flash enc: add flash encryption unit and example test for C3

examples/security/flash_encryption/example_test.py

@@ -25,20 +25,31 @@ except ImportError:
 #   espefuse.py --do-not-confirm -p $ESPPORT burn_efuse FLASH_CRYPT_CONFIG 0xf
 #   espefuse.py --do-not-confirm -p $ESPPORT burn_efuse FLASH_CRYPT_CNT 0x1
 #   espefuse.py --do-not-confirm -p $ESPPORT burn_key flash_encryption key.bin
-@ttfw_idf.idf_example_test(env_tag='Example_Flash_Encryption')
+@ttfw_idf.idf_example_test(env_tag='Example_Flash_Encryption', target=['esp32', 'esp32c3'])
 def test_examples_security_flash_encryption(env, extra_data):
-    dut = env.get_dut('flash_encryption', 'examples/security/flash_encryption', dut_class=ttfw_idf.ESP32DUT)
+    dut = env.get_dut('flash_encryption', 'examples/security/flash_encryption')
+
+    dut.erase_flash()
     # start test
     dut.start_app()
-
     # calculate the expected ciphertext
     flash_addr = dut.app.partition_table['storage']['offset']
     plain_hex_str = '00 01 02 03 04 05 06 07  08 09 0a 0b 0c 0d 0e 0f'
     plain_data = binascii.unhexlify(plain_hex_str.replace(' ', ''))
 
+    # espsecure uses the cryptography package for encrypting
+    # with aes-xts, but does not allow for a symmetric key
+    # so the key for later chips are not all zeros
+    if dut.TARGET == 'esp32':
+        key_bytes = b'\x00' * 32
+        aes_xts = False
+    else:
+        key_bytes = b'\xff' + b'\x00' * 31
+        aes_xts = True
+
     # Emulate espsecure encrypt_flash_data command
     EncryptFlashDataArgs = namedtuple('EncryptFlashDataArgs', ['output', 'plaintext_file', 'address', 'keyfile', 'flash_crypt_conf', 'aes_xts'])
-    args = EncryptFlashDataArgs(BytesIO(), BytesIO(plain_data), flash_addr, BytesIO(b'\x00' * 32), 0xF, None)
+    args = EncryptFlashDataArgs(BytesIO(), BytesIO(plain_data), flash_addr, BytesIO(key_bytes), 0xF, aes_xts)
     espsecure.encrypt_flash_data(args)
 
     expected_ciphertext = args.output.getvalue()