Merge pull request #563 from RobertDrazkowskiGL/calib-psa-cipher

[CryptoAuthLib provider] PsaCipherEncrypt and PsaCipherDecrypt implementation

Author: ionut-arm

e2e_tests/Cargo.toml

@@ -11,7 +11,7 @@ publish = false
 
 [dependencies]
 serde = { version = "1.0.123", features = ["derive"] }
-parsec-client = { git = "https://github.com/parallaxsecond/parsec-client-rust", rev = "119664eac501c7f1d207f03905311a0634db13a6", features = ["testing", "spiffe-auth"] }
+parsec-client = { git = "https://github.com/parallaxsecond/parsec-client-rust", rev = "bf01a58fe20a65f6151fc32c7c6c9d09ae7b741f", features = ["testing", "spiffe-auth"] }
 log = "0.4.14"
 # Compatible version with crate rsa
 rand = "0.7.3"

e2e_tests/src/lib.rs

@@ -45,8 +45,8 @@ use parsec_client::core::interface::operations::list_authenticators::Authenticat
 use parsec_client::core::interface::operations::list_keys::KeyInfo;
 use parsec_client::core::interface::operations::list_providers::ProviderInfo;
 use parsec_client::core::interface::operations::psa_algorithm::{
-    Aead, AeadWithDefaultLengthTag, Algorithm, AsymmetricEncryption, AsymmetricSignature, Hash,
-    KeyAgreement, RawKeyAgreement,
+    Aead, AeadWithDefaultLengthTag, Algorithm, AsymmetricEncryption, AsymmetricSignature, Cipher,
+    Hash, KeyAgreement, RawKeyAgreement,
 };
 use parsec_client::core::interface::operations::psa_key_attributes::{
     Attributes, EccFamily, Lifetime, Policy, Type, UsageFlags,
@@ -390,6 +390,19 @@ impl TestClient {
         self.import_key(key_name, attributes, data)
     }
 
+    /// Import an AES key.
+    pub fn import_aes_key_cipher(
+        &mut self,
+        key_name: String,
+        data: Vec<u8>,
+        encryption_alg: Cipher,
+    ) -> Result<()> {
+        let mut attributes = TestClient::default_encrypt_aes_attrs();
+        attributes.bits = 0;
+        attributes.policy.permitted_algorithms = encryption_alg.into();
+        self.import_key(key_name, attributes, data)
+    }
+
     /// Import ECC key pair with secp R1 curve family.
     /// The key can only be used for key agreement with Ecdh algorithm.
     pub fn import_ecc_pair_secp_r1_key(&mut self, key_name: String, data: Vec<u8>) -> Result<()> {
@@ -762,6 +775,28 @@ impl TestClient {
             .map_err(convert_error)
     }
 
+    pub fn cipher_encrypt_message(
+        &mut self,
+        key_name: String,
+        alg: Cipher,
+        plaintext: &[u8],
+    ) -> Result<Vec<u8>> {
+        self.basic_client
+            .psa_cipher_encrypt(key_name, alg, plaintext)
+            .map_err(convert_error)
+    }
+
+    pub fn cipher_decrypt_message(
+        &mut self,
+        key_name: String,
+        alg: Cipher,
+        ciphertext: &[u8],
+    ) -> Result<Vec<u8>> {
+        self.basic_client
+            .psa_cipher_decrypt(key_name, alg, ciphertext)
+            .map_err(convert_error)
+    }
+
     pub fn hash_compute(&mut self, alg: Hash, input: &[u8]) -> Result<Vec<u8>> {
         self.basic_client
             .psa_hash_compute(alg, input)