.aes(keyid, EncryptionMode.ENCRYPT, AES.XTS, MESSAGE, iv=iv)
+
+    cipher = Cipher(algorithms.AES(pkey), modes.XTS(iv))
+    encryptor = cipher.encryptor()
+    ctB = encryptor.update(MESSAGE) + encryptor.finalize()
+    assert(ctA == ctB)
+
+    dtA = device.aes(keyid, EncryptionMode.DECRYPT, AES.XTS, ctA, iv=iv)
+    decryptor = cipher.decryptor()
+    dtB = decryptor.update(ctB) + decryptor.finalize()
+    assert(dtA == dtB)
+    assert(dtA == MESSAGE)
+    device.delete_key(keyid)