From 6546d218cc6553cd0744f50053eff3f328758844 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Tue, 23 Jan 2024 12:25:20 -0500 Subject: [PATCH 001/241] Initial rework of OCFs, Defined Ocf_Fsr and Ocf_Clcw, updates accordingly --- include/crypto.h | 4 +-- include/crypto_print.h | 4 +-- include/crypto_structs.h | 54 +++++++++++++++++++++------------------- src/core/crypto.c | 4 +-- src/core/crypto_config.c | 26 +++++++++---------- src/core/crypto_mc.c | 2 +- src/core/crypto_print.c | 24 +++++++++--------- 7 files changed, 60 insertions(+), 58 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index a153b774..490c2e9d 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -217,8 +217,8 @@ extern GvcidManagedParameters_t* gvcid_managed_parameters; extern GvcidManagedParameters_t* current_managed_parameters; // OCF extern uint8_t ocf; -extern SDLS_FSR_t report; -extern Telemetry_Frame_Clcw_t clcw; +extern Telemetry_Frame_Ocf_Fsr_t report; +extern Telemetry_Frame_Ocf_Clcw_t clcw; // Flags extern SDLS_MC_LOG_RPLY_t log_summary; extern SDLS_MC_DUMP_BLK_RPLY_t mc_log; diff --git a/include/crypto_print.h b/include/crypto_print.h index 8e6e299a..33b5bcbb 100644 --- a/include/crypto_print.h +++ b/include/crypto_print.h @@ -30,8 +30,8 @@ */ void Crypto_tcPrint(TC_t* tc_frame); void Crypto_tmPrint(TM_t* tm_frame); -void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw); -void Crypto_fsrPrint(SDLS_FSR_t* report); +void Crypto_clcwPrint(Telemetry_Frame_Ocf_Clcw_t* clcw); +void Crypto_fsrPrint(Telemetry_Frame_Ocf_Fsr_t* report); void Crypto_ccsdsPrint(CCSDS_t* sdls_frame); void Crypto_saPrint(SecurityAssociation_t* sa); void Crypto_hexprint(const void* c, size_t n); diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 8cd13d23..8b95ff69 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -83,18 +83,18 @@ typedef struct /* ** SDLS Definitions */ -typedef struct -{ - uint8_t cwt : 1; // Control Word Type - uint8_t vnum : 3; // FSR Version Number - uint8_t af : 1; // Alarm Field - uint8_t bsnf : 1; // Bad SN Flag - uint8_t bmacf : 1; // Bad MAC Flag - uint8_t ispif : 1; // Invalid SPI Flag - uint16_t lspiu : 16; // Last SPI Used - uint8_t snval : 8; // SN Value (LSB) -} SDLS_FSR_t; -#define SDLS_FSR_SIZE (sizeof(SDLS_FSR_t)) +// typedef struct +// { +// uint8_t cwt : 1; // Control Word Type +// uint8_t vnum : 3; // FSR Version Number +// uint8_t af : 1; // Alarm Field +// uint8_t bsnf : 1; // Bad SN Flag +// uint8_t bmacf : 1; // Bad MAC Flag +// uint8_t bsaf : 1; // Bad SA Flag +// uint16_t lspiu : 16; // Last SPI Used +// uint8_t snval : 8; // SN Value (LSB) +// } SDLS_FSR_t; // Version 100, CCSDS 355.1-B-1, Feb 2020 +// #define SDLS_FSR_SIZE (sizeof(SDLS_FSR_t)) typedef struct { @@ -327,13 +327,14 @@ typedef struct #define CCSDS_SIZE (sizeof(CCSDS_t)) /* -** Operational Control Field definition +** Operational Control Field definitions ** Telemetry frames can reply with either of these in their OCF field: ** 1) A Communications Control Link Word -or- ** 2) A Frame Security Report */ // INFO: This is the Communications Link Control Word register format +// Ref: Version 000, CCSDS 232.0-B-4, Oct 2021 typedef struct { uint8_t cwt : 1; // Control Word Type "0" @@ -341,33 +342,34 @@ typedef struct uint8_t sf : 3; // Status Field uint8_t cie : 2; // COP In Effect uint8_t vci : 6; // Virtual Channel Identification - uint8_t spare0 : 2; // Reserved Spare - uint8_t nrfa : 1; // No RF Avaliable Flag - uint8_t nbl : 1; // No Bit Lock Flag - uint8_t lo : 1; // Lock-Out Flag - uint8_t wait : 1; // Wait Flag - uint8_t rt : 1; // Retransmit Flag + uint8_t spare0 : 2; // Reserved Spare "00" + uint8_t nrfaf : 1; // No RF Avaliable Flag + uint8_t nblf : 1; // No Bit Lock Flag + uint8_t lof : 1; // Lock-Out Flag + uint8_t waitf : 1; // Wait Flag + uint8_t rtf : 1; // Retransmit Flag uint8_t fbc : 2; // FARM-B Counter - uint8_t spare1 : 1; // Reserved Spare + uint8_t spare1 : 1; // Reserved Spare "0" uint8_t rv : 8; // Report Value -} Telemetry_Frame_Clcw_t; +} Telemetry_Frame_Ocf_Clcw_t; -#define TM_FRAME_CLCW_SIZE (sizeof(Telemetry_Frame_Clcw_t)) +#define TELEMETRY_FRAME_OCF_CLCW_SIZE (sizeof(Telemetry_Frame_Ocf_Clcw_t)) // INFO: This is the Frame Security Report register format +// Ref: Version 100, CCSDS 355.1-B-1, Feb 2020 typedef struct { uint8_t cwt : 1; // Control Word Type "1" uint8_t fvn : 3; // FSR Version Number "100" uint8_t af : 1; // Alarm Flag uint8_t bsnf : 1; // Bad Sequence Number Flag - uint8_t bmf : 1; // Bad Mac Flag + uint8_t bmacf : 1; // Bad Mac Flag uint8_t bsaf : 1; // Bad Security Association Flag uint16_t lspi : 16; // Last SPI Used - uint8_t snv : 8; // Sequence Number Value (LSB) -} Telemetry_Frame_Fsr_t; + uint8_t snval : 8; // Sequence Number Value (LSB) +} Telemetry_Frame_Ocf_Fsr_t; -#define TELEMETRY_FRAME_OCF_SIZE (sizeof(Telemetry_Frame_Fsr_t)) +#define TELEMETRY_FRAME_OCF_FSR_SIZE (sizeof(Telemetry_Frame_Ocf_Fsr_t)) /* ** Telemetry (TM) Definitions diff --git a/src/core/crypto.c b/src/core/crypto.c index 528ece0c..f8c65626 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -44,8 +44,8 @@ AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplicat AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication // OCF uint8_t ocf = 0; -SDLS_FSR_t report; -Telemetry_Frame_Clcw_t clcw; +Telemetry_Frame_Ocf_Fsr_t report; +Telemetry_Frame_Ocf_Clcw_t clcw; // Flags SDLS_MC_LOG_RPLY_t log_summary; SDLS_MC_DUMP_BLK_RPLY_t mc_log; diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 03b0b5ef..4b4b6ac4 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -699,24 +699,24 @@ void Crypto_Local_Init(void) clcw.cie = 1; // COP In Effect clcw.vci = 0; // Virtual Channel Identification clcw.spare0 = 0; // Reserved Spare - clcw.nrfa = 0; // No RF Avaliable Flag - clcw.nbl = 0; // No Bit Lock Flag - clcw.lo = 0; // Lock-Out Flag - clcw.wait = 0; // Wait Flag - clcw.rt = 0; // Retransmit Flag + clcw.nrfaf = 0; // No RF Avaliable Flag + clcw.nblf = 0; // No Bit Lock Flag + clcw.lof = 0; // Lock-Out Flag + clcw.waitf = 0; // Wait Flag + clcw.rtf = 0; // Retransmit Flag clcw.fbc = 0; // FARM-B Counter clcw.spare1 = 0; // Reserved Spare clcw.rv = 0; // Report Value // Initialize Frame Security Report - report.cwt = 1; // Control Word Type "0b1"" - report.vnum = 4; // FSR Version "0b100"" - report.af = 0; // Alarm Field - report.bsnf = 0; // Bad SN Flag - report.bmacf = 0; // Bad MAC Flag - report.ispif = 0; // Invalid SPI Flag - report.lspiu = 0; // Last SPI Used - report.snval = 0; // SN Value (LSB) + report.cwt = 1; // Control Word Type "0b1"" + report.fvn = 4; // FSR Version "0b100"" + report.af = 0; // Alarm Field + report.bsnf = 0; // Bad SN Flag + report.bmacf = 0;// Bad MAC Flag + report.bsaf = 0; // Invalid SPI Flag + report.lspi = 0; // Last SPI Used + report.snval = 0;// SN Value (LSB) } /** diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 89061664..ba6d8976 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -255,6 +255,6 @@ int32_t Crypto_MC_resetalarm(void) report.af = 0; report.bsnf = 0; report.bmacf = 0; - report.ispif = 0; + report.bsaf = 0; return CRYPTO_LIB_SUCCESS; } diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index cd3334c2..900c36cd 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -101,9 +101,9 @@ void Crypto_tmPrint(TM_t* tm_frame) /** * @brief Function: Crypto_clcwPrint * Prints the current CLCW in memory. - * @param clcw: Telemetry_Frame_Clcw_t* + * @param clcw: Telemetry_Frame_Ocf_Clcw_t* **/ -void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw) +void Crypto_clcwPrint(Telemetry_Frame_Ocf_Clcw_t* clcw) { printf("Current CLCW in memory is: \n"); printf("\t cwt = 0x%01x \n", clcw->cwt); @@ -112,11 +112,11 @@ void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw) printf("\t cie = 0x%01x \n", clcw->cie); printf("\t vci = 0x%02x \n", clcw->vci); printf("\t spare0 = 0x%01x \n", clcw->spare0); - printf("\t nrfa = 0x%01x \n", clcw->nrfa); - printf("\t nbl = 0x%01x \n", clcw->nbl); - printf("\t lo = 0x%01x \n", clcw->lo); - printf("\t wait = 0x%01x \n", clcw->wait); - printf("\t rt = 0x%01x \n", clcw->rt); + printf("\t nrfaf = 0x%01x \n", clcw->nrfaf); + printf("\t nblf = 0x%01x \n", clcw->nblf); + printf("\t lof = 0x%01x \n", clcw->lof); + printf("\t waitf = 0x%01x \n", clcw->waitf); + printf("\t rtf = 0x%01x \n", clcw->rtf); printf("\t fbc = 0x%01x \n", clcw->fbc); printf("\t spare1 = 0x%01x \n", clcw->spare1); printf("\t rv = 0x%02x \n", clcw->rv); @@ -126,18 +126,18 @@ void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw) /** * @brief Function: Crypto_fsrPrint * Prints the current FSR in memory. - * @param report: SDLS_FSR_t* + * @param report: Telemetry_Frame_Ocf_Fsr_t* **/ -void Crypto_fsrPrint(SDLS_FSR_t* report) +void Crypto_fsrPrint(Telemetry_Frame_Ocf_Fsr_t* report) { printf("Current FSR in memory is: \n"); printf("\t cwt = 0x%01x \n", report->cwt); - printf("\t vnum = 0x%01x \n", report->vnum); + printf("\t fvn = 0x%01x \n", report->fvn); printf("\t af = 0x%01x \n", report->af); printf("\t bsnf = 0x%01x \n", report->bsnf); printf("\t bmacf = 0x%01x \n", report->bmacf); - printf("\t ispif = 0x%01x \n", report->ispif); - printf("\t lspiu = 0x%01x \n", report->lspiu); + printf("\t bsaf = 0x%01x \n", report->bsaf); + printf("\t lspi = 0x%01x \n", report->lspi); printf("\t snval = 0x%01x \n", report->snval); printf("\n"); } From d72636ddcba8a5899e302cc0775f7cb6e0429819 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 1 Aug 2024 21:03:04 +0000 Subject: [PATCH 002/241] [nasa/cryptolib#266] Created key generator class w/ random functionality. Also used to copy/paste new keys to keyring --- test/encryption_test.py | 79 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 78 insertions(+), 1 deletion(-) diff --git a/test/encryption_test.py b/test/encryption_test.py index 87b326ee..a4a41aa9 100644 --- a/test/encryption_test.py +++ b/test/encryption_test.py @@ -1,8 +1,11 @@ from Crypto.Cipher import AES from Crypto.Hash import CMAC, HMAC, SHA256, SHA512 +from enum import Enum +from random import randrange, choice import codecs import sys + """ Function: crc16 Calculates the CRC16 for a set of byte data @@ -93,6 +96,7 @@ def get_results(self): #print(self.results.hex()) return self.results + class Authentication: def __init__(self): self.results = 0x00 @@ -139,8 +143,81 @@ def get_results(self): #print(self.results.hex()) return self.results + +class KeyStates(Enum): + KEY_PREACTIVE = 0 + KEY_ACTIVE = 1 + KEY_DEACTIVATED = 2 + KEY_DESTROYED = 3 + KEY_CORRUPTED = 4 + + +class New_Key: + def __init__(self, key:str = "", state:int = 0, index:int = 0, random:bool = False, rand_length:int = 0): + self.key = key + self.state = state + self.index = index + self.length = 0 + self.rand_length = rand_length + self.key_bytes = [] + + i = 0 + if not random: + while(i < (len(key)-1)): + self.key_bytes.append("0x" + self.key[i] + self.key[i+1]) + i += 2 + self.length = len(self.key_bytes) + else: + self._do_random() + + def _do_random(self): + i = 0 + if self.index == 0: + self.index = randrange(0,256,1) + if self.state == 0: + self.state = randrange(0,4,1) + if self.rand_length == 0: + self.length = choice([16, 32, 64]) + else: + self.length = self.rand_length + while(i Date: Fri, 2 Aug 2024 17:25:40 +0000 Subject: [PATCH 003/241] [nasa/cryptolib#266] Created DB Validator psuedocode and split key generator into unique file --- test/db_validation.py | 75 +++++++++++++++++++++++++++++++++++++++ test/encryption_test.py | 77 ----------------------------------------- test/key_generator.py | 74 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 149 insertions(+), 77 deletions(-) create mode 100644 test/db_validation.py create mode 100644 test/key_generator.py diff --git a/test/db_validation.py b/test/db_validation.py new file mode 100644 index 00000000..88498a52 --- /dev/null +++ b/test/db_validation.py @@ -0,0 +1,75 @@ +import mysql.connector +from mysql.connector import Error + +def compare(arr1, arr2): + if (len(arr1) != len(arr2)): + print(f'Length Mismatch:\n/ + \tarr1={len(arr1)}\n/ + \tarr2={len(arr2)}') + return -1 + + for i, item in enumerate(arr1): + if (arr1[i] != arr2[i]): + print(f'Value Mismatch:\n/ + \tarr1{i}={arr1[i]}\n/ + \tarr2{i}={arr2[i]}') + return -1 + print("Arrays match!") + return 0 + +class Database: + def __init__(self, host:str, port:int, db_name:str, table_name:str, user:str, password:str): + self.host=host + self.port=port + self.database=db_name + self.table=table_name + self.user=user + self.password=password + self.data=[] + + def fetch_all_data(self): + try: + # Define the connection details + self.connection = mysql.connector.connect( + host=self.host, + port=self.port, + database=self.database, + user=self.user, + password=self.password + ) + + if self.connection.is_connected(): + print("Connected to the database") + + # Create a cursor object + self.cursor = self.connection.cursor() + + # Execute a query to fetch all data from a table + query = f'SELECT * FROM {self.table}' + self.cursor.execute(query) + + rows = self.cursor.fetchall() + for row in rows: + self.data.append(row) + + self.close_connection() + return self.data + + except Error as e: + print(f"Error: {e}") + + def close_connection(self): + if self.connection.is_connected(): + self.cursor.close() + self.connection.close() + print("MySQL connection is closed") + + +if __name__ == "__main__": + something=Database("localhost", 3306, "db_name", "table_name", "user", "pass") + db_data = something.fetch_all_data() + + something2=Database("localhost", 3306, "db_name", "table_name", "user", "pass") + db_data2 = something.fetch_all_data() + + compare(db_data, db_data2) \ No newline at end of file diff --git a/test/encryption_test.py b/test/encryption_test.py index a4a41aa9..0a4b5ced 100644 --- a/test/encryption_test.py +++ b/test/encryption_test.py @@ -144,80 +144,3 @@ def get_results(self): return self.results -class KeyStates(Enum): - KEY_PREACTIVE = 0 - KEY_ACTIVE = 1 - KEY_DEACTIVATED = 2 - KEY_DESTROYED = 3 - KEY_CORRUPTED = 4 - - -class New_Key: - def __init__(self, key:str = "", state:int = 0, index:int = 0, random:bool = False, rand_length:int = 0): - self.key = key - self.state = state - self.index = index - self.length = 0 - self.rand_length = rand_length - self.key_bytes = [] - - i = 0 - if not random: - while(i < (len(key)-1)): - self.key_bytes.append("0x" + self.key[i] + self.key[i+1]) - i += 2 - self.length = len(self.key_bytes) - else: - self._do_random() - - def _do_random(self): - i = 0 - if self.index == 0: - self.index = randrange(0,256,1) - if self.state == 0: - self.state = randrange(0,4,1) - if self.rand_length == 0: - self.length = choice([16, 32, 64]) - else: - self.length = self.rand_length - while(i Date: Mon, 5 Aug 2024 12:52:33 +0000 Subject: [PATCH 004/241] [nasa/cryptolib#266] Re-added __main__ --- test/encryption_test.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/test/encryption_test.py b/test/encryption_test.py index 0a4b5ced..457938cb 100644 --- a/test/encryption_test.py +++ b/test/encryption_test.py @@ -1,7 +1,5 @@ from Crypto.Cipher import AES from Crypto.Hash import CMAC, HMAC, SHA256, SHA512 -from enum import Enum -from random import randrange, choice import codecs import sys @@ -144,3 +142,9 @@ def get_results(self): return self.results +if __name__ == '__main__': + # Auth Example: + something=Authentication() + something.encrypt_cmac("02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB", "ff9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f9") + something.get_len() + something.get_results() From 499db68cc7177f3c59c54278f94e9ef804db6c96 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 5 Aug 2024 12:53:20 +0000 Subject: [PATCH 005/241] [nasa/cryptolib#266] Added better formatting to output --- test/key_generator.py | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/test/key_generator.py b/test/key_generator.py index 0976c54a..28d8f7aa 100644 --- a/test/key_generator.py +++ b/test/key_generator.py @@ -2,11 +2,11 @@ from random import randrange, choice class KeyStates(Enum): - KEY_PREACTIVE = 0 - KEY_ACTIVE = 1 - KEY_DEACTIVATED = 2 - KEY_DESTROYED = 3 - KEY_CORRUPTED = 4 + KEY_PREACTIVE = 1 + KEY_ACTIVE = 2 + KEY_DEACTIVATED = 3 + KEY_DESTROYED = 4 + KEY_CORRUPTED = 5 class New_Key: @@ -17,10 +17,10 @@ def __init__(self, key:str = "", state:int = 0, index:int = 0, random:bool = Fal self.length = 0 self.rand_length = rand_length self.key_bytes = [] - + i = 0 if not random: - while(i < (len(key)-1)): + while(i < (len(self.key)-1)): self.key_bytes.append("0x" + self.key[i] + self.key[i+1]) i += 2 self.length = len(self.key_bytes) @@ -29,11 +29,11 @@ def __init__(self, key:str = "", state:int = 0, index:int = 0, random:bool = Fal def _do_random(self): i = 0 - if self.index == 0: + if not self.index: self.index = randrange(0,256,1) - if self.state == 0: - self.state = randrange(0,4,1) - if self.rand_length == 0: + if not self.state: + self.state = randrange(1,5,1) + if not self.rand_length: self.length = choice([16, 32, 64]) else: self.length = self.rand_length @@ -43,13 +43,15 @@ def _do_random(self): self.key_bytes.append(("0x0" + hex(value).split('x')[1])) else: self.key_bytes.append(hex(value)) + self.key += self.key_bytes[i].split('x')[1] i += 1 def print_keyring_entry(self): + print(f'// {self.index} - {self.key}') for i in range(self.length): print(f'key_ring[{self.index}].value[{i}] = {self.key_bytes[i]};') print(f'key_ring[{self.index}].key_len = {self.length};') - print(f'key_ring[{self.index}].key_state = {KeyStates(self.state).name};') + print(f'key_ring[{self.index}].key_state = {KeyStates(self.state).name};\n') def get_len(self): return self.length @@ -66,9 +68,9 @@ def get_state(self): something.print_keyring_entry() # 2: - # something = New_Key(index=12, state=KeyStates.KEY_ACTIVE, random=True, rand_length=13) - # something.print_keyring_entry() + something = New_Key(index=12, state=KeyStates.KEY_ACTIVE, random=True, rand_length=13) + something.print_keyring_entry() # 3: - # something = New_Key(random=True) - # something.print_keyring_entry() \ No newline at end of file + something = New_Key(random=True) + something.print_keyring_entry() \ No newline at end of file From edf87816bcfbb704a975f736c1d033fc73800044 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 12 Aug 2024 17:17:30 +0000 Subject: [PATCH 006/241] [nasa/cryptolib#147] Added basic EP key management unit tests --- test/include/ut_ep_key_validation.h | 18 ++ test/unit/ut_ep_key_validation.c | 283 ++++++++++++++++++++++++++++ 2 files changed, 301 insertions(+) create mode 100644 test/include/ut_ep_key_validation.h create mode 100644 test/unit/ut_ep_key_validation.c diff --git a/test/include/ut_ep_key_validation.h b/test/include/ut_ep_key_validation.h new file mode 100644 index 00000000..eebc4f30 --- /dev/null +++ b/test/include/ut_ep_key_validation.h @@ -0,0 +1,18 @@ +#ifndef CRYPTOLIB_UT_EP_KEY_VALIDATION_H +#define CRYPTOLIB_UT_EP_KEY_VALIDATION_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include "crypto.h" +#include "shared_util.h" +#include +#include "cryptography_interface.h" + +#ifdef __cplusplus +} /* Close scope of 'extern "C"' declaration which encloses file. */ +#endif + +#endif //CRYPTOLIB_UT_EP_KEY_VALIDATION_H \ No newline at end of file diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c new file mode 100644 index 00000000..f318f1cf --- /dev/null +++ b/test/unit/ut_ep_key_validation.c @@ -0,0 +1,283 @@ +#include "ut_ep_key_validation.h" +#include "crypto.h" +#include "crypto_error.h" +#include "sa_interface.h" +#include "utest.h" + +UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) +{ + remove("sa_save_file.bin"); + uint8_t* ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t* ekp = NULL; + int status = 0; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char* buffer_OTAR_h = "2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_OTAR_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_OTAR_len = 0; + + // Setup Processed Frame For Decryption + TC_t* tc_nist_processed_frame; + tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 9 + sa_if->sa_get_from_spi(9, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(test_association->ekid); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + + // Convert frames that will be processed + hex_conversion(buffer_OTAR_h, (char**) &buffer_OTAR_b, &buffer_OTAR_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_OTAR_b, &buffer_OTAR_len, tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(tc_nist_processed_frame); +} + +UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) +{ + remove("sa_save_file.bin"); + uint8_t* ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t* ekp = NULL; + int status = 0; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char* buffer_ACTIVATE_h = "2003001e00ff000100001880d038000c197f0b00020004008d008e82ebe4fc55555555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_ACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_ACTIVATE_len = 0; + + // Setup Processed Frame For Decryption + TC_t* tc_nist_processed_frame; + tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 9 + sa_if->sa_get_from_spi(9, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(test_association->ekid); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + + // Convert frames that will be processed + hex_conversion(buffer_ACTIVATE_h, (char**) &buffer_ACTIVATE_b, &buffer_ACTIVATE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_ACTIVATE_b, &buffer_ACTIVATE_len, tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(tc_nist_processed_frame); +} + +UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) +{ + remove("sa_save_file.bin"); + uint8_t* ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t* ekp = NULL; + int status = 0; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char* buffer_DEACTIVATE_h = "2003001c00ff000100001880d039000a197f0b00030002008e1f6d21c4555555555555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; + + // Setup Processed Frame For Decryption + TC_t* tc_nist_processed_frame; + tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 9 + sa_if->sa_get_from_spi(9, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(test_association->ekid); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + + // Convert frames that will be processed + hex_conversion(buffer_DEACTIVATE_h, (char**) &buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(tc_nist_processed_frame); +} + +UTEST(EP_KEY_VALIDATION, VERIFY_132_134) +{ + remove("sa_save_file.bin"); + uint8_t* ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t* ekp = NULL; + int status = 0; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char* buffer_VERIFY_h = "2003003e00ff000100001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_VERIFY_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_VERIFY_len = 0; + + // Setup Processed Frame For Decryption + TC_t* tc_nist_processed_frame; + tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 9 + sa_if->sa_get_from_spi(9, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(test_association->ekid); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + + // Convert frames that will be processed + hex_conversion(buffer_VERIFY_h, (char**) &buffer_VERIFY_b, &buffer_VERIFY_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_VERIFY_b, &buffer_VERIFY_len, tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(tc_nist_processed_frame); +} + +UTEST_MAIN(); \ No newline at end of file From 1937f413290ea27751135197a9f59322f940ea31 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Wed, 14 Aug 2024 12:34:10 +0000 Subject: [PATCH 007/241] [nasa/cryptolib#147] added packet breakdowns --- test/unit/ut_ep_key_validation.c | 61 +++++++++++++++++++++++++++++--- 1 file changed, 56 insertions(+), 5 deletions(-) diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c index f318f1cf..04cd70b0 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_validation.c @@ -24,6 +24,22 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char* buffer_OTAR_h = "2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; + // |2003009e00| = Primary Header + // |ff00010000| = ??? + // |1880| = CryptoLib App ID + // |d037008c197f0b| = ??? + // |0001| = PDU Tag + // |0084| = Length + // |0000| = Master Key ID + // |344892bbc54f5395297d4c37| = IV + // |172f| = Encrypted Key ID + // |2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd| = Encrypted Key + // |21cf| = Encrypted Key ID + // |268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990| = Encrypted Key + // |ba41| = EKID + // |48af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e557| = EK + // |10a47209c923b641d19a39001f9e9861| = MAC??? + // |66f5ffd95555| = Trailer??? uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_OTAR_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_OTAR_len = 0; @@ -92,7 +108,22 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_ACTIVATE_h = "2003001e00ff000100001880d038000c197f0b00020004008d008e82ebe4fc55555555"; + // char* buffer_ACTIVATE_h = "2003001e00ff000100001880d038000c197f0b00020004008d008e82ebe4fc55555555"; + char* buffer_ACTIVATE_h = "2003001e0000000100001880d038000c197f0b00020004008d008e82ebe4fc55555555"; + // |2003001e00| = Primary Header + // |ff| = SPI + // |00010000| = Security Header or Sequence #??? + // |1880| = CryptoLib App ID + // |d038000c197f0b00| = ??? + // |d| = seq/start of pktid + // |038| = end of pktid + // |000c| = pkt_length + // |197f0b00| = PUS Header + // |02| = PDU Tag + // |0004| = Length + // |008d| = Key ID + // |008e| = Key ID + // |82ebe4fc55555555| = Trailer??? uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_ACTIVATE_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_ACTIVATE_len = 0; @@ -109,12 +140,12 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) test_association->sa_state = SA_NONE; // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); + sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->est = 0; - test_association->ast = 0; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->est = 1; + test_association->ast = 1; test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; @@ -162,6 +193,15 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char* buffer_DEACTIVATE_h = "2003001c00ff000100001880d039000a197f0b00030002008e1f6d21c4555555555555"; + // |2003001c00| = Primary Header + // |ff| = SPI + // |00010000| = ??? + // |1880| = CryptoLib App ID + // |d039000a197f0b| = ??? + // |0003| = PDU Tag + // |0002| = Length + // |008e| = Key ID + // |1f6d82ebe4fc55555555| = Trailer??? uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; @@ -231,6 +271,17 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char* buffer_VERIFY_h = "2003003e00ff000100001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; + // |2003003e00| = Primary Header + // |ff| = SPI + // |00010000| = Security header + // |1880| = CryptoLib App ID + // |d03a002c197f0b| = ??? + // |0004| = PDU Tag + // |0024| = Length + // |0084| = Key ID + // |71fc3ad5b1c36ad56bd5a543| = IV + // |2315cdab008675c06302465bc6d5091a| = ENC Challenge + // | uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_VERIFY_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_VERIFY_len = 0; From 57fea751257e1eb05995ea2e47c7a379694e00c2 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 15 Aug 2024 15:39:25 +0000 Subject: [PATCH 008/241] [nasa/cryptolib#147] Expanded Packet Breakdowns --- test/unit/ut_ep_key_validation.c | 59 ++++++++++++++++++-------------- 1 file changed, 34 insertions(+), 25 deletions(-) diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c index 04cd70b0..13e109bc 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_validation.c @@ -25,11 +25,15 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char* buffer_OTAR_h = "2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; // |2003009e00| = Primary Header - // |ff00010000| = ??? + // |ff| = SPI + // |00010000| = ??? // |1880| = CryptoLib App ID - // |d037008c197f0b| = ??? + // |d037| = seq, pktid + // |008c| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare // |0001| = PDU Tag - // |0084| = Length + // |0084| = PDU Length // |0000| = Master Key ID // |344892bbc54f5395297d4c37| = IV // |172f| = Encrypted Key ID @@ -38,8 +42,8 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) // |268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990| = Encrypted Key // |ba41| = EKID // |48af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e557| = EK - // |10a47209c923b641d19a39001f9e9861| = MAC??? - // |66f5ffd95555| = Trailer??? + // |10a47209c923b641d19a39001f9e9861| = MAC + // |66f5ffd95555| = Trailer or Padding??? uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_OTAR_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_OTAR_len = 0; @@ -108,21 +112,19 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - // char* buffer_ACTIVATE_h = "2003001e00ff000100001880d038000c197f0b00020004008d008e82ebe4fc55555555"; char* buffer_ACTIVATE_h = "2003001e0000000100001880d038000c197f0b00020004008d008e82ebe4fc55555555"; // |2003001e00| = Primary Header // |ff| = SPI - // |00010000| = Security Header or Sequence #??? + // |00010000| = Security Header // |1880| = CryptoLib App ID - // |d038000c197f0b00| = ??? - // |d| = seq/start of pktid - // |038| = end of pktid + // |d038| = seq, pktid // |000c| = pkt_length - // |197f0b00| = PUS Header - // |02| = PDU Tag - // |0004| = Length - // |008d| = Key ID - // |008e| = Key ID + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |0002| = PDU Tag + // |0004| = PDU Length + // |008d| = Key ID (141) + // |008e| = Key ID (142) // |82ebe4fc55555555| = Trailer??? uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_ACTIVATE_b = NULL; @@ -195,12 +197,15 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) char* buffer_DEACTIVATE_h = "2003001c00ff000100001880d039000a197f0b00030002008e1f6d21c4555555555555"; // |2003001c00| = Primary Header // |ff| = SPI - // |00010000| = ??? + // |00010000| = security Header // |1880| = CryptoLib App ID - // |d039000a197f0b| = ??? + // |d039| = seq, packet id + // |000a| = Packet Length + // |197f| = pusv, ack, st + // |0b| = sst // |0003| = PDU Tag - // |0002| = Length - // |008e| = Key ID + // |0002| = PDU Length + // |008e| = Key ID (142) // |1f6d82ebe4fc55555555| = Trailer??? uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; @@ -275,13 +280,17 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // |ff| = SPI // |00010000| = Security header // |1880| = CryptoLib App ID - // |d03a002c197f0b| = ??? + // |d03a| = ??? + // |002c| = Packet Length + // |197f| = pusv, ack, st + // |0b| = sst // |0004| = PDU Tag - // |0024| = Length - // |0084| = Key ID - // |71fc3ad5b1c36ad56bd5a543| = IV - // |2315cdab008675c06302465bc6d5091a| = ENC Challenge - // | + // |0024| = PDU Length + // |0084| = Key ID (132) + // |71fc3ad5b1c36ad56bd5a5432315cdab| = Challenge + // |0086| = Key ID (134) + // |75c06302465bc6d5091a29957eebed35| = Challenge + // |c00a6ed8| = Trailer uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_VERIFY_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_VERIFY_len = 0; From cbef552bf958df9513350fcdfc2173438fccf57b Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 15 Aug 2024 21:00:26 +0000 Subject: [PATCH 009/241] [nasa/cryptolib#147] Working OTAR, Activation, Deactivation, and Verification --- src/core/crypto_key_mgmt.c | 36 ++++++++++++++++---------------- test/unit/ut_ep_key_validation.c | 31 ++++++++++++++++----------- 2 files changed, 37 insertions(+), 30 deletions(-) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 84d213a1..46268360 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -44,13 +44,13 @@ int32_t Crypto_Key_OTAR(void) int x = 0; int y; int32_t status = CRYPTO_LIB_SUCCESS; - int pdu_keys = (sdls_frame.pdu.pdu_len - 30) / (2 + KEY_SIZE); + int pdu_keys = (sdls_frame.pdu.pdu_len - 30) / (2 + 32); int w; crypto_key_t* ekp = NULL; - + printf("# PDU Keys: %d\n", pdu_keys); // Master Key ID packet.mkid = (sdls_frame.pdu.data[0] << 8) | (sdls_frame.pdu.data[1]); - + printf("MKID: %d\n", packet.mkid); if (packet.mkid >= 128) { report.af = 1; @@ -70,17 +70,17 @@ int32_t Crypto_Key_OTAR(void) return status; } - for (count = 2; count < (2 + IV_SIZE); count++) + for (count = 2; count < (2 + 12); count++) { // Initialization Vector packet.iv[count - 2] = sdls_frame.pdu.data[count]; - // printf("packet.iv[%d] = 0x%02x\n", count-2, packet.iv[count-2]); + //printf("packet.iv[%d] = 0x%02x\n", count-2, packet.iv[count-2]); } count = sdls_frame.pdu.pdu_len - MAC_SIZE; for (w = 0; w < 16; w++) { // MAC packet.mac[w] = sdls_frame.pdu.data[count + w]; - // printf("packet.mac[%d] = 0x%02x\n", w, packet.mac[w]); + //printf("packet.mac[%d] = 0x%02x\n", w, packet.mac[w]); } ekp = key_if->get_key(packet.mkid); @@ -91,14 +91,14 @@ int32_t Crypto_Key_OTAR(void) uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output - (size_t)(pdu_keys * (2 + KEY_SIZE)), // length of data + (size_t)(pdu_keys * (2 + 32)), // length of data NULL, // in place decryption 0, // in data length &(ekp->value[0]), //key - KEY_SIZE, //key length + ekp->key_len, //key length NULL, //SA reference &(packet.iv[0]), //IV - IV_SIZE, //IV length + 12, //IV length &(packet.mac[0]), // tag input MAC_SIZE, // tag size NULL, // AAD @@ -142,7 +142,7 @@ int32_t Crypto_Key_OTAR(void) } count = count + 2; - for (y = count; y < (KEY_SIZE + count); y++) + for (y = count; y < (32 + count); y++) { // Encrypted Key packet.EKB[x].ek[y - count] = sdls_frame.pdu.data[y]; @@ -152,7 +152,7 @@ int32_t Crypto_Key_OTAR(void) // Setup Key Ring ekp->value[y - count] = sdls_frame.pdu.data[y]; } - count = count + KEY_SIZE; + count = count + 32; // Set state to PREACTIVE ekp->key_state = KEY_PREACTIVE; @@ -164,7 +164,7 @@ int32_t Crypto_Key_OTAR(void) for (x = 0; x < pdu_keys; x++) { printf("%d) Key ID = %d, 0x", x + 1, packet.EKB[x].ekid); - for (y = 0; y < KEY_SIZE; y++) + for (y = 0; y < 32; y++) { printf("%02x", packet.EKB[x].ek[y]); } @@ -359,7 +359,7 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) // uint8_t tmp_mac[MAC_SIZE]; int x; int y; - int32_t status; + int32_t status = CRYPTO_LIB_SUCCESS; crypto_key_t* ekp = NULL; if (key_if == NULL) @@ -392,7 +392,7 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) } // Prepare for Reply - sdls_frame.pdu.pdu_len = pdu_keys * (2 + IV_SIZE + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE); + sdls_frame.pdu.pdu_len = pdu_keys * (2 + 12 + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE); sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); @@ -411,7 +411,7 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) // Initialization Vector iv_loc = count; - for (y = 0; y < IV_SIZE; y++) + for (y = 0; y < 12; y++) { ingest[count++] = *(tc_frame->tc_sec_header.iv + y); } @@ -424,10 +424,10 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) &(packet.blk[x].challenge[0]), // plaintext input (size_t)CHALLENGE_SIZE, // in data length &(ekp->value[0]), // Key Index - KEY_SIZE, // Key Length + 32, // Key Length NULL, // SA Reference for key &(ingest[iv_loc]), // IV - IV_SIZE, // IV Length + 12, // IV Length &(ingest[(count + CHALLENGE_SIZE)]), // MAC CHALLENGE_MAC_SIZE, // MAC Size NULL, @@ -447,5 +447,5 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) printf("Crypto_Key_verify: Response is %d bytes \n", count); #endif - return count; + return status; } \ No newline at end of file diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c index 13e109bc..28f5b48c 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_validation.c @@ -23,10 +23,11 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_OTAR_h = "2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; + char* buffer_OTAR_h = "2003009e00ff000000001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; // |2003009e00| = Primary Header - // |ff| = SPI - // |00010000| = ??? + // |ff| = ??? + // |0001| = SPI + // |0000| = ARSN // |1880| = CryptoLib App ID // |d037| = seq, pktid // |008c| = pkt_length @@ -59,11 +60,13 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; + // test_association->ekid = 0; + // test_association->akid = 0; test_association->est = 0; test_association->ast = 0; test_association->shsnf_len = 2; @@ -72,7 +75,9 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); + //printf("%d", buffer_nist_key_len); = 32 memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + //ekp->key_len = 32; // Convert frames that will be processed hex_conversion(buffer_OTAR_h, (char**) &buffer_OTAR_b, &buffer_OTAR_len); @@ -227,6 +232,7 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ekid = 142; test_association->est = 0; test_association->ast = 0; test_association->shsnf_len = 2; @@ -236,6 +242,7 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; // Convert frames that will be processed hex_conversion(buffer_DEACTIVATE_h, (char**) &buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); @@ -259,18 +266,19 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) UTEST(EP_KEY_VALIDATION, VERIFY_132_134) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Init(); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + int status = 0; + status = Crypto_Init(); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); SaInterface sa_if = get_sa_interface_inmemory(); crypto_key_t* ekp = NULL; - int status = 0; + // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; @@ -280,7 +288,7 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // |ff| = SPI // |00010000| = Security header // |1880| = CryptoLib App ID - // |d03a| = ??? + // |d03a| = seq, packet id // |002c| = Packet Length // |197f| = pusv, ack, st // |0b| = sst @@ -334,7 +342,6 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) printf("\n"); Crypto_Shutdown(); - free(ptr_enc_frame); free(buffer_nist_iv_b); free(buffer_nist_key_b); free(tc_nist_processed_frame); From eb7e1fea16e06b763214e0c815624df0fb31bcb3 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 19 Aug 2024 23:35:19 +0000 Subject: [PATCH 010/241] [nasa/cryptolib#147] Key inventory WIP --- .gitignore | 1 + Makefile | 844 ------------------ include/crypto.h | 4 +- include/crypto_config_structs.h | 2 +- src/core/crypto.c | 10 +- src/core/crypto_config.c | 9 +- src/core/crypto_key_mgmt.c | 58 +- .../key_interface_internal.template.c | 5 +- test/CMakeLists.txt | 4 + test/unit/ut_ep_key_validation.c | 182 +++- 10 files changed, 199 insertions(+), 920 deletions(-) delete mode 100644 Makefile diff --git a/.gitignore b/.gitignore index a885fba5..547fec94 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,4 @@ venv vgcore* core.* log.txt +Makefile diff --git a/Makefile b/Makefile deleted file mode 100644 index 52fc15e3..00000000 --- a/Makefile +++ /dev/null @@ -1,844 +0,0 @@ -# CMAKE generated file: DO NOT EDIT! -# Generated by "Unix Makefiles" Generator, CMake Version 3.22 - -# Default target executed when no arguments are given to make. -default_target: all -.PHONY : default_target - -# Allow only one "make -f Makefile2" at a time, but pass parallelism. -.NOTPARALLEL: - -#============================================================================= -# Special targets provided by cmake. - -# Disable implicit rules so canonical targets will work. -.SUFFIXES: - -# Disable VCS-based implicit rules. -% : %,v - -# Disable VCS-based implicit rules. -% : RCS/% - -# Disable VCS-based implicit rules. -% : RCS/%,v - -# Disable VCS-based implicit rules. -% : SCCS/s.% - -# Disable VCS-based implicit rules. -% : s.% - -.SUFFIXES: .hpux_make_needs_suffix_list - -# Command-line flag to silence nested $(MAKE). -$(VERBOSE)MAKESILENT = -s - -#Suppress display of executed commands. -$(VERBOSE).SILENT: - -# A target that is always out of date. -cmake_force: -.PHONY : cmake_force - -#============================================================================= -# Set environment variables for the build. - -# The shell in which to execute make rules. -SHELL = /bin/sh - -# The CMake executable. -CMAKE_COMMAND = /usr/bin/cmake - -# The command to remove a file. -RM = /usr/bin/cmake -E rm -f - -# Escaping for special characters. -EQUALS = = - -# The top-level source directory on which CMake was run. -CMAKE_SOURCE_DIR = /home/itc/Desktop/CryptoLib - -# The top-level build directory on which CMake was run. -CMAKE_BINARY_DIR = /home/itc/Desktop/CryptoLib - -#============================================================================= -# Targets provided globally by CMake. - -# Special rule for the target test -test: - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Running tests..." - /usr/bin/ctest --force-new-ctest-process $(ARGS) -.PHONY : test - -# Special rule for the target test -test/fast: test -.PHONY : test/fast - -# Special rule for the target edit_cache -edit_cache: - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "No interactive CMake dialog available..." - /usr/bin/cmake -E echo No\ interactive\ CMake\ dialog\ available. -.PHONY : edit_cache - -# Special rule for the target edit_cache -edit_cache/fast: edit_cache -.PHONY : edit_cache/fast - -# Special rule for the target rebuild_cache -rebuild_cache: - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Running CMake to regenerate build system..." - /usr/bin/cmake --regenerate-during-build -S$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) -.PHONY : rebuild_cache - -# Special rule for the target rebuild_cache -rebuild_cache/fast: rebuild_cache -.PHONY : rebuild_cache/fast - -# Special rule for the target list_install_components -list_install_components: - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Available install components are: \"Unspecified\"" -.PHONY : list_install_components - -# Special rule for the target list_install_components -list_install_components/fast: list_install_components -.PHONY : list_install_components/fast - -# Special rule for the target install -install: preinstall - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Install the project..." - /usr/bin/cmake -P cmake_install.cmake -.PHONY : install - -# Special rule for the target install -install/fast: preinstall/fast - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Install the project..." - /usr/bin/cmake -P cmake_install.cmake -.PHONY : install/fast - -# Special rule for the target install/local -install/local: preinstall - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Installing only the local directory..." - /usr/bin/cmake -DCMAKE_INSTALL_LOCAL_ONLY=1 -P cmake_install.cmake -.PHONY : install/local - -# Special rule for the target install/local -install/local/fast: preinstall/fast - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Installing only the local directory..." - /usr/bin/cmake -DCMAKE_INSTALL_LOCAL_ONLY=1 -P cmake_install.cmake -.PHONY : install/local/fast - -# Special rule for the target install/strip -install/strip: preinstall - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Installing the project stripped..." - /usr/bin/cmake -DCMAKE_INSTALL_DO_STRIP=1 -P cmake_install.cmake -.PHONY : install/strip - -# Special rule for the target install/strip -install/strip/fast: preinstall/fast - @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Installing the project stripped..." - /usr/bin/cmake -DCMAKE_INSTALL_DO_STRIP=1 -P cmake_install.cmake -.PHONY : install/strip/fast - -# The main all target -all: cmake_check_build_system - $(CMAKE_COMMAND) -E cmake_progress_start /home/itc/Desktop/CryptoLib/CMakeFiles /home/itc/Desktop/CryptoLib//CMakeFiles/progress.marks - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 all - $(CMAKE_COMMAND) -E cmake_progress_start /home/itc/Desktop/CryptoLib/CMakeFiles 0 -.PHONY : all - -# The main clean target -clean: - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 clean -.PHONY : clean - -# The main clean target -clean/fast: clean -.PHONY : clean/fast - -# Prepare targets for installation. -preinstall: all - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 preinstall -.PHONY : preinstall - -# Prepare targets for installation. -preinstall/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 preinstall -.PHONY : preinstall/fast - -# clear depends -depend: - $(CMAKE_COMMAND) -S$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) --check-build-system CMakeFiles/Makefile.cmake 1 -.PHONY : depend - -#============================================================================= -# Target rules for targets named Experimental - -# Build rule for target. -Experimental: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 Experimental -.PHONY : Experimental - -# fast build rule for target. -Experimental/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/Experimental.dir/build.make CMakeFiles/Experimental.dir/build -.PHONY : Experimental/fast - -#============================================================================= -# Target rules for targets named Nightly - -# Build rule for target. -Nightly: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 Nightly -.PHONY : Nightly - -# fast build rule for target. -Nightly/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/Nightly.dir/build.make CMakeFiles/Nightly.dir/build -.PHONY : Nightly/fast - -#============================================================================= -# Target rules for targets named Continuous - -# Build rule for target. -Continuous: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 Continuous -.PHONY : Continuous - -# fast build rule for target. -Continuous/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/Continuous.dir/build.make CMakeFiles/Continuous.dir/build -.PHONY : Continuous/fast - -#============================================================================= -# Target rules for targets named NightlyMemoryCheck - -# Build rule for target. -NightlyMemoryCheck: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlyMemoryCheck -.PHONY : NightlyMemoryCheck - -# fast build rule for target. -NightlyMemoryCheck/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlyMemoryCheck.dir/build.make CMakeFiles/NightlyMemoryCheck.dir/build -.PHONY : NightlyMemoryCheck/fast - -#============================================================================= -# Target rules for targets named NightlyStart - -# Build rule for target. -NightlyStart: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlyStart -.PHONY : NightlyStart - -# fast build rule for target. -NightlyStart/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlyStart.dir/build.make CMakeFiles/NightlyStart.dir/build -.PHONY : NightlyStart/fast - -#============================================================================= -# Target rules for targets named NightlyUpdate - -# Build rule for target. -NightlyUpdate: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlyUpdate -.PHONY : NightlyUpdate - -# fast build rule for target. -NightlyUpdate/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlyUpdate.dir/build.make CMakeFiles/NightlyUpdate.dir/build -.PHONY : NightlyUpdate/fast - -#============================================================================= -# Target rules for targets named NightlyConfigure - -# Build rule for target. -NightlyConfigure: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlyConfigure -.PHONY : NightlyConfigure - -# fast build rule for target. -NightlyConfigure/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlyConfigure.dir/build.make CMakeFiles/NightlyConfigure.dir/build -.PHONY : NightlyConfigure/fast - -#============================================================================= -# Target rules for targets named NightlyBuild - -# Build rule for target. -NightlyBuild: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlyBuild -.PHONY : NightlyBuild - -# fast build rule for target. -NightlyBuild/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlyBuild.dir/build.make CMakeFiles/NightlyBuild.dir/build -.PHONY : NightlyBuild/fast - -#============================================================================= -# Target rules for targets named NightlyTest - -# Build rule for target. -NightlyTest: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlyTest -.PHONY : NightlyTest - -# fast build rule for target. -NightlyTest/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlyTest.dir/build.make CMakeFiles/NightlyTest.dir/build -.PHONY : NightlyTest/fast - -#============================================================================= -# Target rules for targets named NightlyCoverage - -# Build rule for target. -NightlyCoverage: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlyCoverage -.PHONY : NightlyCoverage - -# fast build rule for target. -NightlyCoverage/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlyCoverage.dir/build.make CMakeFiles/NightlyCoverage.dir/build -.PHONY : NightlyCoverage/fast - -#============================================================================= -# Target rules for targets named NightlyMemCheck - -# Build rule for target. -NightlyMemCheck: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlyMemCheck -.PHONY : NightlyMemCheck - -# fast build rule for target. -NightlyMemCheck/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlyMemCheck.dir/build.make CMakeFiles/NightlyMemCheck.dir/build -.PHONY : NightlyMemCheck/fast - -#============================================================================= -# Target rules for targets named NightlySubmit - -# Build rule for target. -NightlySubmit: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 NightlySubmit -.PHONY : NightlySubmit - -# fast build rule for target. -NightlySubmit/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/NightlySubmit.dir/build.make CMakeFiles/NightlySubmit.dir/build -.PHONY : NightlySubmit/fast - -#============================================================================= -# Target rules for targets named ExperimentalStart - -# Build rule for target. -ExperimentalStart: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ExperimentalStart -.PHONY : ExperimentalStart - -# fast build rule for target. -ExperimentalStart/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ExperimentalStart.dir/build.make CMakeFiles/ExperimentalStart.dir/build -.PHONY : ExperimentalStart/fast - -#============================================================================= -# Target rules for targets named ExperimentalUpdate - -# Build rule for target. -ExperimentalUpdate: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ExperimentalUpdate -.PHONY : ExperimentalUpdate - -# fast build rule for target. -ExperimentalUpdate/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ExperimentalUpdate.dir/build.make CMakeFiles/ExperimentalUpdate.dir/build -.PHONY : ExperimentalUpdate/fast - -#============================================================================= -# Target rules for targets named ExperimentalConfigure - -# Build rule for target. -ExperimentalConfigure: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ExperimentalConfigure -.PHONY : ExperimentalConfigure - -# fast build rule for target. -ExperimentalConfigure/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ExperimentalConfigure.dir/build.make CMakeFiles/ExperimentalConfigure.dir/build -.PHONY : ExperimentalConfigure/fast - -#============================================================================= -# Target rules for targets named ExperimentalBuild - -# Build rule for target. -ExperimentalBuild: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ExperimentalBuild -.PHONY : ExperimentalBuild - -# fast build rule for target. -ExperimentalBuild/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ExperimentalBuild.dir/build.make CMakeFiles/ExperimentalBuild.dir/build -.PHONY : ExperimentalBuild/fast - -#============================================================================= -# Target rules for targets named ExperimentalTest - -# Build rule for target. -ExperimentalTest: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ExperimentalTest -.PHONY : ExperimentalTest - -# fast build rule for target. -ExperimentalTest/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ExperimentalTest.dir/build.make CMakeFiles/ExperimentalTest.dir/build -.PHONY : ExperimentalTest/fast - -#============================================================================= -# Target rules for targets named ExperimentalCoverage - -# Build rule for target. -ExperimentalCoverage: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ExperimentalCoverage -.PHONY : ExperimentalCoverage - -# fast build rule for target. -ExperimentalCoverage/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ExperimentalCoverage.dir/build.make CMakeFiles/ExperimentalCoverage.dir/build -.PHONY : ExperimentalCoverage/fast - -#============================================================================= -# Target rules for targets named ExperimentalMemCheck - -# Build rule for target. -ExperimentalMemCheck: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ExperimentalMemCheck -.PHONY : ExperimentalMemCheck - -# fast build rule for target. -ExperimentalMemCheck/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ExperimentalMemCheck.dir/build.make CMakeFiles/ExperimentalMemCheck.dir/build -.PHONY : ExperimentalMemCheck/fast - -#============================================================================= -# Target rules for targets named ExperimentalSubmit - -# Build rule for target. -ExperimentalSubmit: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ExperimentalSubmit -.PHONY : ExperimentalSubmit - -# fast build rule for target. -ExperimentalSubmit/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ExperimentalSubmit.dir/build.make CMakeFiles/ExperimentalSubmit.dir/build -.PHONY : ExperimentalSubmit/fast - -#============================================================================= -# Target rules for targets named ContinuousStart - -# Build rule for target. -ContinuousStart: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ContinuousStart -.PHONY : ContinuousStart - -# fast build rule for target. -ContinuousStart/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ContinuousStart.dir/build.make CMakeFiles/ContinuousStart.dir/build -.PHONY : ContinuousStart/fast - -#============================================================================= -# Target rules for targets named ContinuousUpdate - -# Build rule for target. -ContinuousUpdate: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ContinuousUpdate -.PHONY : ContinuousUpdate - -# fast build rule for target. -ContinuousUpdate/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ContinuousUpdate.dir/build.make CMakeFiles/ContinuousUpdate.dir/build -.PHONY : ContinuousUpdate/fast - -#============================================================================= -# Target rules for targets named ContinuousConfigure - -# Build rule for target. -ContinuousConfigure: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ContinuousConfigure -.PHONY : ContinuousConfigure - -# fast build rule for target. -ContinuousConfigure/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ContinuousConfigure.dir/build.make CMakeFiles/ContinuousConfigure.dir/build -.PHONY : ContinuousConfigure/fast - -#============================================================================= -# Target rules for targets named ContinuousBuild - -# Build rule for target. -ContinuousBuild: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ContinuousBuild -.PHONY : ContinuousBuild - -# fast build rule for target. -ContinuousBuild/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ContinuousBuild.dir/build.make CMakeFiles/ContinuousBuild.dir/build -.PHONY : ContinuousBuild/fast - -#============================================================================= -# Target rules for targets named ContinuousTest - -# Build rule for target. -ContinuousTest: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ContinuousTest -.PHONY : ContinuousTest - -# fast build rule for target. -ContinuousTest/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ContinuousTest.dir/build.make CMakeFiles/ContinuousTest.dir/build -.PHONY : ContinuousTest/fast - -#============================================================================= -# Target rules for targets named ContinuousCoverage - -# Build rule for target. -ContinuousCoverage: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ContinuousCoverage -.PHONY : ContinuousCoverage - -# fast build rule for target. -ContinuousCoverage/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ContinuousCoverage.dir/build.make CMakeFiles/ContinuousCoverage.dir/build -.PHONY : ContinuousCoverage/fast - -#============================================================================= -# Target rules for targets named ContinuousMemCheck - -# Build rule for target. -ContinuousMemCheck: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ContinuousMemCheck -.PHONY : ContinuousMemCheck - -# fast build rule for target. -ContinuousMemCheck/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ContinuousMemCheck.dir/build.make CMakeFiles/ContinuousMemCheck.dir/build -.PHONY : ContinuousMemCheck/fast - -#============================================================================= -# Target rules for targets named ContinuousSubmit - -# Build rule for target. -ContinuousSubmit: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ContinuousSubmit -.PHONY : ContinuousSubmit - -# fast build rule for target. -ContinuousSubmit/fast: - $(MAKE) $(MAKESILENT) -f CMakeFiles/ContinuousSubmit.dir/build.make CMakeFiles/ContinuousSubmit.dir/build -.PHONY : ContinuousSubmit/fast - -#============================================================================= -# Target rules for targets named crypto - -# Build rule for target. -crypto: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 crypto -.PHONY : crypto - -# fast build rule for target. -crypto/fast: - $(MAKE) $(MAKESILENT) -f src/CMakeFiles/crypto.dir/build.make src/CMakeFiles/crypto.dir/build -.PHONY : crypto/fast - -#============================================================================= -# Target rules for targets named et_dt_validation - -# Build rule for target. -et_dt_validation: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 et_dt_validation -.PHONY : et_dt_validation - -# fast build rule for target. -et_dt_validation/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/et_dt_validation.dir/build.make test/CMakeFiles/et_dt_validation.dir/build -.PHONY : et_dt_validation/fast - -#============================================================================= -# Target rules for targets named ut_aes_gcm_siv - -# Build rule for target. -ut_aes_gcm_siv: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_aes_gcm_siv -.PHONY : ut_aes_gcm_siv - -# fast build rule for target. -ut_aes_gcm_siv/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_aes_gcm_siv.dir/build.make test/CMakeFiles/ut_aes_gcm_siv.dir/build -.PHONY : ut_aes_gcm_siv/fast - -#============================================================================= -# Target rules for targets named ut_aos_apply - -# Build rule for target. -ut_aos_apply: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_aos_apply -.PHONY : ut_aos_apply - -# fast build rule for target. -ut_aos_apply/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_aos_apply.dir/build.make test/CMakeFiles/ut_aos_apply.dir/build -.PHONY : ut_aos_apply/fast - -#============================================================================= -# Target rules for targets named ut_aos_process - -# Build rule for target. -ut_aos_process: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_aos_process -.PHONY : ut_aos_process - -# fast build rule for target. -ut_aos_process/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_aos_process.dir/build.make test/CMakeFiles/ut_aos_process.dir/build -.PHONY : ut_aos_process/fast - -#============================================================================= -# Target rules for targets named ut_crypto - -# Build rule for target. -ut_crypto: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_crypto -.PHONY : ut_crypto - -# fast build rule for target. -ut_crypto/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_crypto.dir/build.make test/CMakeFiles/ut_crypto.dir/build -.PHONY : ut_crypto/fast - -#============================================================================= -# Target rules for targets named ut_crypto_config - -# Build rule for target. -ut_crypto_config: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_crypto_config -.PHONY : ut_crypto_config - -# fast build rule for target. -ut_crypto_config/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_crypto_config.dir/build.make test/CMakeFiles/ut_crypto_config.dir/build -.PHONY : ut_crypto_config/fast - -#============================================================================= -# Target rules for targets named ut_crypto_mc - -# Build rule for target. -ut_crypto_mc: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_crypto_mc -.PHONY : ut_crypto_mc - -# fast build rule for target. -ut_crypto_mc/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_crypto_mc.dir/build.make test/CMakeFiles/ut_crypto_mc.dir/build -.PHONY : ut_crypto_mc/fast - -#============================================================================= -# Target rules for targets named ut_mysql_m_tls_connection - -# Build rule for target. -ut_mysql_m_tls_connection: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_mysql_m_tls_connection -.PHONY : ut_mysql_m_tls_connection - -# fast build rule for target. -ut_mysql_m_tls_connection/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_mysql_m_tls_connection.dir/build.make test/CMakeFiles/ut_mysql_m_tls_connection.dir/build -.PHONY : ut_mysql_m_tls_connection/fast - -#============================================================================= -# Target rules for targets named ut_mysql_tls_connection - -# Build rule for target. -ut_mysql_tls_connection: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_mysql_tls_connection -.PHONY : ut_mysql_tls_connection - -# fast build rule for target. -ut_mysql_tls_connection/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_mysql_tls_connection.dir/build.make test/CMakeFiles/ut_mysql_tls_connection.dir/build -.PHONY : ut_mysql_tls_connection/fast - -#============================================================================= -# Target rules for targets named ut_sa_save - -# Build rule for target. -ut_sa_save: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_sa_save -.PHONY : ut_sa_save - -# fast build rule for target. -ut_sa_save/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_sa_save.dir/build.make test/CMakeFiles/ut_sa_save.dir/build -.PHONY : ut_sa_save/fast - -#============================================================================= -# Target rules for targets named ut_sadb_err_cases_kmc_crypto - -# Build rule for target. -ut_sadb_err_cases_kmc_crypto: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_sadb_err_cases_kmc_crypto -.PHONY : ut_sadb_err_cases_kmc_crypto - -# fast build rule for target. -ut_sadb_err_cases_kmc_crypto/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/build.make test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/build -.PHONY : ut_sadb_err_cases_kmc_crypto/fast - -#============================================================================= -# Target rules for targets named ut_tc_apply - -# Build rule for target. -ut_tc_apply: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_tc_apply -.PHONY : ut_tc_apply - -# fast build rule for target. -ut_tc_apply/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_tc_apply.dir/build.make test/CMakeFiles/ut_tc_apply.dir/build -.PHONY : ut_tc_apply/fast - -#============================================================================= -# Target rules for targets named ut_tc_process - -# Build rule for target. -ut_tc_process: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_tc_process -.PHONY : ut_tc_process - -# fast build rule for target. -ut_tc_process/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_tc_process.dir/build.make test/CMakeFiles/ut_tc_process.dir/build -.PHONY : ut_tc_process/fast - -#============================================================================= -# Target rules for targets named ut_tm_apply - -# Build rule for target. -ut_tm_apply: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_tm_apply -.PHONY : ut_tm_apply - -# fast build rule for target. -ut_tm_apply/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_tm_apply.dir/build.make test/CMakeFiles/ut_tm_apply.dir/build -.PHONY : ut_tm_apply/fast - -#============================================================================= -# Target rules for targets named ut_tm_process - -# Build rule for target. -ut_tm_process: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 ut_tm_process -.PHONY : ut_tm_process - -# fast build rule for target. -ut_tm_process/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/ut_tm_process.dir/build.make test/CMakeFiles/ut_tm_process.dir/build -.PHONY : ut_tm_process/fast - -#============================================================================= -# Target rules for targets named gcov - -# Build rule for target. -gcov: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 gcov -.PHONY : gcov - -# fast build rule for target. -gcov/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/gcov.dir/build.make test/CMakeFiles/gcov.dir/build -.PHONY : gcov/fast - -#============================================================================= -# Target rules for targets named scrub - -# Build rule for target. -scrub: cmake_check_build_system - $(MAKE) $(MAKESILENT) -f CMakeFiles/Makefile2 scrub -.PHONY : scrub - -# fast build rule for target. -scrub/fast: - $(MAKE) $(MAKESILENT) -f test/CMakeFiles/scrub.dir/build.make test/CMakeFiles/scrub.dir/build -.PHONY : scrub/fast - -# Help Target -help: - @echo "The following are some of the valid targets for this Makefile:" - @echo "... all (the default if no target is provided)" - @echo "... clean" - @echo "... depend" - @echo "... edit_cache" - @echo "... install" - @echo "... install/local" - @echo "... install/strip" - @echo "... list_install_components" - @echo "... rebuild_cache" - @echo "... test" - @echo "... Continuous" - @echo "... ContinuousBuild" - @echo "... ContinuousConfigure" - @echo "... ContinuousCoverage" - @echo "... ContinuousMemCheck" - @echo "... ContinuousStart" - @echo "... ContinuousSubmit" - @echo "... ContinuousTest" - @echo "... ContinuousUpdate" - @echo "... Experimental" - @echo "... ExperimentalBuild" - @echo "... ExperimentalConfigure" - @echo "... ExperimentalCoverage" - @echo "... ExperimentalMemCheck" - @echo "... ExperimentalStart" - @echo "... ExperimentalSubmit" - @echo "... ExperimentalTest" - @echo "... ExperimentalUpdate" - @echo "... Nightly" - @echo "... NightlyBuild" - @echo "... NightlyConfigure" - @echo "... NightlyCoverage" - @echo "... NightlyMemCheck" - @echo "... NightlyMemoryCheck" - @echo "... NightlyStart" - @echo "... NightlySubmit" - @echo "... NightlyTest" - @echo "... NightlyUpdate" - @echo "... gcov" - @echo "... scrub" - @echo "... crypto" - @echo "... et_dt_validation" - @echo "... ut_aes_gcm_siv" - @echo "... ut_aos_apply" - @echo "... ut_aos_process" - @echo "... ut_crypto" - @echo "... ut_crypto_config" - @echo "... ut_crypto_mc" - @echo "... ut_mysql_m_tls_connection" - @echo "... ut_mysql_tls_connection" - @echo "... ut_sa_save" - @echo "... ut_sadb_err_cases_kmc_crypto" - @echo "... ut_tc_apply" - @echo "... ut_tc_process" - @echo "... ut_tm_apply" - @echo "... ut_tm_process" -.PHONY : help - - - -#============================================================================= -# Special targets to cleanup operation of make. - -# Special rule to run CMake to check the build system integrity. -# No rule that depends on this can have commands that come from listfiles -# because they might be regenerated. -cmake_check_build_system: - $(CMAKE_COMMAND) -S$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) --check-build-system CMakeFiles/Makefile.cmake 0 -.PHONY : cmake_check_build_system - diff --git a/include/crypto.h b/include/crypto.h index 3fabd15a..4af3c972 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -214,8 +214,8 @@ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, // Key Management Functions int32_t Crypto_Key_OTAR(void); int32_t Crypto_Key_update(uint8_t state); -int32_t Crypto_Key_inventory(uint8_t* ); -int32_t Crypto_Key_verify(uint8_t* , TC_t* tc_frame); +int32_t Crypto_Key_inventory(uint8_t* , int*); +int32_t Crypto_Key_verify(uint8_t* , TC_t* tc_frame, int*); // Security Monitoring & Control Procedure int32_t Crypto_MC_ping(uint8_t* ingest); diff --git a/include/crypto_config_structs.h b/include/crypto_config_structs.h index c2de3457..09123c93 100644 --- a/include/crypto_config_structs.h +++ b/include/crypto_config_structs.h @@ -233,7 +233,7 @@ struct _GvcidManagedParameters_t TcSegmentHdrsPresent has_segmentation_hdr; uint16_t max_frame_size; // Maximum TC/TM Frame Length with headers OcfPresent has_ocf; - int set_flag; // Will be a list of managed parameters! + int set_flag; }; #define GVCID_MANAGED_PARAMETERS_SIZE (sizeof(GvcidManagedParameters_t)) diff --git a/src/core/crypto.c b/src/core/crypto.c index 9b376fb1..5050c030 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -428,6 +428,8 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) { int32_t status = CRYPTO_LIB_SUCCESS; + int count = 0; + int* count_ptr = &count; switch (sdls_frame.pdu.type) { @@ -462,7 +464,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) #ifdef PDU_DEBUG printf(KGRN "Key Verify\n" RESET); #endif - status = Crypto_Key_verify(ingest, tc_frame); + status = Crypto_Key_verify(ingest, tc_frame, count_ptr); break; case PID_KEY_DESTRUCTION: #ifdef PDU_DEBUG @@ -474,7 +476,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) #ifdef PDU_DEBUG printf(KGRN "Key Inventory\n" RESET); #endif - status = Crypto_Key_inventory(ingest); + status = Crypto_Key_inventory(ingest, count_ptr); break; default: printf(KRED "Error: Crypto_PDU failed interpreting Key Management Procedure Identification Field! " @@ -670,10 +672,10 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) #ifdef CCSDS_DEBUG int x; - if ((status > 0) && (ingest != NULL)) + if ((status == 0) && (*count_ptr > 0) && (ingest != NULL)) { printf(KMAG "CCSDS message put on software bus: 0x" RESET); - for (x = 0; x < status; x++) + for (x = 0; x < *count_ptr; x++) { printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); } diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index aeae80b4..be0a7134 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -213,7 +213,7 @@ int32_t Crypto_Init(void) // #ifdef TC_DEBUG // Crypto_mpPrint(gvcid_managed_parameters, 1); // #endif - + printf("Fail b4 KEY\n"); /* Key Interface */ if (key_if == NULL) { if (crypto_config.key_type == KEY_TYPE_CUSTOM) @@ -223,15 +223,17 @@ int32_t Crypto_Init(void) else if (crypto_config.key_type == KEY_TYPE_INTERNAL) { key_if = get_key_interface_internal(); + printf("Fail after key\n"); } else // KEY_TYPE_KMC { key_if = get_key_interface_kmc(); } } + printf("Fail b4 key_init\n"); key_if->key_init(); // TODO: Check and return status on error - + printf("Fail b4 MC"); /* MC Interface */ if (mc_if == NULL) { if (crypto_config.mc_type == MC_TYPE_CUSTOM) @@ -249,7 +251,7 @@ int32_t Crypto_Init(void) } mc_if->mc_initialize(); // TODO: Check and return status on error - + printf("Fail b4 SA"); /* SA Interface */ if (sa_if == NULL) { // Prepare SA type from config @@ -259,6 +261,7 @@ int32_t Crypto_Init(void) } else if (crypto_config.sa_type == SA_TYPE_INMEMORY) { + printf("Fail SA"); sa_if = get_sa_interface_inmemory(); } else if (crypto_config.sa_type == SA_TYPE_MARIADB) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 46268360..fcd8a6fd 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -296,13 +296,12 @@ int32_t Crypto_Key_update(uint8_t state) * @param ingest: uint8_t* * @return int32: count **/ -int32_t Crypto_Key_inventory(uint8_t* ingest) +int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) { // Local variables SDLS_KEY_INVENTORY_t packet; - int count = 0; uint16_t range = 0; - int32_t status; + int32_t status = CRYPTO_LIB_SUCCESS; crypto_key_t* ekp = NULL; uint16_t x; @@ -313,23 +312,23 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) } // Read in PDU - packet.kid_first = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); - count = count + 2; - packet.kid_last = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); - count = count + 2; + packet.kid_first = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); + *count = *count + 2; + packet.kid_last = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); + *count = *count + 2; // Prepare for Reply range = packet.kid_last - packet.kid_first; sdls_frame.pdu.pdu_len = 2 + (range * (2 + 1)); sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; - count = Crypto_Prep_Reply(ingest, 128); - ingest[count++] = (range & 0xFF00) >> 8; - ingest[count++] = (range & 0x00FF); + *count = Crypto_Prep_Reply(ingest, 128); + ingest[*count += 1] = (range & 0xFF00) >> 8; + ingest[*count += 1] = (range & 0x00FF); for (x = packet.kid_first; x < packet.kid_last; x++) { // Key ID - ingest[count++] = (x & 0xFF00) >> 8; - ingest[count++] = (x & 0x00FF); + ingest[*count += 1] = (x & 0xFF00) >> 8; + ingest[*count += 1] = (x & 0x00FF); // Get Key ekp = key_if->get_key(x); if (ekp == NULL) @@ -337,9 +336,9 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) return CRYPTO_LIB_ERR_KEY_ID_ERROR; } // Key State - ingest[count++] = ekp->key_state; + ingest[*count += 1] = ekp->key_state; } - return count; + return status; } /** @@ -348,13 +347,11 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) * @param tc_frame: TC_t* * @return int32: count **/ -int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) +int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) { // Local variables SDLS_KEYV_CMD_t packet; - int count = 0; int pdu_keys = sdls_frame.pdu.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; - uint8_t iv_loc; // uint8_t tmp_mac[MAC_SIZE]; int x; @@ -376,15 +373,15 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) for (x = 0; x < pdu_keys; x++) { // Key ID - packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); - count = count + 2; + packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); + *count += 2; #ifdef PDU_DEBUG printf("Crypto_Key_verify: Block %d Key ID is %d \n", x, packet.blk[x].kid); #endif // Key Challenge for (y = 0; y < CHALLENGE_SIZE; y++) { - packet.blk[x].challenge[y] = sdls_frame.pdu.data[count++]; + packet.blk[x].challenge[y] = sdls_frame.pdu.data[*count += 1]; } #ifdef PDU_DEBUG printf("\n"); @@ -394,13 +391,12 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) // Prepare for Reply sdls_frame.pdu.pdu_len = pdu_keys * (2 + 12 + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE); sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; - count = Crypto_Prep_Reply(ingest, 128); - + *count = Crypto_Prep_Reply(ingest, 128); for (x = 0; x < pdu_keys; x++) { // Key ID - ingest[count++] = (packet.blk[x].kid & 0xFF00) >> 8; - ingest[count++] = (packet.blk[x].kid & 0x00FF); + ingest[*count += 1] = (packet.blk[x].kid & 0xFF00) >> 8; + ingest[*count += 1] = (packet.blk[x].kid & 0x00FF); // Get Key ekp = key_if->get_key(x); @@ -410,16 +406,16 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) } // Initialization Vector - iv_loc = count; + iv_loc = *count; for (y = 0; y < 12; y++) { - ingest[count++] = *(tc_frame->tc_sec_header.iv + y); + ingest[*count += 1] = *(tc_frame->tc_sec_header.iv + y); } - ingest[count - 1] = ingest[count - 1] + x + 1; + ingest[*count - 1] = ingest[*count - 1] + x + 1; // Encrypt challenge uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; - cryptography_if->cryptography_aead_encrypt(&(ingest[count]), // ciphertext output + cryptography_if->cryptography_aead_encrypt(&(ingest[*count]), // ciphertext output (size_t)CHALLENGE_SIZE, // length of data &(packet.blk[x].challenge[0]), // plaintext input (size_t)CHALLENGE_SIZE, // in data length @@ -428,7 +424,7 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) NULL, // SA Reference for key &(ingest[iv_loc]), // IV 12, // IV Length - &(ingest[(count + CHALLENGE_SIZE)]), // MAC + &(ingest[(*count + CHALLENGE_SIZE)]), // MAC CHALLENGE_MAC_SIZE, // MAC Size NULL, 0, @@ -440,11 +436,11 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) NULL // cam_cookies ); - count += CHALLENGE_SIZE + CHALLENGE_MAC_SIZE; // Don't forget to increment count! + *count += CHALLENGE_SIZE + CHALLENGE_MAC_SIZE; // Don't forget to increment count! } #ifdef PDU_DEBUG - printf("Crypto_Key_verify: Response is %d bytes \n", count); + printf("Crypto_Key_verify: Response is %d bytes \n", *count); #endif return status; diff --git a/src/key/internal/key_interface_internal.template.c b/src/key/internal/key_interface_internal.template.c index b59335cf..03d1ac6e 100644 --- a/src/key/internal/key_interface_internal.template.c +++ b/src/key/internal/key_interface_internal.template.c @@ -54,7 +54,7 @@ static crypto_key_t* get_key(uint32_t key_id) static int32_t key_init(void) { int32_t status = CRYPTO_LIB_SUCCESS; - + printf("Fail start key_init\n"); // Initialize all to zero for(uint32_t i = 0; i < NUM_KEYS; i++) { @@ -65,6 +65,7 @@ static int32_t key_init(void) key_ring[i].key_len = 0; key_ring[i].key_state = 0; } + printf("Fail after key_init\n"); // Master Keys // 0 - 000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F -> ACTIVE @@ -602,7 +603,7 @@ static int32_t key_init(void) #ifdef DEBUG printf(KGRN "Key internal interface intialized \n" RESET); #endif - + printf("%d\n", status); return status; } diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index dcf8273d..54a417c8 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -57,6 +57,10 @@ add_test(NAME UT_TM_PROCESS COMMAND ${PROJECT_BINARY_DIR}/bin/ut_tm_process WORKING_DIRECTORY ${PROJECT_TEST_DIR}) +add_test(NAME UT_EP_KEY_VALIDATION + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_key_validation + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + if(NOT ${CRYPTO_WOLFSSL}) add_test(NAME UT_AES_GCM_SIV COMMAND ${PROJECT_BINARY_DIR}/bin/ut_aes_gcm_siv diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c index 28f5b48c..44f2a3c0 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_validation.c @@ -11,22 +11,29 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) // Setup & Initialize CryptoLib Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); crypto_key_t* ekp = NULL; - int status = 0; + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char* buffer_OTAR_h = "2003009e00ff000000001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; // |2003009e00| = Primary Header - // |ff| = ??? - // |0001| = SPI + // |ff| = Ext. Procs + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d037| = seq, pktid @@ -65,8 +72,6 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; - // test_association->ekid = 0; - // test_association->akid = 0; test_association->est = 0; test_association->ast = 0; test_association->shsnf_len = 2; @@ -75,9 +80,7 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); - //printf("%d", buffer_nist_key_len); = 32 memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - //ekp->key_len = 32; // Convert frames that will be processed hex_conversion(buffer_OTAR_h, (char**) &buffer_OTAR_b, &buffer_OTAR_len); @@ -105,19 +108,26 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) // Setup & Initialize CryptoLib Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); crypto_key_t* ekp = NULL; - int status = 0; + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_ACTIVATE_h = "2003001e0000000100001880d038000c197f0b00020004008d008e82ebe4fc55555555"; + char* buffer_ACTIVATE_h = "2003001e00ff000000001880d038000c197f0b00020004008d008e82ebe4fc55555555"; // |2003001e00| = Primary Header // |ff| = SPI // |00010000| = Security Header @@ -150,12 +160,12 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->est = 1; - test_association->ast = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; + test_association->iv_len = 12; + // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); @@ -175,7 +185,7 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) printf("\n"); Crypto_Shutdown(); free(ptr_enc_frame); - free(buffer_nist_iv_b); + //free(buffer_nist_iv_b); free(buffer_nist_key_b); free(tc_nist_processed_frame); } @@ -187,19 +197,26 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) // Setup & Initialize CryptoLib Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); crypto_key_t* ekp = NULL; - int status = 0; + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_DEACTIVATE_h = "2003001c00ff000100001880d039000a197f0b00030002008e1f6d21c4555555555555"; + char* buffer_DEACTIVATE_h = "2003001c00ff000000001880d039000a197f0b00030002008e1f6d21c4555555555555"; // |2003001c00| = Primary Header // |ff| = SPI // |00010000| = security Header @@ -228,16 +245,18 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) test_association->sa_state = SA_NONE; // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); + sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->ekid = 142; + //test_association->ekid = 142; test_association->est = 0; test_association->ast = 0; + test_association->iv_len = 12; test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; + // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); @@ -269,11 +288,17 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // Setup & Initialize CryptoLib Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int status = 0; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + int status = CRYPTO_LIB_SUCCESS; status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); SaInterface sa_if = get_sa_interface_inmemory(); @@ -283,10 +308,10 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_VERIFY_h = "2003003e00ff000100001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; + char* buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; // |2003003e00| = Primary Header // |ff| = SPI - // |00010000| = Security header + // |00000000| = Security header // |1880| = CryptoLib App ID // |d03a| = seq, packet id // |002c| = Packet Length @@ -315,12 +340,13 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) test_association->sa_state = SA_NONE; // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); + sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; test_association->est = 0; test_association->ast = 0; + test_association->iv_len = 12; test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; @@ -347,4 +373,94 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) free(tc_nist_processed_frame); } +UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + int status = CRYPTO_LIB_SUCCESS; + status = Crypto_Init(); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // SaInterface sa_if = get_sa_interface_inmemory(); + // crypto_key_t* ekp = NULL; + + + // NOTE: Added Transfer Frame header to the plaintext + // char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + // char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + // char* buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; + // |2003001c00| = Primary Header + // |ff| = SPI + // |00000000| = security Header + // |1880| = CryptoLib App ID + // |d03b| = seq, packet id + // |000a| = Packet Length + // |197f| = pusv, ack, st + // |0b| = sst + // |0007| = PDU Tag + // |0004| = PDU Length + // |0084| = Key ID (132) + // |0086| = Key ID (134) + // |1f6d82ebe4fc55555555| = Trailer??? + + // uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; + // int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; + // printf("Fail 5\n"); + // // Setup Processed Frame For Decryption + // TC_t* tc_nist_processed_frame; + // tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + + // // Expose/setup SAs for testing + // SecurityAssociation_t* test_association; + + // // Deactivate SA 1 + // sa_if->sa_get_from_spi(1, &test_association); + // test_association->sa_state = SA_NONE; + + // // Activate SA 9 + // sa_if->sa_get_from_spi(0, &test_association); + // test_association->sa_state = SA_OPERATIONAL; + // test_association->ecs_len = 1; + // test_association->ecs = CRYPTO_CIPHER_NONE; + // test_association->est = 0; + // test_association->ast = 0; + // test_association->shsnf_len = 2; + // test_association->arsn_len = 2; + // test_association->arsnw = 5; + // printf("Fail 6\n"); + // // Insert key into keyring of SA 9 + // hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + // ekp = key_if->get_key(test_association->ekid); + // memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + // printf("Fail 7\n"); + // // Convert frames that will be processed + // hex_conversion(buffer_INVENTORY_h, (char**) &buffer_INVENTORY_b, &buffer_INVENTORY_len); + // // Convert/Set input IV + // hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + // memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + // printf("Fail 8\n"); + // // Expect success on next valid IV && ARSN + // printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + // status = Crypto_TC_ProcessSecurity(buffer_INVENTORY_b, &buffer_INVENTORY_len, tc_nist_processed_frame); + // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // printf("\n"); + // Crypto_Shutdown(); + // free(buffer_nist_iv_b); + // free(buffer_nist_key_b); + // free(tc_nist_processed_frame); + ASSERT_EQ(0,0); +} + UTEST_MAIN(); \ No newline at end of file From e66f723e71987cb87318286cc7527d1abd9dc694 Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Tue, 20 Aug 2024 01:13:31 +0000 Subject: [PATCH 011/241] [nasa/Cryptolib#147] Updates to manage parameters, crypto_shutdown(libgcrypt), unit test updates --- src/core/crypto_config.c | 22 +- ...ryptography_interface_libgcrypt.template.c | 28 ++- .../key_interface_internal.template.c | 3 - test/unit/ut_ep_key_validation.c | 215 +++++++++--------- 4 files changed, 138 insertions(+), 130 deletions(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index be0a7134..9dac7829 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -42,8 +42,8 @@ int gvcid_counter = 0; GvcidManagedParameters_t gvcid_null_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; GvcidManagedParameters_t current_managed_parameters_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; -GvcidManagedParameters_t* gvcid_managed_parameters = NULL; -GvcidManagedParameters_t* current_managed_parameters = NULL; +//GvcidManagedParameters_t* gvcid_managed_parameters = NULL; +// GvcidManagedParameters_t* current_managed_parameters = NULL; // Free all configuration structs int32_t crypto_free_config_structs(void); @@ -213,7 +213,6 @@ int32_t Crypto_Init(void) // #ifdef TC_DEBUG // Crypto_mpPrint(gvcid_managed_parameters, 1); // #endif - printf("Fail b4 KEY\n"); /* Key Interface */ if (key_if == NULL) { if (crypto_config.key_type == KEY_TYPE_CUSTOM) @@ -223,17 +222,14 @@ int32_t Crypto_Init(void) else if (crypto_config.key_type == KEY_TYPE_INTERNAL) { key_if = get_key_interface_internal(); - printf("Fail after key\n"); } else // KEY_TYPE_KMC { key_if = get_key_interface_kmc(); } } - printf("Fail b4 key_init\n"); key_if->key_init(); // TODO: Check and return status on error - printf("Fail b4 MC"); /* MC Interface */ if (mc_if == NULL) { if (crypto_config.mc_type == MC_TYPE_CUSTOM) @@ -251,7 +247,6 @@ int32_t Crypto_Init(void) } mc_if->mc_initialize(); // TODO: Check and return status on error - printf("Fail b4 SA"); /* SA Interface */ if (sa_if == NULL) { // Prepare SA type from config @@ -261,7 +256,6 @@ int32_t Crypto_Init(void) } else if (crypto_config.sa_type == SA_TYPE_INMEMORY) { - printf("Fail SA"); sa_if = get_sa_interface_inmemory(); } else if (crypto_config.sa_type == SA_TYPE_MARIADB) @@ -361,29 +355,25 @@ int32_t Crypto_Shutdown(void) crypto_free_config_structs(); - current_managed_parameters = NULL; + //current_managed_parameters = NULL; current_managed_parameters_struct = gvcid_null_struct; - for(int i = 0; i < gvcid_counter; i++) + for(int i = 0; i <= gvcid_counter; i++) { gvcid_managed_parameters_array[i] = gvcid_null_struct; } gvcid_counter = 0; - // if (gvcid_managed_parameters != NULL) - // { - // Crypto_Free_Managed_Parameters(gvcid_managed_parameters); - // gvcid_managed_parameters = NULL; - // } - if(key_if != NULL) { key_if->key_shutdown(); + key_if=NULL; } if(mc_if != NULL) { mc_if->mc_shutdown(); + mc_if=NULL; } if (sa_if != NULL) diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index e6655096..668ac113 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -119,7 +119,33 @@ static int32_t cryptography_init(void) return status; } -static int32_t cryptography_shutdown(void){ return CRYPTO_LIB_SUCCESS; } +static int32_t cryptography_shutdown(void){ + int32_t status = CRYPTO_LIB_SUCCESS; + + gvcid_counter = 0; + + if(key_if != NULL) + { + key_if=NULL; + } + + if(mc_if != NULL) + { + mc_if=NULL; + } + + if (sa_if != NULL) + { + sa_if = NULL; + } + + if (cryptography_if != NULL) + { + cryptography_if = NULL; + } + + return status; + } static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, uint8_t* data_in, size_t len_data_in, diff --git a/src/key/internal/key_interface_internal.template.c b/src/key/internal/key_interface_internal.template.c index 03d1ac6e..ef50efa4 100644 --- a/src/key/internal/key_interface_internal.template.c +++ b/src/key/internal/key_interface_internal.template.c @@ -54,7 +54,6 @@ static crypto_key_t* get_key(uint32_t key_id) static int32_t key_init(void) { int32_t status = CRYPTO_LIB_SUCCESS; - printf("Fail start key_init\n"); // Initialize all to zero for(uint32_t i = 0; i < NUM_KEYS; i++) { @@ -65,7 +64,6 @@ static int32_t key_init(void) key_ring[i].key_len = 0; key_ring[i].key_state = 0; } - printf("Fail after key_init\n"); // Master Keys // 0 - 000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F -> ACTIVE @@ -603,7 +601,6 @@ static int32_t key_init(void) #ifdef DEBUG printf(KGRN "Key internal interface intialized \n" RESET); #endif - printf("%d\n", status); return status; } diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c index 44f2a3c0..f8834961 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_validation.c @@ -7,7 +7,6 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, @@ -57,8 +56,7 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) int buffer_nist_iv_len, buffer_nist_key_len, buffer_OTAR_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + TC_t tc_nist_processed_frame; // Expose/setup SAs for testing SecurityAssociation_t* test_association; @@ -77,6 +75,7 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; + test_association->iv_len = 12; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); @@ -90,15 +89,14 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_OTAR_b, &buffer_OTAR_len, tc_nist_processed_frame); + status = Crypto_TC_ProcessSecurity(buffer_OTAR_b, &buffer_OTAR_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); - free(ptr_enc_frame); free(buffer_nist_iv_b); free(buffer_nist_key_b); - free(tc_nist_processed_frame); + free(buffer_OTAR_b); } UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) @@ -146,8 +144,7 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) int buffer_nist_iv_len, buffer_nist_key_len, buffer_ACTIVATE_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + TC_t tc_nist_processed_frame; // Expose/setup SAs for testing SecurityAssociation_t* test_association; @@ -179,15 +176,15 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_ACTIVATE_b, &buffer_ACTIVATE_len, tc_nist_processed_frame); + status = Crypto_TC_ProcessSecurity(buffer_ACTIVATE_b, &buffer_ACTIVATE_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); free(ptr_enc_frame); - //free(buffer_nist_iv_b); + free(buffer_nist_iv_b); free(buffer_nist_key_b); - free(tc_nist_processed_frame); + free(buffer_ACTIVATE_b); } UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) @@ -234,8 +231,7 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + TC_t tc_nist_processed_frame; // Expose/setup SAs for testing SecurityAssociation_t* test_association; @@ -271,7 +267,7 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, tc_nist_processed_frame); + status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); @@ -279,7 +275,98 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) free(ptr_enc_frame); free(buffer_nist_iv_b); free(buffer_nist_key_b); - free(tc_nist_processed_frame); + free(buffer_DEACTIVATE_b); +} + +UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + //GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + //Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + int status = CRYPTO_LIB_SUCCESS; + printf("HERE1\n"); + status = Crypto_Init(); + printf("HERE2\n"); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t* ekp = NULL; + + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char* buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; + // |2003001c00| = Primary Header + // |ff| = SPI + // |00000000| = security Header + // |1880| = CryptoLib App ID + // |d03b| = seq, packet id + // |000a| = Packet Length + // |197f| = pusv, ack, st + // |0b| = sst + // |0007| = PDU Tag + // |0004| = PDU Length + // |0084| = Key ID (132) + // |0086| = Key ID (134) + // |1f6d82ebe4fc55555555| = Trailer??? + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; + printf("Fail 5\n"); + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 9 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->iv_len = 12; + printf("Fail 6\n"); + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(test_association->ekid); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + printf("Fail 7\n"); + // Convert frames that will be processed + hex_conversion(buffer_INVENTORY_h, (char**) &buffer_INVENTORY_b, &buffer_INVENTORY_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + printf("Fail 8\n"); + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_INVENTORY_b, &buffer_INVENTORY_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + ASSERT_EQ(0,0); } UTEST(EP_KEY_VALIDATION, VERIFY_132_134) @@ -329,8 +416,7 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) int buffer_nist_iv_len, buffer_nist_key_len, buffer_VERIFY_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + TC_t tc_nist_processed_frame; // Expose/setup SAs for testing SecurityAssociation_t* test_association; @@ -363,104 +449,13 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_VERIFY_b, &buffer_VERIFY_len, tc_nist_processed_frame); + status = Crypto_TC_ProcessSecurity(buffer_VERIFY_b, &buffer_VERIFY_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); free(buffer_nist_iv_b); free(buffer_nist_key_b); - free(tc_nist_processed_frame); -} - -UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) -{ - remove("sa_save_file.bin"); - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - - int status = CRYPTO_LIB_SUCCESS; - status = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - // SaInterface sa_if = get_sa_interface_inmemory(); - // crypto_key_t* ekp = NULL; - - - // NOTE: Added Transfer Frame header to the plaintext - // char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - // char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - // char* buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; - // |2003001c00| = Primary Header - // |ff| = SPI - // |00000000| = security Header - // |1880| = CryptoLib App ID - // |d03b| = seq, packet id - // |000a| = Packet Length - // |197f| = pusv, ack, st - // |0b| = sst - // |0007| = PDU Tag - // |0004| = PDU Length - // |0084| = Key ID (132) - // |0086| = Key ID (134) - // |1f6d82ebe4fc55555555| = Trailer??? - - // uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; - // int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; - // printf("Fail 5\n"); - // // Setup Processed Frame For Decryption - // TC_t* tc_nist_processed_frame; - // tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // // Expose/setup SAs for testing - // SecurityAssociation_t* test_association; - - // // Deactivate SA 1 - // sa_if->sa_get_from_spi(1, &test_association); - // test_association->sa_state = SA_NONE; - - // // Activate SA 9 - // sa_if->sa_get_from_spi(0, &test_association); - // test_association->sa_state = SA_OPERATIONAL; - // test_association->ecs_len = 1; - // test_association->ecs = CRYPTO_CIPHER_NONE; - // test_association->est = 0; - // test_association->ast = 0; - // test_association->shsnf_len = 2; - // test_association->arsn_len = 2; - // test_association->arsnw = 5; - // printf("Fail 6\n"); - // // Insert key into keyring of SA 9 - // hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - // ekp = key_if->get_key(test_association->ekid); - // memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - // printf("Fail 7\n"); - // // Convert frames that will be processed - // hex_conversion(buffer_INVENTORY_h, (char**) &buffer_INVENTORY_b, &buffer_INVENTORY_len); - // // Convert/Set input IV - // hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - // memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // printf("Fail 8\n"); - // // Expect success on next valid IV && ARSN - // printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - // status = Crypto_TC_ProcessSecurity(buffer_INVENTORY_b, &buffer_INVENTORY_len, tc_nist_processed_frame); - // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - // printf("\n"); - // Crypto_Shutdown(); - // free(buffer_nist_iv_b); - // free(buffer_nist_key_b); - // free(tc_nist_processed_frame); - ASSERT_EQ(0,0); + free(buffer_VERIFY_b); } - UTEST_MAIN(); \ No newline at end of file From b7a7baa9ca287018553bfb0a3c50645608dc8e03 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 3 Sep 2024 17:39:14 +0000 Subject: [PATCH 012/241] OCF FSR unit test, FSR bitmath, debug prints --- include/crypto.h | 2 +- src/core/crypto_tm.c | 77 +++++++++++++++++++++++---------------- test/unit/ut_tm_process.c | 33 +++++++++++++++++ 3 files changed, 79 insertions(+), 33 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 11df4a8e..c19e4dce 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -190,7 +190,7 @@ extern int32_t Crypto_increment(uint8_t* num, int length); int32_t Crypto_Get_tmLength(int len); uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id); void Crypto_TM_updatePDU(uint8_t* ingest, int len_ingest); -void Crypto_TM_updateOCF(void); +void Crypto_TM_updateOCF(Telemetry_Frame_Ocf_Fsr_t*, TM_t*); uint8_t* Crypto_Prepare_TC_AAD(uint8_t* buffer, uint16_t len_aad, uint8_t* abm_buffer); uint32_t Crypto_Prepare_TM_AAD(const uint8_t* buffer, uint16_t len_aad, const uint8_t* abm_buffer, uint8_t* aad); uint32_t Crypto_Prepare_AOS_AAD(const uint8_t* buffer, uint16_t len_aad, const uint8_t* abm_buffer, uint8_t* aad); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 155e9720..0a30cdda 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -235,6 +235,7 @@ void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t* pdu_len) int32_t Crypto_TM_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssociation_t* sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; + printf("getting key for ekid %d\n", sa_ptr->ekid); *ekp = key_if->get_key(sa_ptr->ekid); if (ekp == NULL) { @@ -243,11 +244,14 @@ int32_t Crypto_TM_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssoc } *akp = key_if->get_key(sa_ptr->akid); + printf("getting key for akid %d\n", sa_ptr->akid); if (akp == NULL && status == CRYPTO_LIB_SUCCESS) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); } + printf("key value for ekp %d: %02x%02x\n", sa_ptr->ekid, (*ekp)->value[0],(*ekp)->value[1]); + printf("key value for akp %d: %02x%02x\n", sa_ptr->akid, (*akp)->value[0], (*akp)->value[1]); return status; } @@ -622,7 +626,7 @@ void Crypto_TM_ApplySecurity_Debug_Print(uint16_t idx, uint16_t pdu_len, Securit if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { // If OCF exists, comes immediately after MAC - printf(KYEL "OCF Location is: %d" RESET, idx + pdu_len + sa_ptr->stmacf_len); + printf(KYEL "OCF Location is: %d\n" RESET, idx + pdu_len + sa_ptr->stmacf_len); } if(current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { @@ -1622,7 +1626,7 @@ void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, Security if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { // If OCF exists, comes immediately after MAC - printf(KYEL "OCF Location is: %d" RESET, byte_idx + pdu_len + sa_ptr->stmacf_len); + printf(KYEL "OCF Location is: %d\n" RESET, byte_idx + pdu_len + sa_ptr->stmacf_len); } if(current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { @@ -1763,6 +1767,32 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ Crypto_TM_Process_Debug_Print(byte_idx, pdu_len, sa_ptr); + // TODO: Call OCF Debug print function here + if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + { + byte_idx += (pdu_len + sa_ptr->stmacf_len); + Telemetry_Frame_Ocf_Fsr_t report; + printf("%d\n", byte_idx); + printf("%02x\n", p_ingest[byte_idx] >> 7); + report.cwt = (p_ingest[byte_idx] >> 7); + report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; + report.af = (p_ingest[byte_idx] & 0x0008); + report.bsnf = (p_ingest[byte_idx] & 0x0004); + report.bmacf = (p_ingest[byte_idx] & 0x0002); + report.bsaf = (p_ingest[byte_idx] & 0x0001); + byte_idx++; + report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); + byte_idx += 2; + report.snval = p_ingest[byte_idx]; + byte_idx++; + // TM_t* tm_frame = NULL; + + // TODO: Parse OCF bits into report variable from p_ingest using byte_idx calculation in Crypto_TM_Process_debug_print + // NOTE: Check `void Crypto_TM_updateOCF(void)` + //Crypto_TM_updateOCF(report, tm_frame); + Crypto_fsrPrint(&report); + } + // Copy pdu into output frame // this will be over-written by decryption functions if necessary, // but not by authentication which requires @@ -1963,41 +1993,24 @@ void Crypto_TM_updatePDU(uint8_t* ingest, int len_ingest) /** * @brief Function: Crypto_TM_updateOCF * Update the TM OCF - **/ -/** -void Crypto_TM_updateOCF(void) +**/ + +void Crypto_TM_updateOCF(Telemetry_Frame_Ocf_Fsr_t* report, TM_t* tm_frame) { // TODO - if (ocf == 0) - { // CLCW - clcw.vci = tm_frame.tm_header.vcid; - - tm_frame.tm_sec_trailer.ocf[0] = (clcw.cwt << 7) | (clcw.cvn << 5) | (clcw.sf << 2) | (clcw.cie); - tm_frame.tm_sec_trailer.ocf[1] = (clcw.vci << 2) | (clcw.spare0); - tm_frame.tm_sec_trailer.ocf[2] = (clcw.nrfa << 7) | (clcw.nbl << 6) | (clcw.lo << 5) | (clcw.wait << 4) | - (clcw.rt << 3) | (clcw.fbc << 1) | (clcw.spare1); - tm_frame.tm_sec_trailer.ocf[3] = (clcw.rv); - // Alternate OCF - ocf = 1; + tm_frame->tm_sec_trailer.ocf[0] = (report->cwt << 7) | (report->fvn << 4) | (report->af << 3) | + (report->bsnf << 2) | (report->bmacf << 1) | (report->bsaf); + tm_frame->tm_sec_trailer.ocf[1] = (report->lspi & 0xFF00) >> 8; + tm_frame->tm_sec_trailer.ocf[2] = (report->lspi & 0x00FF); + tm_frame->tm_sec_trailer.ocf[3] = (report->snval); + // Alternate OCF + //ocf = 0; #ifdef OCF_DEBUG - Crypto_clcwPrint(&clcw); + Crypto_fsrPrint(report); #endif - } - else - { // FSR - tm_frame.tm_sec_trailer.ocf[0] = (report.cwt << 7) | (report.vnum << 4) | (report.af << 3) | - (report.bsnf << 2) | (report.bmacf << 1) | (report.ispif); - tm_frame.tm_sec_trailer.ocf[1] = (report.lspiu & 0xFF00) >> 8; - tm_frame.tm_sec_trailer.ocf[2] = (report.lspiu & 0x00FF); - tm_frame.tm_sec_trailer.ocf[3] = (report.snval); - // Alternate OCF - ocf = 0; -#ifdef OCF_DEBUG - Crypto_fsrPrint(&report); -#endif - } + } - **/ + /** * @brief Function: Crypto_Prepare_TM_AAD diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index bab24adc..5e607f28 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -1169,4 +1169,37 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) free(ptr_processed_frame); } +UTEST(TM_PROCESS, TM_OCF_TEST) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t* ptr_processed_frame = NULL; + uint16_t processed_tm_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); + GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 16, TM_HAS_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); + + status = Crypto_Init(); + + // Test frame setup + char* framed_tm_h = "02C0000D180000000000C0000000FFFF"; + char* framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + Crypto_Shutdown(); + free(framed_tm_b); + free(ptr_processed_frame); +} + UTEST_MAIN(); \ No newline at end of file From 1e9fcbaedff6823d5906b2a08e5d52175a804090 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 3 Sep 2024 19:12:04 +0000 Subject: [PATCH 013/241] [nasa/cryptolib#209] Split FSR Calculations into own function --- include/crypto.h | 2 +- src/core/crypto_tm.c | 53 ++++++++++++++++++++------------------------ 2 files changed, 25 insertions(+), 30 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index c19e4dce..e9e5914a 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -182,7 +182,7 @@ int32_t Crypto_TM_Do_Decrypt_NONAEAD(uint8_t sa_service_type, uint16_t pdu_len, void Crypto_TM_Calc_PDU_MAC(uint16_t* pdu_len, uint16_t byte_idx, SecurityAssociation_t* sa_ptr, int* mac_loc); int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint8_t ecs_is_aead_algorithm, uint16_t byte_idx, uint8_t* p_new_dec_frame, uint16_t pdu_len, uint8_t* p_ingest, crypto_key_t* ekp, crypto_key_t* akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length); void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); - +void Crypto_TM_Print_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); extern uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID); extern int32_t Crypto_increment(uint8_t* num, int length); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 0a30cdda..e00b6192 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1767,35 +1767,8 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ Crypto_TM_Process_Debug_Print(byte_idx, pdu_len, sa_ptr); - // TODO: Call OCF Debug print function here - if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) - { - byte_idx += (pdu_len + sa_ptr->stmacf_len); - Telemetry_Frame_Ocf_Fsr_t report; - printf("%d\n", byte_idx); - printf("%02x\n", p_ingest[byte_idx] >> 7); - report.cwt = (p_ingest[byte_idx] >> 7); - report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; - report.af = (p_ingest[byte_idx] & 0x0008); - report.bsnf = (p_ingest[byte_idx] & 0x0004); - report.bmacf = (p_ingest[byte_idx] & 0x0002); - report.bsaf = (p_ingest[byte_idx] & 0x0001); - byte_idx++; - report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); - byte_idx += 2; - report.snval = p_ingest[byte_idx]; - byte_idx++; - // TM_t* tm_frame = NULL; - - // TODO: Parse OCF bits into report variable from p_ingest using byte_idx calculation in Crypto_TM_Process_debug_print - // NOTE: Check `void Crypto_TM_updateOCF(void)` - //Crypto_TM_updateOCF(report, tm_frame); - Crypto_fsrPrint(&report); - } - - // Copy pdu into output frame - // this will be over-written by decryption functions if necessary, - // but not by authentication which requires + // TODO: separate into own function: + Crypto_TM_Print_FSR(p_ingest, byte_idx, pdu_len, sa_ptr); // Get Key status = Crypto_TM_Get_Keys(&ekp, &akp, sa_ptr); @@ -1823,6 +1796,28 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ return status; } +void Crypto_TM_Print_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) +{ + if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + { + byte_idx += (pdu_len + sa_ptr->stmacf_len); + Telemetry_Frame_Ocf_Fsr_t report; + report.cwt = (p_ingest[byte_idx] >> 7); + report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; + report.af = (p_ingest[byte_idx] & 0x0008); + report.bsnf = (p_ingest[byte_idx] & 0x0004); + report.bmacf = (p_ingest[byte_idx] & 0x0002); + report.bsaf = (p_ingest[byte_idx] & 0x0001); + byte_idx += 1; + report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); + byte_idx += 2; + report.snval = (p_ingest[byte_idx]); + byte_idx++; + + Crypto_fsrPrint(&report); + } +} + /** * @brief Function: Crypto_Get_tmLength * Returns the total length of the current tm_frame in BYTES! From e5120a8f0c059410ae472387b94c091579821638 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 9 Sep 2024 15:37:21 +0000 Subject: [PATCH 014/241] [nasa/cryptolib#209] Updates to FSR bitmath --- src/core/crypto_tm.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index e00b6192..99c880ff 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1767,7 +1767,6 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ Crypto_TM_Process_Debug_Print(byte_idx, pdu_len, sa_ptr); - // TODO: separate into own function: Crypto_TM_Print_FSR(p_ingest, byte_idx, pdu_len, sa_ptr); // Get Key @@ -1804,9 +1803,9 @@ void Crypto_TM_Print_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, Telemetry_Frame_Ocf_Fsr_t report; report.cwt = (p_ingest[byte_idx] >> 7); report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; - report.af = (p_ingest[byte_idx] & 0x0008); - report.bsnf = (p_ingest[byte_idx] & 0x0004); - report.bmacf = (p_ingest[byte_idx] & 0x0002); + report.af = (p_ingest[byte_idx] >> 3) & 0x0001; + report.bsnf = (p_ingest[byte_idx] >> 2) & 0x0001; + report.bmacf = (p_ingest[byte_idx] >> 1) & 0x0001; report.bsaf = (p_ingest[byte_idx] & 0x0001); byte_idx += 1; report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); From 70636406f329862b82531f588ff910db8e20cd8c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 9 Sep 2024 16:01:23 +0000 Subject: [PATCH 015/241] [nasa/cryptolib#209] Added CLCW bitmath and prints --- include/crypto.h | 1 + src/core/crypto_tm.c | 30 ++++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/include/crypto.h b/include/crypto.h index e9e5914a..dafd7e38 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -183,6 +183,7 @@ void Crypto_TM_Calc_PDU_MAC(uint16_t* pdu_len, uint16_t byte_idx, SecurityAssoci int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint8_t ecs_is_aead_algorithm, uint16_t byte_idx, uint8_t* p_new_dec_frame, uint16_t pdu_len, uint8_t* p_ingest, crypto_key_t* ekp, crypto_key_t* akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length); void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); void Crypto_TM_Print_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); +void Crypto_TM_Print_CLCW(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); extern uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID); extern int32_t Crypto_increment(uint8_t* num, int length); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 99c880ff..38cce6ea 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1768,6 +1768,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ Crypto_TM_Process_Debug_Print(byte_idx, pdu_len, sa_ptr); Crypto_TM_Print_FSR(p_ingest, byte_idx, pdu_len, sa_ptr); + Crypto_TM_Print_CLCW(p_ingest, byte_idx, pdu_len, sa_ptr); // Get Key status = Crypto_TM_Get_Keys(&ekp, &akp, sa_ptr); @@ -1795,6 +1796,35 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ return status; } +void Crypto_TM_Print_CLCW(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) +{ + if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + { + byte_idx += (pdu_len + sa_ptr->stmacf_len); + Telemetry_Frame_Ocf_Clcw_t clcw; + clcw.cwt = (p_ingest[byte_idx] >> 7) & 0x0001; + clcw.cvn = (p_ingest[byte_idx] >> 5) & 0x0003; + clcw.sf = (p_ingest[byte_idx] >> 2) & 0x0007; + clcw.cie = (p_ingest[byte_idx] >> 0) & 0x0003; + byte_idx += 1; + clcw.vci = (p_ingest[byte_idx] >> 2) & 0x003F; + clcw.spare0 = (p_ingest[byte_idx] >> 0) & 0x0003; + byte_idx += 1; + clcw.nrfaf = (p_ingest[byte_idx] >> 7) & 0x0001; + clcw.nblf = (p_ingest[byte_idx] >> 6) & 0x0001; + clcw.lof = (p_ingest[byte_idx] >> 5) & 0x0001; + clcw.waitf = (p_ingest[byte_idx] >> 4) & 0x0001; + clcw.rtf = (p_ingest[byte_idx] >> 3) & 0x0001; + clcw.fbc = (p_ingest[byte_idx] >> 1) & 0x0003; + clcw.spare1 = (p_ingest[byte_idx] >> 0) & 0x0001; + byte_idx += 1; + clcw.rv = (p_ingest[byte_idx]); + byte_idx += 1; + + Crypto_clcwPrint(&clcw); + } +} + void Crypto_TM_Print_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) { if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) From 436f6c48d32b105c97074a2a83eb6c2fecf1d57e Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 9 Sep 2024 19:15:16 +0000 Subject: [PATCH 016/241] [nasa/cryptolib#292] Added SA_NOT_OPERATIONAL check in TM_PROCESS --- src/core/crypto_tm.c | 6 +++++ test/unit/ut_tm_process.c | 54 ++++++++++++++++++++++++++++++++++++--- 2 files changed, 56 insertions(+), 4 deletions(-) diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 155e9720..7fe94087 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1787,6 +1787,12 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ // Parse MAC, prepare AAD Crypto_TM_Parse_Mac_Prep_AAD(sa_service_type, p_ingest, mac_loc, sa_ptr, &aad_len, byte_idx, aad); + if (sa_ptr->sa_state != SA_OPERATIONAL) + { + printf(KRED "Error: SA Not Operational \n" RESET); + return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; + } + status = Crypto_TM_Do_Decrypt(sa_service_type, sa_ptr, ecs_is_aead_algorithm, byte_idx, p_new_dec_frame, pdu_len, p_ingest, ekp, akp, iv_loc, mac_loc, aad_len, aad, pp_processed_frame, p_decrypted_length); } diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index bab24adc..9b62a9cd 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -149,6 +149,14 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); + SecurityAssociation_t* sa_ptr; + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &sa_ptr); + sa_ptr->sa_state = SA_NONE; + // Activate SA 5 + sa_if->sa_get_from_spi(5, &sa_ptr); + sa_ptr->sa_state = SA_OPERATIONAL; + status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO @@ -1131,6 +1139,7 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) printf("\n\n"); + Crypto_Shutdown(); free(truth_tm_b); free(framed_tm_b); free(iv_b); @@ -1148,15 +1157,15 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // AOS Tests + // TM Tests //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); - GvcidManagedParameters_t AOS_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_Managed_Parameters); + GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup - char* framed_tm_h = "02c000001800FFFF"; + char* framed_tm_h = "02c00000180000FFFFFF"; char* framed_tm_b = NULL; int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); @@ -1169,4 +1178,41 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) free(ptr_processed_frame); } +UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t* ptr_processed_frame = NULL; + uint16_t processed_tm_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // TM Tests + //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); + + status = Crypto_Init(); + + TC_t* tc_sdls_processed_frame; + tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + + // Test frame setup + // "2003000C00002C414243444546" + char* framed_tm_h = "02C000001800002C414243444546"; + char* framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + + ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); + free(framed_tm_b); + free(tc_sdls_processed_frame); + Crypto_Shutdown(); +} + UTEST_MAIN(); \ No newline at end of file From 59fd9faac71dd9118dd994938a00bb32ffc51abc Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 9 Sep 2024 19:16:50 +0000 Subject: [PATCH 017/241] [nasa/cryptolib#292] Removed commented code --- test/unit/ut_tm_process.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 9b62a9cd..c5051bd7 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -1201,8 +1201,6 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - // Test frame setup - // "2003000C00002C414243444546" char* framed_tm_h = "02C000001800002C414243444546"; char* framed_tm_b = NULL; int framed_tm_len = 0; From 8a509728366aa835e7b2afead9f553decd888825 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 9 Sep 2024 19:37:57 +0000 Subject: [PATCH 018/241] [nasa/cryptolib#292] Added SA_NOT_OPERATIONAL check in AOS_PROCESS --- src/core/crypto_aos.c | 7 +++++ test/unit/ut_aos_process.c | 53 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index ff471ad6..a9afc0db 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -1249,6 +1249,13 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 } + // check sa state before decrypting + if (sa_ptr->sa_state != SA_OPERATIONAL) + { + printf(KRED "Error: SA Not Operational \n" RESET); + return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; + } + if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index fbf446a6..505e9b87 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -144,6 +144,13 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); + SecurityAssociation_t *sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_ptr->sa_state = SA_KEYED; + sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 9 + sa_ptr->sa_state = SA_OPERATIONAL; + status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO @@ -253,6 +260,13 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); + SecurityAssociation_t *sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_ptr->sa_state = SA_KEYED; + sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 9 + sa_ptr->sa_state = SA_OPERATIONAL; + status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO @@ -982,4 +996,43 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) free(ptr_processed_frame); } +UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t* ptr_processed_frame = NULL; + uint16_t processed_aos_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + status = Crypto_Init(); + + // Test frame setup + char* framed_aos_h = "42C00000000000050000000000000000FFFF"; + char* framed_aos_b = NULL; + int framed_aos_len = 0; + hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + + SecurityAssociation_t *sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_ptr->sa_state = SA_KEYED; + sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 + sa_ptr->sa_state = SA_NONE; + + status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); + + Crypto_Shutdown(); + free(framed_aos_b); + free(ptr_processed_frame); +} + UTEST_MAIN(); \ No newline at end of file From 6c0368f8ae88a192005e33f19a049b9b7bef2819 Mon Sep 17 00:00:00 2001 From: Donovan Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Thu, 12 Sep 2024 09:36:06 -0400 Subject: [PATCH 019/241] [nasa/cryptolib#303] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index c2609f29..e10342fe 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,6 @@ ![Build](https://github.com/nasa/CryptoLib/actions/workflows/build.yml/badge.svg) [![CodeCov](https://codecov.io/gh/nasa/CryptoLib/branch/main/graph/badge.svg?token=KCOMCQO0ZU)](https://codecov.io/gh/nasa/CryptoLib) +[![CodeQL Advanced](https://github.com/nasa/CryptoLib/actions/workflows/codeql.yml/badge.svg?branch=dev)](https://github.com/nasa/CryptoLib/actions/workflows/codeql.yml) ![CryptoLib logo Final All orange](https://github.com/user-attachments/assets/fc02870b-e2d2-4577-83c2-78985d5fbdd6) From 6ca32bd9541149c3ca9911730d5d9534a27c6530 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 12 Sep 2024 15:06:49 +0000 Subject: [PATCH 020/241] [nasa/cryptolib#292] Moved all references to SA inside bounds-checking --- .../internal/sa_interface_inmemory.template.c | 138 +++++++++--------- 1 file changed, 73 insertions(+), 65 deletions(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 88150593..7808477c 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -980,13 +980,13 @@ static int32_t sa_start(TC_t* tc_frame) // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; - // Overwrite last PID - sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; - // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) { + // Overwrite last PID + sa[spi].lpid = + (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + if (sa[spi].sa_state == SA_KEYED) { count = 2; @@ -1109,13 +1109,13 @@ static int32_t sa_stop(void) spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); - // Overwrite last PID - sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; - // Check SPI exists and in 'Active' state if (spi < NUM_SA) { + // Overwrite last PID + sa[spi].lpid = + (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + if (sa[spi].sa_state == SA_OPERATIONAL) { // Remove all GVC/GMAP IDs @@ -1170,13 +1170,13 @@ static int32_t sa_rekey(void) spi = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; count = count + 2; - // Overwrite last PID - sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; - // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) { + // Overwrite last PID + sa[spi].lpid = + (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + if (sa[spi].sa_state == SA_UNKEYED) { // Encryption Key sa[spi].ekid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; @@ -1248,13 +1248,13 @@ static int32_t sa_expire(void) spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); - // Overwrite last PID - sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; - // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) { + // Overwrite last PID + sa[spi].lpid = + (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + if (sa[spi].sa_state == SA_KEYED) { // Change to 'Unkeyed' state sa[spi].sa_state = SA_UNKEYED; @@ -1290,57 +1290,65 @@ static int32_t sa_create(void) spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); - // Overwrite last PID - sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; - - // Write SA Configuration - sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; - sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; - sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); - sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; - sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); - sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); - sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); - for (x = 0; x < sa[spi].ecs_len; x++) - { - sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]); - } - sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]); - for (x = 0; x < sa[spi].shivf_len; x++) - { - sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]); - } - sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]); - for (x = 0; x < sa[spi].acs_len; x++) - { - sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); - } - sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1])); - count = count + 2; - for (x = 0; x < sa[spi].abm_len; x++) - { - sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); - } - sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]); - for (x = 0; x < sa[spi].arsn_len; x++) - { - *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]); - } - sa[spi].arsnw_len = ((uint8_t)sdls_frame.pdu.data[count++]); - for (x = 0; x < sa[spi].arsnw_len; x++) + // Check if valid SPI + if (spi < NUM_SA) { - sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_frame.pdu.data[count++]) << (sa[spi].arsnw_len - x)); - } + // Overwrite last PID + sa[spi].lpid = + (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + + // Write SA Configuration + sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; + sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; + sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); + sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; + sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); + sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); + sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); + for (x = 0; x < sa[spi].ecs_len; x++) + { + sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]); + } + sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]); + for (x = 0; x < sa[spi].shivf_len; x++) + { + sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]); + } + sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]); + for (x = 0; x < sa[spi].acs_len; x++) + { + sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); + } + sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1])); + count = count + 2; + for (x = 0; x < sa[spi].abm_len; x++) + { + sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); + } + sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]); + for (x = 0; x < sa[spi].arsn_len; x++) + { + *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]); + } + sa[spi].arsnw_len = ((uint8_t)sdls_frame.pdu.data[count++]); + for (x = 0; x < sa[spi].arsnw_len; x++) + { + sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_frame.pdu.data[count++]) << (sa[spi].arsnw_len - x)); + } - // TODO: Checks for valid data + // TODO: Checks for valid data - // Set state to unkeyed - sa[spi].sa_state = SA_UNKEYED; + // Set state to unkeyed + sa[spi].sa_state = SA_UNKEYED; #ifdef PDU_DEBUG - Crypto_saPrint(&sa[spi]); + Crypto_saPrint(&sa[spi]); #endif + } + else + { + printf(KRED "ERROR: SPI %d cannot be created.\n" RESET, spi); + } return CRYPTO_LIB_SUCCESS; } @@ -1358,13 +1366,13 @@ static int32_t sa_delete(void) spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); - // Overwrite last PID - sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; - // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) { + // Overwrite last PID + sa[spi].lpid = + (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + if (sa[spi].sa_state == SA_UNKEYED) { // Change to 'None' state sa[spi].sa_state = SA_NONE; From 262812551896c58d343aa485f28c47f37520b925 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 12 Sep 2024 16:00:24 +0000 Subject: [PATCH 021/241] [nasa/cryptolib#292] Moved all prints inside #ifdef's --- src/core/crypto_aos.c | 6 ++++++ src/core/crypto_tm.c | 4 ++++ src/sa/internal/sa_interface_inmemory.template.c | 8 ++++++++ 3 files changed, 18 insertions(+) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index a9afc0db..a45bbcd6 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -1006,7 +1006,9 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 { // Probably unnecessary check // Leaving for now as it would be cleaner in SA to have an association enum returned I believe +#ifdef SA_DEBUG printf(KRED "Error: SA Service Type is not defined! \n" RESET); +#endif status = CRYPTO_LIB_ERROR; mc_if->mc_log(status); return status; @@ -1105,7 +1107,9 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 p_new_dec_frame = (uint8_t*)calloc(1, (len_ingest) * sizeof(uint8_t)); if (!p_new_dec_frame) { +#ifdef DEBUG printf(KRED "Error: Calloc for decrypted output buffer failed! \n" RESET); +#endif status = CRYPTO_LIB_ERROR; mc_if->mc_log(status); return status; @@ -1252,7 +1256,9 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 // check sa state before decrypting if (sa_ptr->sa_state != SA_OPERATIONAL) { +#ifdef DEBUG printf(KRED "Error: SA Not Operational \n" RESET); +#endif return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; } diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 7fe94087..16244110 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1723,7 +1723,9 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ p_new_dec_frame = (uint8_t*)calloc(1, (len_ingest) * sizeof(uint8_t)); if (!p_new_dec_frame) { +#ifdef DEBUG printf(KRED "Error: Calloc for decrypted output buffer failed! \n" RESET); +#endif status = CRYPTO_LIB_ERROR; } } @@ -1789,7 +1791,9 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ if (sa_ptr->sa_state != SA_OPERATIONAL) { +#ifdef DEBUG printf(KRED "Error: SA Not Operational \n" RESET); +#endif return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; } diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 7808477c..604ed5f1 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1246,7 +1246,9 @@ static int32_t sa_expire(void) // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; +#ifdef DEBUG printf("spi = %d \n", spi); +#endif // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) @@ -1288,7 +1290,9 @@ static int32_t sa_create(void) // Read sdls_frame.pdu.data spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; +#ifdef DEBUG printf("spi = %d \n", spi); +#endif // Check if valid SPI if (spi < NUM_SA) @@ -1347,7 +1351,9 @@ static int32_t sa_create(void) } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d cannot be created.\n" RESET, spi); +#endif } return CRYPTO_LIB_SUCCESS; @@ -1364,7 +1370,9 @@ static int32_t sa_delete(void) // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; +#ifdef DEBUG printf("spi = %d \n", spi); +#endif // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) From e45675066878bd5955aba1ba10245a445a8179bc Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 12 Sep 2024 17:08:44 +0000 Subject: [PATCH 022/241] [nasa/cryptolib#292] Broke down sa.lpid bit math --- src/sa/internal/sa_interface_inmemory.template.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 604ed5f1..989e5529 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -983,7 +983,12 @@ static int32_t sa_start(TC_t* tc_frame) // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) { - // Overwrite last PID + // Overwrite last PID : 8 bits + // Bits from L-R + // 1 : Procedure Type Flag (type) + // 2 : User Flag (uf) + // 3-4 : Service Group Field (sg) + // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; @@ -1112,7 +1117,12 @@ static int32_t sa_stop(void) // Check SPI exists and in 'Active' state if (spi < NUM_SA) { - // Overwrite last PID + // Overwrite last PID : 8 bits + // Bits from L-R + // 1 : Procedure Type Flag (type) + // 2 : User Flag (uf) + // 3-4 : Service Group Field (sg) + // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; From 17e9ed1b29cc9d7b06bf5d33ca97c3f1cfdcad50 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 12 Sep 2024 17:10:05 +0000 Subject: [PATCH 023/241] [nasa/cryptolib#292] Broke down sa.lpid bit math --- .../internal/sa_interface_inmemory.template.c | 28 ++++++++++++++++--- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 989e5529..57570234 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1183,7 +1183,12 @@ static int32_t sa_rekey(void) // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) { - // Overwrite last PID + // Overwrite last PID : 8 bits + // Bits from L-R + // 1 : Procedure Type Flag (type) + // 2 : User Flag (uf) + // 3-4 : Service Group Field (sg) + // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; @@ -1263,7 +1268,12 @@ static int32_t sa_expire(void) // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) { - // Overwrite last PID + // Overwrite last PID : 8 bits + // Bits from L-R + // 1 : Procedure Type Flag (type) + // 2 : User Flag (uf) + // 3-4 : Service Group Field (sg) + // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; @@ -1307,7 +1317,12 @@ static int32_t sa_create(void) // Check if valid SPI if (spi < NUM_SA) { - // Overwrite last PID + // Overwrite last PID : 8 bits + // Bits from L-R + // 1 : Procedure Type Flag (type) + // 2 : User Flag (uf) + // 3-4 : Service Group Field (sg) + // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; @@ -1387,7 +1402,12 @@ static int32_t sa_delete(void) // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) { - // Overwrite last PID + // Overwrite last PID : 8 bits + // Bits from L-R + // 1 : Procedure Type Flag (type) + // 2 : User Flag (uf) + // 3-4 : Service Group Field (sg) + // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; From dcbccd2e13056f2360ea8afde168248d0fbefa58 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 16 Sep 2024 12:34:20 +0000 Subject: [PATCH 024/241] [nasa/cryptolib#147] Commit stashed changes --- src/core/crypto.c | 7 +- src/core/crypto_key_mgmt.c | 9 +- src/core/crypto_tc.c | 2 +- src/core/crypto_tm.c | 9 + test/unit/ut_ep_key_validation.c | 307 ++++++++++++++++++++++++------- 5 files changed, 265 insertions(+), 69 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 5050c030..5a97b9e8 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -431,6 +431,8 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) int count = 0; int* count_ptr = &count; + printf("In Crypto PDU\n"); + switch (sdls_frame.pdu.type) { case 0: // Command @@ -670,6 +672,8 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) break; } +printf("Status: %d\nCount: %d\n", status, *count_ptr); + #ifdef CCSDS_DEBUG int x; if ((status == 0) && (*count_ptr > 0) && (ingest != NULL)) @@ -782,6 +786,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { + // TODO: Determine if different App ID needed for clarity purposes if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) // Crypto Lib Application ID { @@ -830,7 +835,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer { #ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); + printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index fcd8a6fd..7ee183a8 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -381,7 +381,8 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) // Key Challenge for (y = 0; y < CHALLENGE_SIZE; y++) { - packet.blk[x].challenge[y] = sdls_frame.pdu.data[*count += 1]; + packet.blk[x].challenge[y] = sdls_frame.pdu.data[*count]; + *count += 1; } #ifdef PDU_DEBUG printf("\n"); @@ -398,8 +399,9 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) ingest[*count += 1] = (packet.blk[x].kid & 0xFF00) >> 8; ingest[*count += 1] = (packet.blk[x].kid & 0x00FF); + uint16_t ekp_kid = ((packet.blk[x].kid & 0xFF00) >> 8) | (packet.blk[x].kid & 0x00FF); // Get Key - ekp = key_if->get_key(x); + ekp = key_if->get_key(ekp_kid); if (ekp == NULL) { return CRYPTO_LIB_ERR_KEY_ID_ERROR; @@ -409,7 +411,8 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) iv_loc = *count; for (y = 0; y < 12; y++) { - ingest[*count += 1] = *(tc_frame->tc_sec_header.iv + y); + ingest[*count] = *(tc_frame->tc_sec_header.iv + y); + *count += 1; } ingest[*count - 1] = ingest[*count - 1] + x + 1; diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 9cec1dbb..3e7ee009 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1882,8 +1882,8 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc mc_if->mc_log(status); return status; // Cryptography IF call failed, return. } - // Extended PDU processing, if applicable + // TODO: Validiate using correct SA if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 7b9e7ea8..b8f629ae 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1655,9 +1655,18 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ crypto_key_t* ekp = NULL; crypto_key_t* akp = NULL; + printf("p_ingest[0] = %d\n", p_ingest[0]); + printf("TFVN = %d\n", (p_ingest[0] & 0xC0) >> 6); + printf("p_ingest[1] = %d\n", p_ingest[1]); // Bit math to give concise access to values in the ingest tm_frame_pri_hdr.tfvn = ((uint8_t)p_ingest[0] & 0xC0) >> 6; + //tm_frame_pri_hdr.scid = (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4); + printf("Lower: %02x\n", (((uint16_t)p_ingest[0] & 0x3f) << 4)); + printf("upper: %02x\n", (((uint16_t)p_ingest[1] & 0xf0) >> 4)); + printf("Combined %02x\n", (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4)); tm_frame_pri_hdr.scid = (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4); + printf("SCID: %02x\n", tm_frame_pri_hdr.scid); + //tm_frame_pri_hdr.scid = 0x002c; tm_frame_pri_hdr.vcid = ((uint8_t)p_ingest[1] & 0x0E) >> 1; status = Crypto_TM_Process_Setup(len_ingest, &byte_idx, p_ingest, &secondary_hdr_len); diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c index f8834961..e71479df 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_validation.c @@ -243,9 +243,8 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) // Activate SA 9 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 1; + //test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; - //test_association->ekid = 142; test_association->est = 0; test_association->ast = 0; test_association->iv_len = 12; @@ -255,7 +254,7 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); + ekp = key_if->get_key(142); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); ekp->key_state = KEY_ACTIVE; @@ -278,7 +277,94 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) free(buffer_DEACTIVATE_b); } -UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) +// UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) +// { +// remove("sa_save_file.bin"); +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; +// Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + +// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// //GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; +// //Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + +// int status = CRYPTO_LIB_SUCCESS; +// status = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// SaInterface sa_if = get_sa_interface_inmemory(); +// crypto_key_t* ekp = NULL; + + +// // NOTE: Added Transfer Frame header to the plaintext +// char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; +// char* buffer_nist_iv_h = "000000000000000000000000"; // The last valid IV that was seen by the SA +// char* buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; +// // |2003001c00| = Primary Header +// // |ff| = SPI +// // |00000000| = security Header +// // |1880| = CryptoLib App ID +// // |d03b| = seq, packet id +// // |000a| = Packet Length +// // |197f| = pusv, ack, st +// // |0b| = sst +// // |0007| = PDU Tag +// // |0004| = PDU Length +// // |0084| = Key ID (132) +// // |0086| = Key ID (134) +// // |1f6d82ebe4fc55555555| = Trailer??? + +// uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; +// int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; + +// // Setup Processed Frame For Decryption +// TC_t tc_nist_processed_frame; + +// // Expose/setup SAs for testing +// SecurityAssociation_t* test_association; + +// // Deactivate SA 1 +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; + +// // Activate SA 9 +// sa_if->sa_get_from_spi(0, &test_association); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ecs_len = 1; +// test_association->ecs = CRYPTO_CIPHER_NONE; +// test_association->est = 0; +// test_association->ast = 0; +// test_association->shsnf_len = 2; +// test_association->arsn_len = 2; +// test_association->arsnw = 5; +// test_association->iv_len = 12; + +// // Insert key into keyring of SA 9 +// hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); +// ekp = key_if->get_key(test_association->ekid); +// memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); +// // Convert frames that will be processed +// hex_conversion(buffer_INVENTORY_h, (char**) &buffer_INVENTORY_b, &buffer_INVENTORY_len); +// // Convert/Set input IV +// hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); +// memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); +// // Expect success on next valid IV && ARSN +// printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); +// status = Crypto_TC_ProcessSecurity(buffer_INVENTORY_b, &buffer_INVENTORY_len, &tc_nist_processed_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// printf("\n"); +// Crypto_Shutdown(); +// free(buffer_nist_iv_b); +// free(buffer_nist_key_b); +// ASSERT_EQ(0,0); +// } + +UTEST(EP_KEY_VALIDATION, VERIFY_132_134) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib @@ -291,39 +377,38 @@ UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - //Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); int status = CRYPTO_LIB_SUCCESS; - printf("HERE1\n"); status = Crypto_Init(); - printf("HERE2\n"); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); SaInterface sa_if = get_sa_interface_inmemory(); crypto_key_t* ekp = NULL; - + // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; - // |2003001c00| = Primary Header - // |ff| = SPI - // |00000000| = security Header - // |1880| = CryptoLib App ID - // |d03b| = seq, packet id - // |000a| = Packet Length - // |197f| = pusv, ack, st - // |0b| = sst - // |0007| = PDU Tag - // |0004| = PDU Length - // |0084| = Key ID (132) - // |0086| = Key ID (134) - // |1f6d82ebe4fc55555555| = Trailer??? - - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; - printf("Fail 5\n"); + char* buffer_nist_iv_h = "000000000000000000000001"; // The last valid IV that was seen by the SA + char* buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; + // |2003003e00| = Primary Header + // |ff| = SPI + // |00000000| = Security header + // |1880| = CryptoLib App ID + // |d03a| = seq, packet id + // |002c| = Packet Length + // |197f| = pusv, ack, st + // |0b| = sst + // |0004| = PDU Tag + // |0024| = PDU Length + // |0084| = Key ID (132) + // |71fc3ad5b1c36ad56bd5a5432315cdab| = Challenge + // |0086| = Key ID (134) + // |75c06302465bc6d5091a29957eebed35| = Challenge + // |c00a6ed8| = Trailer + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_VERIFY_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_VERIFY_len = 0; + // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; @@ -337,39 +422,42 @@ UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) // Activate SA 9 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 1; + test_association->ecs_len = 0; test_association->ecs = CRYPTO_CIPHER_NONE; test_association->est = 0; test_association->ast = 0; + test_association->iv_len = 12; + //test_association->shivf_len = 12; + test_association->stmacf_len = 16; test_association->shsnf_len = 2; test_association->arsn_len = 2; + test_association->arsnw_len = 1; test_association->arsnw = 5; - test_association->iv_len = 12; - printf("Fail 6\n"); // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - printf("Fail 7\n"); + // Convert frames that will be processed - hex_conversion(buffer_INVENTORY_h, (char**) &buffer_INVENTORY_b, &buffer_INVENTORY_len); + hex_conversion(buffer_VERIFY_h, (char**) &buffer_VERIFY_b, &buffer_VERIFY_len); // Convert/Set input IV hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - printf("Fail 8\n"); + // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_INVENTORY_b, &buffer_INVENTORY_len, &tc_nist_processed_frame); + status = Crypto_TC_ProcessSecurity(buffer_VERIFY_b, &buffer_VERIFY_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); free(buffer_nist_iv_b); free(buffer_nist_key_b); - ASSERT_EQ(0,0); + free(buffer_VERIFY_b); + } -UTEST(EP_KEY_VALIDATION, VERIFY_132_134) +UTEST(EP_KEY_VALIDATION, VERIFY_APPLY_132_134) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib @@ -390,33 +478,15 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); SaInterface sa_if = get_sa_interface_inmemory(); crypto_key_t* ekp = NULL; - + // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; - // |2003003e00| = Primary Header - // |ff| = SPI - // |00000000| = Security header - // |1880| = CryptoLib App ID - // |d03a| = seq, packet id - // |002c| = Packet Length - // |197f| = pusv, ack, st - // |0b| = sst - // |0004| = PDU Tag - // |0024| = PDU Length - // |0084| = Key ID (132) - // |71fc3ad5b1c36ad56bd5a5432315cdab| = Challenge - // |0086| = Key ID (134) - // |75c06302465bc6d5091a29957eebed35| = Challenge - // |c00a6ed8| = Trailer - - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_VERIFY_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_VERIFY_len = 0; + char* buffer_nist_iv_h = "000000000000000000000001"; // The last valid IV that was seen by the SA + char* buffer_RESPONSE_h = "0880d03a006584005c0000000000000000000000000001d8eaa795affaa0e951bb6cf0116192e16b1977d6723e92e01123ccef548e28857e0000000000000000000000000275c47f30b4ee759ffa9607237db92121d65d3ed1fe943fcf04535efd0e0fc793"; - // Setup Processed Frame For Decryption - TC_t tc_nist_processed_frame; + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_RESPONSE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_RESPONSE_len = 0; // Expose/setup SAs for testing SecurityAssociation_t* test_association; @@ -428,13 +498,16 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // Activate SA 9 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 1; + test_association->ecs_len = 0; test_association->ecs = CRYPTO_CIPHER_NONE; test_association->est = 0; test_association->ast = 0; test_association->iv_len = 12; + //test_association->shivf_len = 12; + test_association->stmacf_len = 16; test_association->shsnf_len = 2; test_association->arsn_len = 2; + test_association->arsnw_len = 1; test_association->arsnw = 5; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -442,20 +515,126 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - hex_conversion(buffer_VERIFY_h, (char**) &buffer_VERIFY_b, &buffer_VERIFY_len); // Convert/Set input IV hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + hex_conversion(buffer_RESPONSE_h, (char**) &buffer_RESPONSE_b, &buffer_RESPONSE_len); // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_VERIFY_b, &buffer_VERIFY_len, &tc_nist_processed_frame); + + uint8_t* ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + status = Crypto_TC_ApplySecurity((uint8_t*)buffer_RESPONSE_b, buffer_RESPONSE_len, &ptr_enc_frame, &enc_frame_len); + + printf("\n"); + Crypto_Shutdown(); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_RESPONSE_b); + +} + + /* + + + Swap to TM + + + */ + + + + + + + + +UTEST(EP_KEY_VALIDATION, VERIFY_RESPONSE_132_134) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_NO_PUS_HDR, + TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TM_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_0_Managed_Parameters = {0, 0x0003, 0, TM_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1024, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_1_Managed_Parameters = {0, 0x0003, 1, TM_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1024, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_1_Managed_Parameters); + + int status = CRYPTO_LIB_SUCCESS; + printf("Fail Before INIT\n"); + status = Crypto_Init(); + printf("Fail After INIT\n"); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + sa_if = get_sa_interface_inmemory(); + crypto_key_t* ekp = NULL; + + char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char* buffer_nist_iv_h = "000000000000000000000001"; // The last valid IV that was seen by the SA + char* buffer_RESPONSE_h = "0031020218000000001a0080ffff006084005c0084000000000000000000000001d8eaa795affaa0e951bb6cf0116192e16b1977d6723e92e01123ccef548e2885008600000000000000000000000275c47f30ca26e64af30c19ebffe0b314849133e138ac65bc2806e520a90c96a8216607ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff0000003900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000f844"; + //char* buffer_RESPONSE_h = "02C0000018000880d03a006584005c0000000000000000000000000001d8eaa795affaa0e951bb6cf0116192e16b1977d6723e92e01123ccef548e28857e0000000000000000000000000275c47f30b4ee759ffa9607237db92121d65d3ed1fe943fcf04535efd0e0fc793"; + // |02C000001801| = Pri Header + // |0880d03a| = Sec Header + // |0065| = Entire Pkt Length + // |84| = PDU Tag + // |005c| = PDU length + // |0000| = kid ??? + // |000000000000000000000001| = IV + // |d8eaa795affaa0e951bb6cf0116192e1| = Enc Chall + // |6b1977d6723e92e01123ccef548e2885| = Chall MAC + // |7e00| = kid ??? + // |000000000000000000000002| = IV + // |75c47f30b4ee759ffa9607237db92121| = ENC Chall + // |d65d3ed1fe943fcf04535efd0e0fc793| = Chall MAC + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_RESPONSE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_RESPONSE_len = 0; + + uint8_t* tm_nist_processed_frame; + + SecurityAssociation_t* test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 0; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->iv_len = 12; + //test_association->shivf_len = 12; + test_association->stmacf_len = 16; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(test_association->ekid); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + + // Convert frames that will be processed + hex_conversion(buffer_RESPONSE_h, (char**) &buffer_RESPONSE_b, &buffer_RESPONSE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + uint16_t length; + + status = Crypto_TM_ProcessSecurity((uint8_t*)buffer_RESPONSE_b, buffer_RESPONSE_len, &tm_nist_processed_frame, &length); printf("\n"); Crypto_Shutdown(); free(buffer_nist_iv_b); free(buffer_nist_key_b); - free(buffer_VERIFY_b); + free(buffer_RESPONSE_b); } UTEST_MAIN(); \ No newline at end of file From 231775e0075e18f35a4f889f005eb3ea28f3c335 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 16 Sep 2024 12:42:00 +0000 Subject: [PATCH 025/241] [nasa/cryptolib#299] Initial cpp-linter file --- .github/workflows/cpp-linter.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 .github/workflows/cpp-linter.yml diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml new file mode 100644 index 00000000..83b2d53f --- /dev/null +++ b/.github/workflows/cpp-linter.yml @@ -0,0 +1,25 @@ +name: cpp-linter + +on: + push: + branches: [ main, dev, 299-setup-code-formatter ] + pull_request: + branches: [ main, dev ] + + +jobs: + cpp-linter: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: cpp-linter/cpp-linter-action@main + id: linter + continue-on-error: true + with: + style: file + files-changed-only: false + thread-comments: false + + - name: Fail fast?! + if: steps.linter.outputs.checks-failed != 0 + run: exit 1 \ No newline at end of file From 7c2be2a6434065f71a760cec7e70d78b69afab13 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 16 Sep 2024 12:52:48 +0000 Subject: [PATCH 026/241] [nasa/cryptolib#299] Remove custom format file declaration --- .github/workflows/cpp-linter.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 83b2d53f..390f6c45 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -16,7 +16,6 @@ jobs: id: linter continue-on-error: true with: - style: file files-changed-only: false thread-comments: false From f3be36e4a14667e6c096139f9c99f1e00be1a696 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 16 Sep 2024 13:04:02 +0000 Subject: [PATCH 027/241] [nasa/cryptolib#209] Updated function name, added function to get FSR --- include/crypto.h | 6 +++--- src/core/crypto.c | 14 ++++++++++++++ src/core/crypto_tm.c | 32 +++++++++++++++----------------- test/unit/ut_tm_process.c | 2 ++ 4 files changed, 34 insertions(+), 20 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index dafd7e38..50e24435 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -143,8 +143,8 @@ int32_t Crypto_TC_Finalize_Frame_Setup(uint8_t sa_service_type, uint32_t* pkcs_p void Crypto_TC_Handle_Padding(uint32_t pkcs_padding, SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame, uint16_t* index); int32_t Crypto_TC_Set_IV(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame, uint16_t* index); - - +// OCF +uint32_t Crypto_Get_FSR(); // Telemetry (TM) extern int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer); @@ -182,7 +182,7 @@ int32_t Crypto_TM_Do_Decrypt_NONAEAD(uint8_t sa_service_type, uint16_t pdu_len, void Crypto_TM_Calc_PDU_MAC(uint16_t* pdu_len, uint16_t byte_idx, SecurityAssociation_t* sa_ptr, int* mac_loc); int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint8_t ecs_is_aead_algorithm, uint16_t byte_idx, uint8_t* p_new_dec_frame, uint16_t pdu_len, uint8_t* p_ingest, crypto_key_t* ekp, crypto_key_t* akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length); void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); -void Crypto_TM_Print_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); +void Crypto_TM_Set_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); void Crypto_TM_Print_CLCW(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); extern uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID); diff --git a/src/core/crypto.c b/src/core/crypto.c index fb706bf3..a2fbbb73 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -1145,3 +1145,17 @@ int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t* sa_ptr) return securityTrailerLength; } + +uint32_t Crypto_Get_FSR() +{ + uint32_t fsr; + fsr = (report.cwt << 31) | // bit(s) 1 + (report.fvn << 28) | // bit(s) 2-4 + (report.af << 27) | // bit(s) 5 + (report.bsnf << 26) | // bit(s) 6 + (report.bmacf << 25) | // bit(s) 7 + (report.bsaf << 24) | // bit(s) 8 + (report.lspi << 8) | // bit(s) 9-24 + (report.snval << 0); // bit(s) 25-32 + return fsr; +} diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 38cce6ea..03f7bd9e 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -235,7 +235,6 @@ void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t* pdu_len) int32_t Crypto_TM_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssociation_t* sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - printf("getting key for ekid %d\n", sa_ptr->ekid); *ekp = key_if->get_key(sa_ptr->ekid); if (ekp == NULL) { @@ -244,14 +243,11 @@ int32_t Crypto_TM_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssoc } *akp = key_if->get_key(sa_ptr->akid); - printf("getting key for akid %d\n", sa_ptr->akid); if (akp == NULL && status == CRYPTO_LIB_SUCCESS) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); } - printf("key value for ekp %d: %02x%02x\n", sa_ptr->ekid, (*ekp)->value[0],(*ekp)->value[1]); - printf("key value for akp %d: %02x%02x\n", sa_ptr->akid, (*akp)->value[0], (*akp)->value[1]); return status; } @@ -1767,8 +1763,8 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ Crypto_TM_Process_Debug_Print(byte_idx, pdu_len, sa_ptr); - Crypto_TM_Print_FSR(p_ingest, byte_idx, pdu_len, sa_ptr); - Crypto_TM_Print_CLCW(p_ingest, byte_idx, pdu_len, sa_ptr); + Crypto_TM_Set_FSR(p_ingest, byte_idx, pdu_len, sa_ptr); + // Crypto_TM_Print_CLCW(p_ingest, byte_idx, pdu_len, sa_ptr); // Get Key status = Crypto_TM_Get_Keys(&ekp, &akp, sa_ptr); @@ -1825,25 +1821,27 @@ void Crypto_TM_Print_CLCW(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len } } -void Crypto_TM_Print_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) +void Crypto_TM_Set_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) { if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { + Telemetry_Frame_Ocf_Fsr_t temp_report; byte_idx += (pdu_len + sa_ptr->stmacf_len); - Telemetry_Frame_Ocf_Fsr_t report; - report.cwt = (p_ingest[byte_idx] >> 7); - report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; - report.af = (p_ingest[byte_idx] >> 3) & 0x0001; - report.bsnf = (p_ingest[byte_idx] >> 2) & 0x0001; - report.bmacf = (p_ingest[byte_idx] >> 1) & 0x0001; - report.bsaf = (p_ingest[byte_idx] & 0x0001); + temp_report.cwt = (p_ingest[byte_idx] >> 7) & 0x0001; + temp_report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; + temp_report.af = (p_ingest[byte_idx] >> 3) & 0x0001; + temp_report.bsnf = (p_ingest[byte_idx] >> 2) & 0x0001; + temp_report.bmacf = (p_ingest[byte_idx] >> 1) & 0x0001; + temp_report.bsaf = (p_ingest[byte_idx] & 0x0001); byte_idx += 1; - report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); + temp_report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); byte_idx += 2; - report.snval = (p_ingest[byte_idx]); + temp_report.snval = (p_ingest[byte_idx]); byte_idx++; - + report = temp_report; +#ifdef TM_DEBUG Crypto_fsrPrint(&report); +#endif } } diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 5e607f28..6cc10fae 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -1197,6 +1197,8 @@ UTEST(TM_PROCESS, TM_OCF_TEST) status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + printf("FSR: %08X\n", Crypto_Get_FSR()); + Crypto_Shutdown(); free(framed_tm_b); free(ptr_processed_frame); From 1dcd4d3510e99da4d2b07d7bb59b5cd79d9e4823 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 16 Sep 2024 13:10:42 +0000 Subject: [PATCH 028/241] [nasa/cryptolib#277] Updated actions/checkout to v4 from v2 --- .github/workflows/build.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7cfcd10c..4af3e34f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,7 +14,7 @@ jobs: # Container Setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Update run: sudo apt-get update - name: Install Dependencies @@ -51,7 +51,7 @@ jobs: # Container Setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Update run: sudo apt-get update - name: Install Dependencies @@ -100,7 +100,7 @@ jobs: # # Container Setup # runs-on: ubuntu-latest # steps: - # - uses: actions/checkout@v2 + # - uses: actions/checkout@v4 # - name: Update # run: sudo apt-get update # - name: Install Dependencies @@ -149,7 +149,7 @@ jobs: # Container Setup runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Update run: sudo apt-get update - name: Install Dependencies @@ -219,7 +219,7 @@ jobs: container: image: rockylinux/rockylinux:8 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Update run: yum update -y - name: Install Dependencies From d3e2a5be1b2b4d9b28741fe504157455673d5ba9 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 16 Sep 2024 13:12:53 +0000 Subject: [PATCH 029/241] [nasa/cryptolib#277] checkout v4 workflow test --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4af3e34f..309431b4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,7 +2,7 @@ name: CryptoLib on: push: - branches: [ main, dev ] + branches: [ main, dev, 277-revisit-ci-build-scripts ] pull_request: branches: [ main, dev ] From eceb8deb7653fd165ad72867ab356e768a0a6f1c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 16 Sep 2024 20:13:22 +0000 Subject: [PATCH 030/241] [nasa/cryptolib#284] cryptography_if wrapper update --- src/core/crypto_config.c | 37 ++++++++++++++++++++----------------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index ceee50d7..b8f1d7fa 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -280,27 +280,30 @@ int32_t Crypto_Init(void) /* Crypto Interface */ // Determine which cryptographic module is in use - cryptography_if = get_cryptography_interface_libgcrypt(); if (cryptography_if == NULL) { - cryptography_if = get_cryptography_interface_wolfssl(); - } - if (cryptography_if == NULL) - { - cryptography_if = get_cryptography_interface_custom(); - } - if (cryptography_if == NULL) - { // Note this needs to be the last option in the chain due to addition configuration required - if (cryptography_kmc_crypto_config != NULL) + cryptography_if = get_cryptography_interface_libgcrypt(); + if (cryptography_if == NULL) { - cryptography_if = get_cryptography_interface_kmc_crypto_service(); + cryptography_if = get_cryptography_interface_wolfssl(); + } + if (cryptography_if == NULL) + { + cryptography_if = get_cryptography_interface_custom(); + } + if (cryptography_if == NULL) + { // Note this needs to be the last option in the chain due to addition configuration required + if (cryptography_kmc_crypto_config != NULL) + { + cryptography_if = get_cryptography_interface_kmc_crypto_service(); + } + } + if (cryptography_if == NULL) + { + printf("Fatal Error: Unable to identify Cryptography Interface!\n"); + status = CRYPTOGRAPHY_INVALID_CRYPTO_INTERFACE_TYPE; + return status; } - } - if (cryptography_if == NULL) - { - printf("Fatal Error: Unable to identify Cryptography Interface!\n"); - status = CRYPTOGRAPHY_INVALID_CRYPTO_INTERFACE_TYPE; - return status; } // Initialize the cryptography library. From 214d136245608a622191592049a0a2cb7010b829 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 16 Sep 2024 20:40:14 +0000 Subject: [PATCH 031/241] [nasa/cryptolib#284] cryptography_if wrapper return updates --- src/core/crypto_config.c | 78 +++++++++++++++++++++++----------------- 1 file changed, 45 insertions(+), 33 deletions(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index b8f1d7fa..49a5e11d 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -300,51 +300,63 @@ int32_t Crypto_Init(void) } if (cryptography_if == NULL) { +#ifdef DEBUG printf("Fatal Error: Unable to identify Cryptography Interface!\n"); +#endif status = CRYPTOGRAPHY_INVALID_CRYPTO_INTERFACE_TYPE; - return status; } } - // Initialize the cryptography library. - status = cryptography_if->cryptography_init(); - if(status != CRYPTO_LIB_SUCCESS){ - fprintf(stderr, "Fatal Error: Unable to initialize Cryptography Interface.\n"); - return status; - } - - // Configure the cryptography library. - status = cryptography_if->cryptography_config(); - - if(status != CRYPTO_LIB_SUCCESS){ - fprintf(stderr, "Fatal Error: Unable to configure Cryptography Interface.\n"); - return status; - } - - // Init Security Associations - status = sa_if->sa_init(); - if (status==CRYPTO_LIB_SUCCESS) + if(status == CRYPTO_LIB_SUCCESS) { - status = sa_if->sa_config(); + // Initialize the cryptography library. + status = cryptography_if->cryptography_init(); + if(status != CRYPTO_LIB_SUCCESS){ +#ifdef DEBUG + fprintf(stderr, "Fatal Error: Unable to initialize Cryptography Interface.\n"); +#endif + } + if(status == CRYPTO_LIB_SUCCESS) + { + // Configure the cryptography library. + status = cryptography_if->cryptography_config(); + } - Crypto_Local_Init(); - Crypto_Local_Config(); + if(status != CRYPTO_LIB_SUCCESS){ +#ifdef DEBUG + fprintf(stderr, "Fatal Error: Unable to configure Cryptography Interface.\n"); +#endif + } + if(status == CRYPTO_LIB_SUCCESS) + { + // Init Security Associations + status = sa_if->sa_init(); + if (status==CRYPTO_LIB_SUCCESS) + { + status = sa_if->sa_config(); + + Crypto_Local_Init(); + Crypto_Local_Config(); - // TODO - Add error checking + // TODO - Add error checking - // Init table for CRC calculations - Crypto_Calc_CRC_Init_Table(); + // Init table for CRC calculations + Crypto_Calc_CRC_Init_Table(); - // cFS Standard Initialized Message + // cFS Standard Initialized Message #ifdef DEBUG - printf(KBLU "Crypto Lib Intialized. Version %d.%d.%d.%d\n" RESET, CRYPTO_LIB_MAJOR_VERSION, - CRYPTO_LIB_MINOR_VERSION, CRYPTO_LIB_REVISION, CRYPTO_LIB_MISSION_REV); + printf(KBLU "Crypto Lib Intialized. Version %d.%d.%d.%d\n" RESET, CRYPTO_LIB_MAJOR_VERSION, + CRYPTO_LIB_MINOR_VERSION, CRYPTO_LIB_REVISION, CRYPTO_LIB_MISSION_REV); #endif - } - else - { - printf(KBLU "Error, Crypto Lib NOT Intialized, sa_init() returned error:%d. Version .%d.%d.%d\n" RESET, CRYPTO_LIB_MAJOR_VERSION, - CRYPTO_LIB_MINOR_VERSION, CRYPTO_LIB_REVISION, CRYPTO_LIB_MISSION_REV); + } + else + { + #ifdef DEBUG + printf(KBLU "Error, Crypto Lib NOT Intialized, sa_init() returned error:%d. Version .%d.%d.%d\n" RESET, CRYPTO_LIB_MAJOR_VERSION, + CRYPTO_LIB_MINOR_VERSION, CRYPTO_LIB_REVISION, CRYPTO_LIB_MISSION_REV); + #endif + } + } } return status; From 341d5c7496cf456dc965bfeb16f7e19f244e725e Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 16:35:29 +0000 Subject: [PATCH 032/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 4 +--- .github/workflows/codeql.yml | 6 ++++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 309431b4..5d869e2d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,8 +1,6 @@ name: CryptoLib on: - push: - branches: [ main, dev, 277-revisit-ci-build-scripts ] pull_request: branches: [ main, dev ] @@ -217,7 +215,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: rockylinux/rockylinux:8 + image: rockylinux/rockylinux:9 steps: - uses: actions/checkout@v4 - name: Update diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 28357077..6ddd670c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -156,7 +156,9 @@ jobs: sudo make install; sudo ldconfig; - name: Install Dependencies - run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool + run: | + sudo apt-get update + sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool - name: Install Python Libraries run: sudo pip install pycryptodome @@ -197,7 +199,7 @@ jobs: build_rhel: name: Analyze Build_RHEL - runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'rockylinux/rockylinux:9' }} permissions: # required for all workflows security-events: write From 271a0f836ba9d022934a6a130e8a80a308ec8d52 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 16:36:29 +0000 Subject: [PATCH 033/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5d869e2d..9e5dddb7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,6 +1,8 @@ name: CryptoLib on: + push: + branches: [ 277-revisit-ci-build-scripts ] pull_request: branches: [ main, dev ] From b89ec57d2c4e626413770da3a4860345ede45821 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 16:39:34 +0000 Subject: [PATCH 034/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9e5dddb7..665bc01b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -223,7 +223,7 @@ jobs: - name: Update run: yum update -y - name: Install Dependencies - run: yum install -y epel-release python38-devel libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server + run: yum install -y --enablerepo=devel epel-release python38-devel libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov From 901e540b3b08b46ee0b6ee3a16e504c8a67858bd Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 16:42:11 +0000 Subject: [PATCH 035/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- .github/workflows/codeql.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 665bc01b..ad13f4cf 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -223,7 +223,7 @@ jobs: - name: Update run: yum update -y - name: Install Dependencies - run: yum install -y --enablerepo=devel epel-release python38-devel libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server + run: yum install -y --enablerepo=devel epel-release python3 libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6ddd670c..05295599 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,7 +13,7 @@ name: "CodeQL Advanced" on: push: - branches: [ main, dev ] + branches: [ main, dev, 277-revisit-ci-build-scripts ] pull_request: branches: [ main, dev ] From ac300b0fba85a5c5ffb813cbce4d1635b6eb92c8 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 16:44:59 +0000 Subject: [PATCH 036/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ad13f4cf..12b764db 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -228,7 +228,7 @@ jobs: - name: install lcov run: yum install -y --enablerepo=epel lcov - name: Install Python Dependencies - run: pip3 install pycryptodome + run: pip install pycryptodome - name: Install Libgcrypt run: > curl From 37cb25a0d68c84002379ddf78796c17b4f6199c4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 16:48:16 +0000 Subject: [PATCH 037/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 12b764db..33d006e3 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -227,8 +227,8 @@ jobs: # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov - - name: Install Python Dependencies - run: pip install pycryptodome + - name: install lcov + run: python3-pip install pycryptodome - name: Install Libgcrypt run: > curl From c54556d281544889e71d9ece8cd4cb357a0bfdcf Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 16:50:21 +0000 Subject: [PATCH 038/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 33d006e3..f4a93785 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -223,7 +223,7 @@ jobs: - name: Update run: yum update -y - name: Install Dependencies - run: yum install -y --enablerepo=devel epel-release python3 libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server + run: yum install -y --enablerepo=devel epel-release python3 python3-pip libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov From 9f59dabe55ebf44136250d08a7f0a653fd5f7774 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 16:54:02 +0000 Subject: [PATCH 039/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f4a93785..278c80c2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -228,7 +228,7 @@ jobs: - name: install lcov run: yum install -y --enablerepo=epel lcov - name: install lcov - run: python3-pip install pycryptodome + run: python3 -m pip install pycryptodome - name: Install Libgcrypt run: > curl From 238644d4b734c8f5ba37354e96212d88e7ec72ed Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 17:08:29 +0000 Subject: [PATCH 040/241] [nasa/cryptolib#277] workflow updates --- test/CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index dcf8273d..64ff3aa0 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -123,6 +123,7 @@ include_directories(include) include_directories(../include) if(TEST_ENC) + set(Python3_FIND_STRATEGY VERSION) find_package (Python3 REQUIRED COMPONENTS Interpreter Development) execute_process(COMMAND pip3 show pycryptodome RESULT_VARIABLE EXIT_CODE OUTPUT_QUIET) if(NOT ${EXIT_CODE} EQUAL 0) From b073252f8119873e2454fc9017fd0852d69ccb34 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 17:11:47 +0000 Subject: [PATCH 041/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 278c80c2..f68d9a1e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -223,7 +223,7 @@ jobs: - name: Update run: yum update -y - name: Install Dependencies - run: yum install -y --enablerepo=devel epel-release python3 python3-pip libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server + run: yum install -y --enablerepo=devel epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov From e32b5956275f418632e057ca1910c5a249f1e2f4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 17:14:36 +0000 Subject: [PATCH 042/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f68d9a1e..ba06689b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -223,7 +223,7 @@ jobs: - name: Update run: yum update -y - name: Install Dependencies - run: yum install -y --enablerepo=devel epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server + run: yum install -y --enablerepo=devel python3-pip epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov From f20a10339c34f483b7d3cc11827b8b66a623e16f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 17:23:16 +0000 Subject: [PATCH 043/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ba06689b..34d44948 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -223,7 +223,7 @@ jobs: - name: Update run: yum update -y - name: Install Dependencies - run: yum install -y --enablerepo=devel python3-pip epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server + run: yum install -y --enablerepo=devel python3-pip libpython3-dev epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov From aa5fe3140c4a315f2294189f0dc740ae8bd1e0a7 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 17:24:22 +0000 Subject: [PATCH 044/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 34d44948..b7c82431 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -223,7 +223,7 @@ jobs: - name: Update run: yum update -y - name: Install Dependencies - run: yum install -y --enablerepo=devel python3-pip libpython3-dev epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server + run: yum install -y python3-pip epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov From 26e904c5a52269074a5e2500e8c03200e18001d4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 17:25:58 +0000 Subject: [PATCH 045/241] [nasa/cryptolib#277] workflow updates --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b7c82431..f2a15137 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -223,7 +223,7 @@ jobs: - name: Update run: yum update -y - name: Install Dependencies - run: yum install -y python3-pip epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server + run: yum install -y --enablerepo=devel python3-pip python3-devel epel-release libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov From bf18b23a23fedf6c7a145822290d9ccce72ada4d Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 17:30:23 +0000 Subject: [PATCH 046/241] [nasa/cryptolib#277] workflow updates finished --- .github/workflows/build.yml | 2 -- .github/workflows/codeql.yml | 2 -- 2 files changed, 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f2a15137..6a622c6a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,8 +1,6 @@ name: CryptoLib on: - push: - branches: [ 277-revisit-ci-build-scripts ] pull_request: branches: [ main, dev ] diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 05295599..c3b039c8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -12,8 +12,6 @@ name: "CodeQL Advanced" on: - push: - branches: [ main, dev, 277-revisit-ci-build-scripts ] pull_request: branches: [ main, dev ] From 5d6731ee689e13939784df3b150bb3bfe687176c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 17 Sep 2024 17:32:41 +0000 Subject: [PATCH 047/241] [nasa/cryptolib#277] Swap RHEL codeQL container to ubuntu-latest --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c3b039c8..f1fb2586 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -197,7 +197,7 @@ jobs: build_rhel: name: Analyze Build_RHEL - runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'rockylinux/rockylinux:9' }} + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} permissions: # required for all workflows security-events: write From 58782d621b47421f9fc4377cce508aea75c9ffb7 Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Wed, 18 Sep 2024 15:10:14 +0000 Subject: [PATCH 048/241] [nasa/Cryptolib#317] Move Undefined String Error to string codes within c crypto_error.c --- include/crypto_error.h | 2 -- src/core/crypto_error.c | 4 +++- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index a1f919af..04827ef4 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -136,7 +136,5 @@ extern char *crypto_enum_errlist_crypto_if[]; extern char *crypto_enum_errlist_crypto_kmc[]; extern char *crypto_enum_errlist_crypto_cam[]; -#define CRYPTO_UNDEFINED_ERROR (char*) "CRYPTO_UNDEFINED_ERROR_CODE" - #endif //CRYPTO_ERROR_H \ No newline at end of file diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 794def80..b3f25092 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -19,6 +19,8 @@ #include "crypto_error.h" #include "crypto.h" +#define CRYPTO_UNDEFINED_ERROR (char*) "CRYPTO_UNDEFINED_ERROR_CODE" + char *crypto_enum_errlist_core[] = { (char*) "CRYPTO_LIB_SUCCESS", @@ -77,7 +79,7 @@ char *crypto_enum_errlist_core[] = (char*) "CRYPTO_LIB_ERR_FAIL_SA_LOAD", (char*) "CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT", (char*) "CRYPTO_LIB_ERR_KEY_VALIDATION", - (char*) "CRYPTO_LIB_ERR_SPI_INDEX_OOB", + (char*) "CRYPTO_LIB_ERR_SPI_INDEX_OOB", }; char *crypto_enum_errlist_config[] = From b871ef8775a77a4342b0843a929267f50b7edc4e Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Wed, 18 Sep 2024 15:13:29 +0000 Subject: [PATCH 049/241] [nasa/Cryptolib#317] Modify Get Error Code Enum String to utilize minus instead of modulo 1 OOM greater performance --- src/core/crypto_error.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index b3f25092..476a595c 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -179,27 +179,27 @@ char* Crypto_Get_Error_Code_Enum_String(int32_t crypto_error_code) char* return_string = CRYPTO_UNDEFINED_ERROR; if(crypto_error_code >= 600) // CAM Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 610, crypto_enum_errlist_crypto_cam[crypto_error_code % 600]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, 610, crypto_enum_errlist_crypto_cam[crypto_error_code - 600]); } else if(crypto_error_code >= 500) // KMC Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 515, crypto_enum_errlist_crypto_kmc[crypto_error_code % 500]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, 515, crypto_enum_errlist_crypto_kmc[crypto_error_code - 500]); } else if(crypto_error_code >= 400) // Crypto Interface Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 402, crypto_enum_errlist_crypto_if[crypto_error_code % 400]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, 402, crypto_enum_errlist_crypto_if[crypto_error_code - 400]); } else if(crypto_error_code >= 300) // SADB MariadDB Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 303, crypto_enum_errlist_sa_mariadb[crypto_error_code % 300]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, 303, crypto_enum_errlist_sa_mariadb[crypto_error_code - 300]); } else if(crypto_error_code >= 200) // SADB Interface Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 201, crypto_enum_errlist_sa_if[crypto_error_code % 200]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, 201, crypto_enum_errlist_sa_if[crypto_error_code - 200]); } else if(crypto_error_code >= 100) // Configuration Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 103, crypto_enum_errlist_config[crypto_error_code % 100]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, 103, crypto_enum_errlist_config[crypto_error_code - 100]); } else if(crypto_error_code <= 0) // Cryptolib Core Error Codes { From 1b297ecb17c6cda0789632828319d00adf87b800 Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Wed, 18 Sep 2024 15:36:41 +0000 Subject: [PATCH 050/241] [nasa/Cryptolib#317] Remove Magic Numbers from Enum String Function - define max and min for function --- include/crypto_error.h | 21 +++++++++++++++++++++ src/core/crypto_error.c | 26 +++++++++++++------------- 2 files changed, 34 insertions(+), 13 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 04827ef4..0170ea60 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -128,6 +128,27 @@ #define CRYPTO_LIB_ERR_SPI_INDEX_OOB (-56) #define CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL (-57) +// Define codes for returning MDB Strings, and determining error based on strings +#define CAM_ERROR_CODES 600 +#define CAM_ERROR_CODES_MAX 610 + +#define KMC_ERROR_CODES 500 +#define KMC_ERROR_CODES_MAX 515 + +#define CRYPTO_INTERFACE_ERROR_CODES 400 +#define CRYPTO_INTERFACE_ERROR_CODES_MAX 402 + +#define SADB_ERROR_CODES 300 +#define SADB_ERROR_CODES_MAX 303 + +#define SADB_INTERFACE_ERROR_CODES 200 +#define SADB_INTERFACE_ERROR_CODES_MAX 201 + +#define CONFIGURATION_ERROR_CODES 100 +#define CONFIGURATION_ERROR_CODES_MAX 103 + +#define CRYPTO_CORE_ERROR_CODES_MAX -57 + extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; extern char *crypto_enum_errlist_sa_if[]; diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 476a595c..1542de64 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -177,33 +177,33 @@ char* Crypto_Get_Error_Code_String(int32_t crypto_error_code, int32_t crypto_err char* Crypto_Get_Error_Code_Enum_String(int32_t crypto_error_code) { char* return_string = CRYPTO_UNDEFINED_ERROR; - if(crypto_error_code >= 600) // CAM Error Codes + if(crypto_error_code >= CAM_ERROR_CODES) // CAM Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 610, crypto_enum_errlist_crypto_cam[crypto_error_code - 600]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, CAM_ERROR_CODES_MAX, crypto_enum_errlist_crypto_cam[crypto_error_code - CAM_ERROR_CODES]); } - else if(crypto_error_code >= 500) // KMC Error Codes + else if(crypto_error_code >= KMC_ERROR_CODES) // KMC Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 515, crypto_enum_errlist_crypto_kmc[crypto_error_code - 500]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, KMC_ERROR_CODES_MAX, crypto_enum_errlist_crypto_kmc[crypto_error_code - KMC_ERROR_CODES]); } - else if(crypto_error_code >= 400) // Crypto Interface Error Codes + else if(crypto_error_code >= CRYPTO_INTERFACE_ERROR_CODES) // Crypto Interface Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 402, crypto_enum_errlist_crypto_if[crypto_error_code - 400]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, CRYPTO_INTERFACE_ERROR_CODES_MAX, crypto_enum_errlist_crypto_if[crypto_error_code - CRYPTO_INTERFACE_ERROR_CODES]); } - else if(crypto_error_code >= 300) // SADB MariadDB Error Codes + else if(crypto_error_code >= SADB_ERROR_CODES) // SADB MariadDB Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 303, crypto_enum_errlist_sa_mariadb[crypto_error_code - 300]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, SADB_ERROR_CODES_MAX, crypto_enum_errlist_sa_mariadb[crypto_error_code - SADB_ERROR_CODES]); } - else if(crypto_error_code >= 200) // SADB Interface Error Codes + else if(crypto_error_code >= SADB_ERROR_CODES) // SADB Interface Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 201, crypto_enum_errlist_sa_if[crypto_error_code - 200]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, SADB_INTERFACE_ERROR_CODES_MAX, crypto_enum_errlist_sa_if[crypto_error_code - SADB_ERROR_CODES]); } - else if(crypto_error_code >= 100) // Configuration Error Codes + else if(crypto_error_code >= CONFIGURATION_ERROR_CODES) // Configuration Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, 103, crypto_enum_errlist_config[crypto_error_code - 100]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, CONFIGURATION_ERROR_CODES_MAX, crypto_enum_errlist_config[crypto_error_code - CONFIGURATION_ERROR_CODES]); } else if(crypto_error_code <= 0) // Cryptolib Core Error Codes { - return_string = Crypto_Get_Crypto_Error_Code_String(crypto_error_code, -51, crypto_enum_errlist_core[(crypto_error_code * (-1))]); + return_string = Crypto_Get_Crypto_Error_Code_String(crypto_error_code, CRYPTO_CORE_ERROR_CODES_MAX, crypto_enum_errlist_core[(crypto_error_code * (-1))]); //Cryptolib uses negative error return codes. } return return_string; } \ No newline at end of file From 3301a7478dc5a2474fb595448a98bfd65ba1a46d Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Wed, 18 Sep 2024 16:30:59 +0000 Subject: [PATCH 051/241] [nasa/Cryptolib#318] Remove Magic Numbers, Comments, Cleanup Defines --- include/crypto.h | 32 +++++++------------------------- include/crypto_config.h | 26 +++++++++++--------------- 2 files changed, 18 insertions(+), 40 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 4e3ac527..23dfffb3 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -52,15 +52,10 @@ #define CRYPTO_LIB_REVISION 1 #define CRYPTO_LIB_MISSION_REV 0 -/* -** SAVE FILE NAME/LOCATION -*/ -#define CRYPTO_SA_SAVE "sa_save_file.bin" +#define GVCID_MAX_PARAM_SIZE 250 +#define CRC32TBL_SIZE 256 +#define CRC16TBL_SIZE 256 -/* -** TC_BLOCK_SIZE -*/ -#define TC_BLOCK_SIZE 16 /* ** User Prototypes @@ -83,9 +78,6 @@ extern int32_t Crypto_Config_Kmc_Crypto_Service(char* protocol, char* kmc_crypto char* mtls_client_cert_type, char* mtls_client_key_path, char* mtls_client_key_pass, char* mtls_issuer_cert); extern int32_t Crypto_Config_Cam(uint8_t cam_enabled, char* cookie_file_path, char* keytab_file_path, uint8_t login_method, char* access_manager_uri, char* username, char* cam_home); -// extern int32_t Crypto_Config_Add_Gvcid_Managed_Parameter(uint8_t tfvn, uint16_t scid, uint8_t vcid, uint8_t has_fecf, -// uint8_t has_segmentation_hdr, uint8_t has_ocf, uint16_t max_frame_size, uint8_t aos_has_fhec, -// uint8_t aos_has_iz, uint16_t aos_iz_len); extern int32_t Crypto_Config_Add_Gvcid_Managed_Parameters(GvcidManagedParameters_t mp_struct); // Initialization extern int32_t Crypto_Init(void); // Initialize CryptoLib After Configuration Calls @@ -149,6 +141,7 @@ int32_t Crypto_TC_Set_IV(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame // Telemetry (TM) extern int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer); extern int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length); + // Advanced Orbiting Systems (AOS) extern int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer); extern int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length); @@ -186,7 +179,6 @@ void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, Security extern uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID); extern int32_t Crypto_increment(uint8_t* num, int length); -// int32_t Crypto_Get_tcPayloadLength(TC_t* tc_frame, SecurityAssociation_t* sa_ptr); int32_t Crypto_Get_tmLength(int len); uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id); void Crypto_TM_updatePDU(uint8_t* ingest, int len_ingest); @@ -196,10 +188,7 @@ uint32_t Crypto_Prepare_TM_AAD(const uint8_t* buffer, uint16_t len_aad, const ui uint32_t Crypto_Prepare_AOS_AAD(const uint8_t* buffer, uint16_t len_aad, const uint8_t* abm_buffer, uint8_t* aad); void Crypto_Local_Config(void); void Crypto_Local_Init(void); -// int32_t Crypto_gcm_err(int gcm_err); int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window); -// int32_t Crypto_compare_less_equal(uint8_t* actual, uint8_t* expected, int length); -// int32_t Crypto_FECF(int fecf, uint8_t* ingest, int len_ingest,TC_t* tc_frame); uint16_t Crypto_Calc_FECF(const uint8_t* ingest, int len_ingest); void Crypto_Calc_CRC_Init_Table(void); uint16_t Crypto_Calc_CRC16(uint8_t* data, int size); @@ -255,13 +244,6 @@ int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t* sa_ptr); int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uint8_t vcid, GvcidManagedParameters_t* managed_parameters_in, GvcidManagedParameters_t* managed_parameters_out); -// int32_t crypto_config_add_gvcid_managed_parameter_recursion(uint8_t tfvn, uint16_t scid, uint8_t vcid, -// uint8_t has_fecf, uint8_t has_segmentation_hdr, uint8_t has_ocf, -// uint16_t max_frame_size, uint8_t aos_has_fhec, -// uint8_t aos_has_iz, uint16_t aos_iz_len, -// GvcidManagedParameters_t* managed_parameter); -// void Crypto_Free_Managed_Parameters(GvcidManagedParameters_t* managed_parameters); - // Project-wide support functions extern char* crypto_deep_copy_string(char* src_string); @@ -285,7 +267,7 @@ extern CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config; extern CamConfig_t* cam_config; extern GvcidManagedParameters_t* gvcid_managed_parameters; extern GvcidManagedParameters_t* current_managed_parameters; -extern GvcidManagedParameters_t gvcid_managed_parameters_array[250]; +extern GvcidManagedParameters_t gvcid_managed_parameters_array[GVCID_MAX_PARAM_SIZE]; extern GvcidManagedParameters_t current_managed_parameters_struct; extern int gvcid_counter; extern KeyInterface key_if; @@ -313,7 +295,7 @@ extern uint8_t badIV; extern uint8_t badMAC; extern uint8_t badFECF; // CRC -extern uint32_t crc32Table[256]; -extern uint16_t crc16Table[256]; +extern uint32_t crc32Table[CRC32TBL_SIZE]; +extern uint16_t crc16Table[CRC16TBL_SIZE]; #endif //CRYPTO_H \ No newline at end of file diff --git a/include/crypto_config.h b/include/crypto_config.h index ac09c723..f942832b 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -18,21 +18,6 @@ #ifndef CRYPTO_CONFIG_H #define CRYPTO_CONFIG_H -// Build Defines -//#define BUILD_STATIC - -// Debug Defines -- Use CMAKE options -//#define ARC_DEBUG -//#define CCSDS_DEBUG -//#define DEBUG //(CMAKE option, not hardcoded) -//#define FECF_DEBUG -//#define MAC_DEBUG -//#define OCF_DEBUG -//#define PDU_DEBUG -//#define SA_DEBUG -//#define TC_DEBUG -//#define TM_DEBUG - // Debug Colors #ifdef DEBUG #define CRYPTO_DEBUG printf("%s:%s: %d", __FILE__, __FUNCTION__, __LINE__); @@ -205,4 +190,15 @@ #define CRYPTO_FALSE 0 #define CRYPTO_TRUE 1 +/* +** SAVE FILE NAME/LOCATION +*/ +#define CRYPTO_SA_SAVE "sa_save_file.bin" + +/* +** TC_BLOCK_SIZE +*/ +#define TC_BLOCK_SIZE 16 + + #endif //CRYPTO_CONFIG_H \ No newline at end of file From 1ac09e9794607a414448ebf68a94566b9e33d81f Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Wed, 18 Sep 2024 17:16:16 +0000 Subject: [PATCH 052/241] [nasa/Cryptolib#311] Add Comments to Print Prototypes --- include/crypto_print.h | 57 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/include/crypto_print.h b/include/crypto_print.h index 8e6e299a..4d084e5b 100644 --- a/include/crypto_print.h +++ b/include/crypto_print.h @@ -28,14 +28,71 @@ /* ** Prototypes */ + +/** + * @brief Function: Crypto_tcPrint + * @param tc_frame: TC_T* + * Prints the contents of the tc_frame + **/ void Crypto_tcPrint(TC_t* tc_frame); + +/** + * @brief Function: Crypto_tmPrint + * @param tm_frame: TM_T* + * Prints the contents of the tm_frame + **/ void Crypto_tmPrint(TM_t* tm_frame); + +/** + * @brief Function: Crypto_clcwPrint + * @param clcw: Telemetry_Frame_Clcw_t* + * Prints the contents of the clcw + **/ void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw); + +/** + * @brief Function: Crypto_fsrPrint + * @param report: SDLS_FSR_t* + * Prints the contents of current FSR in memory + **/ void Crypto_fsrPrint(SDLS_FSR_t* report); + +/** + * @brief Function: Crypto_ccsdsPrint + * @param sdls_frame: CCSDS_t* + * Prints the contents of current CCSDS in memory + **/ void Crypto_ccsdsPrint(CCSDS_t* sdls_frame); + +/** + * @brief Function: Crypto_saPrint + * @param sa: SecurityAssociation_t* + * Prints the contents of SA + **/ void Crypto_saPrint(SecurityAssociation_t* sa); + +/** + * @brief Function: Crypto_hexPrint + * Prints the array of hex characters. + * @param c: void*, The hex to be printed. + * @param n: size_t, The size of the array to be printed. + **/ void Crypto_hexprint(const void* c, size_t n); + +/** + * @brief Function: Crypto_binprint + * Prints the array of binary data. + * @param c: void*, The binary array to be printed. + * @param n: size_t, The size of the array to be printed. + **/ void Crypto_binprint(void* c, size_t n); + +/** + * @brief Function: Crypto_mpPrint + * Prints the array of Managed Parameters. + * @param managed_parameters: GvcidManagedParameters_t*, The binary array to be printed. + * @param print_children: uint8_t, The size of the array to be printed. + **/ void Crypto_mpPrint(GvcidManagedParameters_t* managed_parameters, uint8_t print_children); #endif //CRYPTO_PRINT_H From 4c483dd8b86d4da402c891fcabb0a2f3603396c4 Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Wed, 18 Sep 2024 17:24:26 +0000 Subject: [PATCH 053/241] [nasa/Cryptolib#312] Refactor Startup Varible naming to contain _EID --- include/crypto_events.h | 2 +- src/core/crypto_config.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/crypto_events.h b/include/crypto_events.h index 1d65689f..505fbd25 100644 --- a/include/crypto_events.h +++ b/include/crypto_events.h @@ -27,6 +27,6 @@ #define IV_REPLAY_ERR_EID 6 #define OTAR_MK_ERR_EID 7 -#define STARTUP 10 +#define STARTUP_EID 10 #endif //CRYPTO_EVENTS_H \ No newline at end of file diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 49a5e11d..5fee4b3a 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -733,14 +733,14 @@ void Crypto_Local_Config(void) log_summary.rs = LOG_SIZE; // Add a two messages to the log log_summary.rs--; - mc_log.blk[log_count].emt = STARTUP; + mc_log.blk[log_count].emt = STARTUP_EID; mc_log.blk[log_count].emv[0] = 0x4E; mc_log.blk[log_count].emv[1] = 0x41; mc_log.blk[log_count].emv[2] = 0x53; mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; log_summary.rs--; - mc_log.blk[log_count].emt = STARTUP; + mc_log.blk[log_count].emt = STARTUP_EID; mc_log.blk[log_count].emv[0] = 0x4E; mc_log.blk[log_count].emv[1] = 0x41; mc_log.blk[log_count].emv[2] = 0x53; From ffe3afe5646e471ea2b23bbb1c7dac9793f1b380 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 13:15:02 +0000 Subject: [PATCH 054/241] [nasa/cryptolib#315] Remove unused code from crypto.c --- include/crypto.h | 4 ---- src/core/crypto.c | 50 ----------------------------------------------- 2 files changed, 54 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 4e3ac527..8d180af8 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -247,10 +247,6 @@ void clean_akref(SecurityAssociation_t* sa); int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uint8_t* ingest); int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame); -// Helper length functions -int32_t Crypto_Get_Security_Header_Length(SecurityAssociation_t* sa_ptr); -int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t* sa_ptr); - // Managed Parameter Functions int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uint8_t vcid, GvcidManagedParameters_t* managed_parameters_in, diff --git a/src/core/crypto.c b/src/core/crypto.c index 9b376fb1..da88a8df 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -1095,53 +1095,3 @@ int32_t Crypto_Get_ACS_Algo_Keylen(uint8_t algo) return retval; } - -/** -* @brief: Function: Crypto_Get_Security_Header_Length -* Return Security Header Length -* @param sa_ptr: SecurityAssociation_t* -**/ -int32_t Crypto_Get_Security_Header_Length(SecurityAssociation_t* sa_ptr) -{ - /* Narrator's Note: Leaving this here for future work - ** eventually we need a way to reconcile cryptolib managed parameters with TO managed parameters - GvcidManagedParameters_t* temp_current_managed_parameters = NULL; - Crypto_Get_Managed_Parameters_For_Gvcid(tfvn, scid, vcid, - gvcid_managed_parameters, temp_current_managed_parameters); - */ - - if (!sa_ptr) - { -#ifdef DEBUG - printf(KRED "Get_Security_Header_Length passed Null SA!\n" RESET); -#endif - return CRYPTO_LIB_ERR_NULL_SA; - } - uint16_t securityHeaderLength = 2; // Start with SPI - - securityHeaderLength += sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - - return securityHeaderLength; -} - -/** -* @brief: Function: Crypto_Get_Security_Trailer_Length -* Return Security Trailer Length -* @param sa_ptr: SecurityAssociation_t* -**/ -int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t* sa_ptr) -{ - if (!sa_ptr) - { -#ifdef DEBUG - printf(KRED "Get_Trailer_Trailer_Length passed Null SA!\n" RESET); -#endif - return CRYPTO_LIB_ERR_NULL_SA; - } - uint16_t securityTrailerLength = 0; - - securityTrailerLength = sa_ptr->stmacf_len; - - return securityTrailerLength; - -} From a49abacf784c7677aafb51d0f0f6c8b454b99d09 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 13:19:16 +0000 Subject: [PATCH 055/241] [nasa/cryptolib#316] Remove unused code at line 235 --- include/crypto.h | 1 - src/core/crypto.c | 30 ------------------------------ 2 files changed, 31 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 8d180af8..594fb733 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -198,7 +198,6 @@ void Crypto_Local_Config(void); void Crypto_Local_Init(void); // int32_t Crypto_gcm_err(int gcm_err); int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window); -// int32_t Crypto_compare_less_equal(uint8_t* actual, uint8_t* expected, int length); // int32_t Crypto_FECF(int fecf, uint8_t* ingest, int len_ingest,TC_t* tc_frame); uint16_t Crypto_Calc_FECF(const uint8_t* ingest, int len_ingest); void Crypto_Calc_CRC_Init_Table(void); diff --git a/src/core/crypto.c b/src/core/crypto.c index da88a8df..8caddbfe 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -224,36 +224,6 @@ int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window return status; } -/** - * @brief Function: Crypto_compare_less_equal - * @param actual: uint8* - * @param expected: uint8* - * @param length: int - * @return int32: Success/Failure - **/ -/* -int32_t Crypto_compare_less_equal(uint8_t* actual, uint8_t* expected, int length) -{ - int status = CRYPTO_LIB_ERROR; - int i; - - for(i = 0; i < length - 1; i++) - { - if (actual[i] > expected[i]) - { - status = CRYPTO_LIB_SUCCESS; - break; - } - else if (actual[i] < expected[i]) - { - status = CRYPTO_LIB_ERROR; - break; - } - } - return status; -} -*/ - /** * @brief Function: Crypto_Prep_Reply * Assumes that both the pkt_length and pdu_len are set properly From 01697ad03b1f98276afe984889f816464e82ce49 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 13:37:53 +0000 Subject: [PATCH 056/241] [nasa/cryptolib#316] Clean up commented code --- src/core/crypto.c | 118 ---------------------------------------------- 1 file changed, 118 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 8caddbfe..35b8af88 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -32,7 +32,6 @@ CFS_MODULE_DECLARE_LIB(crypto); /* ** Global Variables */ -// crypto_key_t ak_ring[NUM_KEYS]; CCSDS_t sdls_frame; // TM_t tm_frame; uint8_t tm_frame[1786]; // Testing @@ -254,12 +253,6 @@ uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID) ingest[count++] = (sdls_frame.hdr.pkt_length & 0xFF00) >> 8; ingest[count++] = (sdls_frame.hdr.pkt_length & 0x00FF); - // Fill ingest with PUS - // ingest[count++] = (sdls_frame.pus.shf << 7) | (sdls_frame.pus.pusv << 4) | (sdls_frame.pus.ack); - // ingest[count++] = (sdls_frame.pus.st); - // ingest[count++] = (sdls_frame.pus.sst); - // ingest[count++] = (sdls_frame.pus.sid << 4) | (sdls_frame.pus.spare); - // Fill ingest with Tag and Length ingest[count++] = (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | (sdls_frame.pdu.pid); @@ -269,52 +262,6 @@ uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID) return count; } -/** - * @brief Function Crypto_FECF - * Calculate the Frame Error Control Field (FECF), also known as a cyclic redundancy check (CRC) - * @param fecf: int - * @param ingest: uint8_t* - * @param len_ingest: int - * @param tc_frame: TC_t* - * @return int32: Success/Failure - **/ -/* -int32_t Crypto_FECF(int fecf, uint8_t* ingest, int len_ingest,TC_t* tc_frame) -{ - int32_t result = CRYPTO_LIB_SUCCESS; - uint16_t calc_fecf = Crypto_Calc_FECF(ingest, len_ingest); - - if ( (fecf & 0xFFFF) != calc_fecf ) - { - if (((uint8_t)ingest[18] == 0x0B) && ((uint8_t)ingest[19] == 0x00) && (((uint8_t)ingest[20] & 0xF0) == -0x40)) - { - // User packet check only used for ESA Testing! - } - else - { // TODO: Error Correction - printf(KRED "Error: FECF incorrect!\n" RESET); - if (log_summary.rs > 0) - { - Crypto_increment((uint8_t*)&log_summary.num_se, 4); - log_summary.rs--; - mc_log.blk[log_count].emt = FECF_ERR_EID; - mc_log.blk[log_count].emv[0] = 0x4E; - mc_log.blk[log_count].emv[1] = 0x41; - mc_log.blk[log_count].emv[2] = 0x53; - mc_log.blk[log_count].emv[3] = 0x41; - mc_log.blk[log_count++].em_len = 4; - } - #ifdef FECF_DEBUG - printf("\t Calculated = 0x%04x \n\t Received = 0x%04x \n", calc_fecf, -tc_frame->tc_sec_trailer.fecf); #endif result = CRYPTO_LIB_ERROR; - } - } - - return result; -} -*/ - /** * @brief Function Crypto_Calc_FECF * Calculate the Frame Error Control Field (FECF), also known as a cyclic redundancy check (CRC) @@ -344,11 +291,6 @@ uint16_t Crypto_Calc_FECF(const uint8_t* ingest, int len_ingest) } } } - // Check if Testing - //if (badFECF == 1) - //{ - // fecf++; - //} #ifdef FECF_DEBUG int x; @@ -379,7 +321,6 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) for (; size > 0; size--) { - // printf("*data = 0x%02x \n", (uint8_t) *data); crc = ((crc << 8) & 0xFF00) ^ crc16Table[(crc >> 8) ^ *data++]; } @@ -680,63 +621,6 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin return status; } - -/** - * @brief Function: Crypto_Get_Managed_Parameters_For_Gvcid - * @param tfvn: uint8 - * @param scid: uint16 - * @param vcid: uint8 - * @param managed_parameters_in: GvcidManagedParameters_t* - * @param managed_parameters_out: GvcidManagedParameters_t** - * @return int32: Success/Failure - **/ -// int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uint8_t vcid, -// GvcidManagedParameters_t* managed_parameters_in, -// GvcidManagedParameters_t** managed_parameters_out) -// { -// int32_t status = MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND; - -// if (managed_parameters_in != NULL) -// { -// if (managed_parameters_in->tfvn == tfvn && managed_parameters_in->scid == scid && -// managed_parameters_in->vcid == vcid) -// { -// *managed_parameters_out = managed_parameters_in; -// status = CRYPTO_LIB_SUCCESS; -// return status; -// } -// else -// { -// return Crypto_Get_Managed_Parameters_For_Gvcid(tfvn, scid, vcid, managed_parameters_in->next, -// managed_parameters_out); -// } -// } -// else -// { -// printf(KRED "Error: Managed Parameters for GVCID(TFVN: %d, SCID: %d, VCID: %d) not found. \n" RESET, tfvn, scid, -// vcid); -// return status; -// } -// } - -/** - * @brief Function: Crypto_Free_Managed_Parameters - * Managed parameters are expected to live the duration of the program, this may not be necessary. - * @param managed_parameters: GvcidManagedParameters_t* - **/ -// void Crypto_Free_Managed_Parameters(GvcidManagedParameters_t* managed_parameters) -// { -// if (managed_parameters == NULL) -// { -// return; // Nothing to free, just return! -// } -// if (managed_parameters->next != NULL) -// { -// Crypto_Free_Managed_Parameters(managed_parameters->next); -// } -// free(managed_parameters); -// } - /** * @brief Function: Crypto_Process_Extended_Procedure_Pdu * @param tc_sdls_processed_frame: TC_t* @@ -894,7 +778,6 @@ int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* a else { *arsn_valid = CRYPTO_TRUE; - // memcpy(sa_ptr->arsn, arsn, sa_ptr->arsn_len); } } return status; @@ -944,7 +827,6 @@ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, else { *iv_valid = CRYPTO_TRUE; - // memcpy(sa_ptr->iv, iv, sa_ptr->iv_len); } } return status; From 415a80f98cb7b8a745a79f266224912b41680a36 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 14:40:53 +0000 Subject: [PATCH 057/241] [nasa/cryptolib#316] Add return code, and fix to single return statement --- src/core/crypto.c | 55 +++++++++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 23 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 35b8af88..4234763a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -98,21 +98,25 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) { // CryptoLib only supports AES-GCM, which is an AEAD (Authenticated Encryption with Associated Data) algorithm, so // return true/1. + + int status = CRYPTO_FALSE; + // TODO - Add cipher suite mapping to which algorithms are AEAD and which are not. if ((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC) || (cipher_suite_id == CRYPTO_CIPHER_AES256_GCM_SIV)) { #ifdef DEBUG printf(KYEL "CRYPTO IS AEAD? : TRUE\n" RESET); #endif - return CRYPTO_TRUE; + status = CRYPTO_TRUE; } else { #ifdef DEBUG printf(KYEL "CRYPTO IS AEAD? : FALSE\n" RESET); #endif - return CRYPTO_FALSE; + status = CRYPTO_FALSE; } + return status; } // TODO - Review this. Not sure it quite works how we think @@ -158,6 +162,7 @@ int32_t Crypto_increment(uint8_t* num, int length) int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window) { int status = CRYPTO_LIB_ERROR; + int return_code = 0; int result = 0; uint8_t temp[length]; int i; @@ -169,14 +174,16 @@ int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window #ifdef DEBUG printf("Crypto_Window expected ptr is NULL\n"); #endif - return status; + status = CRYPTO_LIB_ERROR; + return_code = 1; } if (expected == NULL) { #ifdef DEBUG printf("Crypto_Window expected ptr is NULL\n"); #endif - return status; + status = CRYPTO_LIB_ERROR; + return_code = 1; } // Check for special case where received value is all 0's and expected is all 0's (won't have -1 in sa!) // Received ARSN is: 00000000, SA ARSN is: 00000000 @@ -191,33 +198,35 @@ int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window if (zero_case == CRYPTO_TRUE) { status = CRYPTO_LIB_SUCCESS; - return status; + return_code = 1; } - - memcpy(temp, expected, length); - for (i = 0; i < window; i++) + if (return_code != 1) { - // Recall - the stored IV or ARSN is the last valid one received, check against next expected - Crypto_increment(&temp[0], length); + memcpy(temp, expected, length); + for (i = 0; i < window; i++) + { + // Recall - the stored IV or ARSN is the last valid one received, check against next expected + Crypto_increment(&temp[0], length); #ifdef DEBUG - printf("Checking Frame Against Incremented Window:\n"); - Crypto_hexprint(temp, length); + printf("Checking Frame Against Incremented Window:\n"); + Crypto_hexprint(temp, length); #endif - result = 0; - /* go from right (least significant) to left (most signifcant) */ - for (j = length - 1; j >= 0; --j) - { - if (actual[j] == temp[j]) + result = 0; + /* go from right (least significant) to left (most signifcant) */ + for (j = length - 1; j >= 0; --j) { - result++; + if (actual[j] == temp[j]) + { + result++; + } + } + if (result == length) + { + status = CRYPTO_LIB_SUCCESS; + break; } - } - if (result == length) - { - status = CRYPTO_LIB_SUCCESS; - break; } } return status; From 999cf635a08ce75803367fda16854a8e3682a003 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Thu, 19 Sep 2024 10:56:13 -0400 Subject: [PATCH 058/241] [nasa/cryptolib#317] Fixed missing error messages --- src/core/crypto_error.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 1542de64..6ffe8dc3 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -80,6 +80,7 @@ char *crypto_enum_errlist_core[] = (char*) "CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT", (char*) "CRYPTO_LIB_ERR_KEY_VALIDATION", (char*) "CRYPTO_LIB_ERR_SPI_INDEX_OOB", + (char*) "CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL", }; char *crypto_enum_errlist_config[] = @@ -139,6 +140,8 @@ char *crypto_enum_errlist_crypto_cam[] = (char*) "CAM_INVALID_CONFIGURATION_KEYTAB_FILE_PATH_NULL", (char*) "CAM_INVALID_CONFIGURATION_KEYTAB_FILE_USERNAME_NULL", (char*) "CAM_KEYTAB_FILE_KINIT_FAILURE", + (char*) "CAM_KERBEROS_REQUEST_TIME_OUT", + (char*) "CAM_MAX_AUTH_RETRIES_REACHED", }; /* From c5e337f9c071402433f09dfc9f4588f8a9da8e64 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Thu, 19 Sep 2024 11:00:42 -0400 Subject: [PATCH 059/241] [nasa/cryptolib#317] Update comment on maintaining error messages --- include/crypto_error.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 0170ea60..6f4e5555 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -19,8 +19,9 @@ #define CRYPTO_ERROR_H /* - * If error codes are added to this header file, their enum string must be added to the error lists (in crypto_error.c) - * AND logic for returning the enum string must be added to crypto_error.c -- Crypto_Get_Error_Code_Enum_String(int32_t) + * *** IMPORTANT READ *** + * If error codes are added to this header file, their enum string must be added to the error lists (in crypto_error.c) + * AND the appropriate _ERROR_CODE_MAX must be updated below! */ #define CRYPTO_CONFIGURATION_NOT_COMPLETE 100 From 1058853202bd0aed796592f6d018734337bcbbb2 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 15:32:24 +0000 Subject: [PATCH 060/241] [nasa/cryptolib#316] Check NULL pointers, add gvcid max check --- src/core/crypto.c | 255 ++++++++++++++++++++++++++-------------------- 1 file changed, 145 insertions(+), 110 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 4234763a..73666382 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -128,26 +128,34 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) * @return int32: Success/Failure **/ int32_t Crypto_increment(uint8_t* num, int length) -{ +{ + int status = CRYPTO_LIB_SUCCESS; int i; - /* go from right (least significant) to left (most signifcant) */ - for (i = length - 1; i >= 0; --i) + if (num == NULL) { - ++(num[i]); /* increment current byte */ - - if (num[i] != 0) /* if byte did not overflow, we're done! */ - break; + status = CRYPTO_LIB_ERR_NULL_BUFFER; } - - if (i < 0) /* this means num[0] was incremented and overflowed */ + if (status == CRYPTO_LIB_SUCCESS) { - for (i = 0; i < length; i++) + /* go from right (least significant) to left (most signifcant) */ + for (i = length - 1; i >= 0; --i) + { + ++(num[i]); /* increment current byte */ + + if (num[i] != 0) /* if byte did not overflow, we're done! */ + break; + } + + if (i < 0) /* this means num[0] was incremented and overflowed */ { - num[i] = 0; + for (i = 0; i < length; i++) + { + num[i] = 0; + } } } - return CRYPTO_LIB_SUCCESS; + return status; } /** @@ -348,7 +356,13 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) { int32_t status = CRYPTO_LIB_SUCCESS; - + // Check null pointer + if (tc_frame == NULL) + { + status = CRYPTO_LIB_ERR_NULL_BUFFER; + return status; + } + // TODO: Break Switch statement into separate functions and remove return statement above switch (sdls_frame.pdu.type) { case 0: // Command @@ -610,23 +624,30 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin GvcidManagedParameters_t* managed_parameters_out) { int32_t status = MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND; - for(int i = 0; i < gvcid_counter; i++) + // Check gvcid counter against a max + if (gvcid_counter > NUM_GVCID) + { + status = CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT; + } + if (status != CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT) { - if (managed_parameters_in[i].tfvn == tfvn && managed_parameters_in[i].scid == scid && - managed_parameters_in[i].vcid == vcid) + for(int i = 0; i < gvcid_counter; i++) { - *managed_parameters_out = managed_parameters_in[i]; - status = CRYPTO_LIB_SUCCESS; - break; + if (managed_parameters_in[i].tfvn == tfvn && managed_parameters_in[i].scid == scid && + managed_parameters_in[i].vcid == vcid) + { + *managed_parameters_out = managed_parameters_in[i]; + status = CRYPTO_LIB_SUCCESS; + break; + } } - } - if(status != CRYPTO_LIB_SUCCESS) - { - printf(KRED "Error: Managed Parameters for GVCID(TFVN: %d, SCID: %d, VCID: %d) not found. \n" RESET, tfvn, scid, - vcid); + if(status != CRYPTO_LIB_SUCCESS) + { + printf(KRED "Error: Managed Parameters for GVCID(TFVN: %d, SCID: %d, VCID: %d) not found. \n" RESET, tfvn, scid, + vcid); + } } - return status; } @@ -640,44 +661,77 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin { int32_t status = CRYPTO_LIB_SUCCESS; int x; - - if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + // Check for null pointers + if (tc_sdls_processed_frame == NULL) { - if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) - // Crypto Lib Application ID + status = CRYPTO_LIB_ERR_NULL_BUFFER; + } + if (status == CRYPTO_LIB_SUCCESS) + { + if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { + if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) + // Crypto Lib Application ID + { #ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); + printf(KGRN "Received SDLS command: " RESET); +#endif + // CCSDS Header + sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; + sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; + sdls_frame.hdr.appID = + ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; + sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; + sdls_frame.hdr.pktid = + ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; + sdls_frame.hdr.pkt_length = (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + + // CCSDS PUS + sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; + sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; + sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); + sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; + sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; + sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; + sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); + + // SDLS TLV PDU + sdls_frame.pdu.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; + sdls_frame.pdu.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_frame.pdu.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_frame.pdu.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_frame.pdu.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + for (x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + } + +#ifdef CCSDS_DEBUG + Crypto_ccsdsPrint(&sdls_frame); #endif - // CCSDS Header - sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; - sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; - sdls_frame.hdr.appID = - ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; - sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; - sdls_frame.hdr.pktid = - ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; - sdls_frame.hdr.pkt_length = (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; - - // CCSDS PUS - sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; - sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; - sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); - sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; - sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; - sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; - sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); + // Determine type of PDU + status = Crypto_PDU(ingest, tc_sdls_processed_frame); + } + } + else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer + { +#ifdef DEBUG + printf(KGRN "Received SDLS command: " RESET); +#endif + // No Packet HDR or PUS in these frames // SDLS TLV PDU - sdls_frame.pdu.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + sdls_frame.pdu.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; + sdls_frame.pdu.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; + sdls_frame.pdu.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; + sdls_frame.pdu.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); + sdls_frame.pdu.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; + for (x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely + // fails. Must consider Uplink Sessions (sequence numbers). + sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; } #ifdef CCSDS_DEBUG @@ -687,38 +741,11 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); } - } - else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer - { -#ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); -#endif - // No Packet HDR or PUS in these frames - // SDLS TLV PDU - sdls_frame.pdu.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; - sdls_frame.pdu.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; - sdls_frame.pdu.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; - sdls_frame.pdu.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); - sdls_frame.pdu.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; - for (x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) + else { - // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely - // fails. Must consider Uplink Sessions (sequence numbers). - sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; + // TODO - Process SDLS PDU with Packet Layer without PUS_HDR } - -#ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); -#endif - - // Determine type of PDU - status = Crypto_PDU(ingest, tc_sdls_processed_frame); - } - else - { - // TODO - Process SDLS PDU with Packet Layer without PUS_HDR } - return status; } // End Process SDLS PDU @@ -761,34 +788,42 @@ int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t* sa_ptr, int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* arsn, int8_t* arsn_valid) { int32_t status = CRYPTO_LIB_SUCCESS; - if (sa_ptr->shsnf_len > 0) + + // Check for null pointers + if (sa_ptr == NULL || arsn == NULL || arsn_valid == NULL) { - // Check Sequence Number is in ARSNW - status = Crypto_window(arsn, sa_ptr->arsn, sa_ptr->arsn_len, sa_ptr->arsnw); -#ifdef DEBUG - printf("Received ARSN is\n\t"); - for (int i = 0; i < sa_ptr->arsn_len; i++) - { - printf("%02x", *(arsn + i)); - } - printf("\nSA ARSN is\n\t"); - for (int i = 0; i < sa_ptr->arsn_len; i++) - { - printf("%02x", *(sa_ptr->arsn + i)); - } - printf("\nARSNW is: %d\n", sa_ptr->arsnw); - printf("Status from Crypto_Window is: %d\n", status); -#endif - if (status != CRYPTO_LIB_SUCCESS) - { - return CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW; - } - // Valid ARSN received, increment stored value - else + status = CRYPTO_LIB_ERR_NULL_BUFFER; + } + + if (status == CRYPTO_LIB_SUCCESS) + if (sa_ptr->shsnf_len > 0) { - *arsn_valid = CRYPTO_TRUE; + // Check Sequence Number is in ARSNW + status = Crypto_window(arsn, sa_ptr->arsn, sa_ptr->arsn_len, sa_ptr->arsnw); + #ifdef DEBUG + printf("Received ARSN is\n\t"); + for (int i = 0; i < sa_ptr->arsn_len; i++) + { + printf("%02x", *(arsn + i)); + } + printf("\nSA ARSN is\n\t"); + for (int i = 0; i < sa_ptr->arsn_len; i++) + { + printf("%02x", *(sa_ptr->arsn + i)); + } + printf("\nARSNW is: %d\n", sa_ptr->arsnw); + printf("Status from Crypto_Window is: %d\n", status); + #endif + if (status != CRYPTO_LIB_SUCCESS) + { + return CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW; + } + // Valid ARSN received, increment stored value + else + { + *arsn_valid = CRYPTO_TRUE; + } } - } return status; } From 3d1baa1826d90f543a140b56ad440856d5ed83d1 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 15:49:26 +0000 Subject: [PATCH 061/241] [nasa/cryptolib#316] Remove //Testing Code Comment - and specify what these are --- include/crypto_config.h | 2 ++ src/core/crypto.c | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index ac09c723..76ff3333 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -61,6 +61,8 @@ // Max Frame Size #define TC_MAX_FRAME_SIZE 1024 +#define TM_MAX_FRAME_SIZE 1786 +#define AOS_MAX_FRAME_SIZE 1786 // Spacecraft Defines #define SCID 0x0003 diff --git a/src/core/crypto.c b/src/core/crypto.c index 73666382..dd3abad9 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -34,11 +34,11 @@ CFS_MODULE_DECLARE_LIB(crypto); */ CCSDS_t sdls_frame; // TM_t tm_frame; -uint8_t tm_frame[1786]; // Testing +uint8_t tm_frame[TM_MAX_FRAME_SIZE]; // TM Global Frame TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // AOS_t aos_frame -uint8_t aos_frame[1786]; // Testing +uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication // OCF From ec0366a3cc063dd11119894eb7821d31d38df136 Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Thu, 19 Sep 2024 17:10:12 +0000 Subject: [PATCH 062/241] [nasa/Cryptolib#319] Remove Commented Code, Magic Number Cleanup, Links to SDLS Protocols --- include/crypto_structs.h | 43 ++++++++++++++++------------------------ 1 file changed, 17 insertions(+), 26 deletions(-) diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 2ad442e2..ef90a81a 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -19,6 +19,12 @@ #ifndef CRYPTO_STRUCTS_H #define CRYPTO_STRUCTS_H +#define SDLS_CHALLENGED_SIZE 10 +#define SDLS_CMAC_SIZE 10 +#define SDLS_KEY_VERIFY_BLK_SIZE 29 +#define SDLS_KEY_ID_SIZE 98 +#define SDLS_EKB_LEN 30 + #include "crypto_config.h" #ifdef NOS3 // NOS3/cFS build is ready @@ -46,6 +52,8 @@ typedef struct /* ** Security Association +* https://public.ccsds.org/Pubs/355x0b2.pdf +* Table A6 */ typedef struct { @@ -57,7 +65,6 @@ typedef struct char ak_ref[REF_SIZE]; // Authentication Key Reference (Used with string-referenced keystores,EG-PKCS12 keystores, KMC crypto) uint8_t sa_state : 2; crypto_gvcid_t gvcid_blk; - // crypto_gvcid_t gvcid_tm_blk[NUM_GVCID]; uint8_t lpid; // Configuration @@ -114,7 +121,6 @@ typedef struct { uint16_t ekid; // Encrypted Key ID uint8_t ek[KEY_SIZE]; // Encrypted Key - // uint8_t ekcrc[4]; // Encrypted Key CRC } SDLS_EKB_t; #define SDLS_EKB_SIZE (sizeof(SDLS_EKB_t)) @@ -122,7 +128,7 @@ typedef struct { uint16_t mkid; // Master Key ID uint8_t iv[IV_SIZE]; // Initialization Vector - SDLS_EKB_t EKB[30]; // Encrypted Key Block + SDLS_EKB_t EKB[SDLS_EKB_LEN]; // Encrypted Key Block uint8_t mac[MAC_SIZE]; // Message Authentication Code } SDLS_OTAR_t; #define SDLS_OTAR_SIZE (sizeof(SDLS_OTAR_t)) @@ -135,7 +141,7 @@ typedef struct typedef struct { - SDLS_KEY_t kblk[98]; // Key ID Block + SDLS_KEY_t kblk[SDLS_KEY_ID_SIZE]; // Key ID Block } SDLS_KEY_BLK_t; #define SDLS_KEY_BLK_SIZE (sizeof(SDLS_KEY_BLK_t)) @@ -155,7 +161,7 @@ typedef struct typedef struct { - SDLS_KEYV_CMD_BLK_t blk[29]; // Key Verification Command Block + SDLS_KEYV_CMD_BLK_t blk[SDLS_KEY_VERIFY_BLK_SIZE]; // Key Verification Command Block } SDLS_KEYV_CMD_t; #define SDLS_KEYV_CMD_SIZE (sizeof(SDLS_KEYV_CMD_t)) @@ -168,25 +174,27 @@ typedef struct } SDLS_KEYV_RPLY_BLK_t; #define SDLS_KEYV_RPLY_BLK_SIZE (sizeof(SDLS_KEYV_RPLY_BLK_t)) + typedef struct { - SDLS_KEYV_RPLY_BLK_t blk[29]; // Key Verification Reply Block + SDLS_KEYV_RPLY_BLK_t blk[SDLS_KEY_VERIFY_BLK_SIZE]; // Key Verification Reply Block } SDLS_KEYV_RPLY_t; #define SDLS_KEYV_RPLY_SIZE (sizeof(SDLS_KEYV_RPLY_t)) typedef struct { uint16_t kid : 16; // Key ID - uint8_t challenged[10]; + uint8_t challenged[SDLS_CHALLENGED_SIZE]; } SDLS_KEYDB_CMD_t; #define SDLS_KEYDB_CMD_SIZE (sizeof(SDLS_KEYDB_CMD_t)) + typedef struct { uint16_t kid : 16; // Key ID uint8_t iv[IV_SIZE]; // Initialization Vector - uint8_t challenged[10]; // Encrypted Challenge - uint8_t cmac[4]; // Challenge Message Authentication Code + uint8_t challenged[SDLS_CHALLENGED_SIZE]; // Encrypted Challenge + uint8_t cmac[SDLS_CMAC_SIZE]; // Challenge Message Authentication Code } SDLS_KEYDB_RPLY_t; #define SDLS_KEYDB_RPLY_SIZE (sizeof(SDLS_KEYDB_RPLY_t)) @@ -233,8 +241,6 @@ typedef struct /* ** Telecommand (TC) Definitions */ -// typedef struct __attribute__ ((packed)) //__attribute__ ((packed)) is not easily supported in CFFI python. Only add -// when CFFI properly supports packed & nonpacked structs. typedef struct { uint8_t tfvn : 2; // Transfer Frame Version Number @@ -312,19 +318,10 @@ typedef struct } CCSDS_PUS_t; #define CCSDS_PUS_SIZE (sizeof(CCSDS_PUS_t)) -/* unused? -typedef struct -{ - uint8_t CmdHeader[CFE_SB_CMD_HDR_SIZE]; - -} Crypto_NoArgsCmd_t; -*/ - typedef struct { CCSDS_HDR_t hdr; CCSDS_PUS_t pus; - // CCSDS_2HDR_t cmd; SDLS_TLV_t pdu; } CCSDS_t; #define CCSDS_SIZE (sizeof(CCSDS_t)) @@ -396,8 +393,6 @@ typedef struct uint16_t fhp : 11; // First Header Pointer // Sync Flag 0 = Contains position of the first byte of the first packet in the data field // Sync Flag 1 = undefined - // uint8_t tfshvn :2; // Transfer Frame Secondary Header Version Number - shall be 00 - // uint8_t tfshlen :6; // TFSH Length (max 64 Bytes) } TM_FramePrimaryHeader_t; #define TM_FRAME_PRIMARYHEADER_SIZE (sizeof(TM_FramePrimaryHeader_t)) @@ -405,8 +400,6 @@ typedef struct { uint16_t spi; // Security Parameter Index uint8_t iv[IV_SIZE]; // Initialization Vector for encryption - // uint8_t sn[TM_SN_SIZE]; // Sequence Number for anti-replay - // uint8_t pad[TM_PAD_SIZE]; // Count of the used fill Bytes } TM_FrameSecurityHeader_t; #define TM_FRAME_SECHEADER_SIZE (sizeof(TM_FrameSecurityHeader_t)) @@ -462,8 +455,6 @@ typedef struct { uint16_t spi; // Security Parameter Index uint8_t iv[IV_SIZE]; // Initialization Vector for encryption - // uint8_t sn[TM_SN_SIZE]; // Sequence Number for anti-replay - // uint8_t pad[TM_PAD_SIZE]; // Count of the used fill Bytes } AOS_FrameSecurityHeader_t; #define AOS_FRAME_SECHEADER_SIZE (sizeof(AOS_FrameSecurityHeader_t)) From fdcf3ecb95e6ad06784a3fb8413742aaee716d55 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 17:35:01 +0000 Subject: [PATCH 063/241] [nasa/cryptolib#316] Split PDU switch function --- include/crypto.h | 4 + include/crypto_config.h | 8 + src/core/crypto.c | 402 ++++++++++++++++++++++------------------ 3 files changed, 232 insertions(+), 182 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 594fb733..05e1b50f 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -245,6 +245,10 @@ void clean_akref(SecurityAssociation_t* sa); // Determine Payload Data Unit int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uint8_t* ingest); int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame); +int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame); +int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame); +int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest); +int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest); // Managed Parameter Functions int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uint8_t vcid, diff --git a/include/crypto_config.h b/include/crypto_config.h index 76ff3333..258a5c19 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -141,6 +141,14 @@ #define ST_OK 0x00 #define ST_NOK 0xFF +// Protocol Data Unit (PDU) +// PDU Type +#define PDU_TYPE_COMMAND 0 +#define PDU_TYPE_REPLY 1 +// PDU User Flag +#define PDU_USER_FLAG_TRUE 1 +#define PDU_USER_FLAG_FALSE 0 + // Procedure Identification (PID) // Service Group - Key Management #define SG_KEY_MGMT 0x00 // 0b00 diff --git a/src/core/crypto.c b/src/core/crypto.c index dd3abad9..93606e4b 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -365,260 +365,298 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) // TODO: Break Switch statement into separate functions and remove return statement above switch (sdls_frame.pdu.type) { - case 0: // Command + case PDU_TYPE_COMMAND: switch (sdls_frame.pdu.uf) { - case 0: // CCSDS Defined Command + case PDU_USER_FLAG_FALSE: // CCSDS Defined Command switch (sdls_frame.pdu.sg) { case SG_KEY_MGMT: // Key Management Procedure - switch (sdls_frame.pdu.pid) - { - case PID_OTAR: + status = Crypto_SG_KEY_MGMT(ingest, tc_frame); + break; + case SG_SA_MGMT: // Security Association Management Procedure + status = Crypto_SG_SA_MGMT(ingest, tc_frame); + break; + case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure + status = Crypto_SEC_MON_CTRL(ingest); + break; + default: // ERROR #ifdef PDU_DEBUG - printf(KGRN "Key OTAR\n" RESET); + printf(KRED "Error: Crypto_PDU failed interpreting Service Group! \n" RESET); #endif - status = Crypto_Key_OTAR(); - break; - case PID_KEY_ACTIVATION: + break; + } + break; + + case PDU_USER_FLAG_TRUE: // User Defined Command + switch (sdls_frame.pdu.sg) + { + default: + status = Crypto_USER_DEFINED_CMD(ingest); + } + break; + } + break; + + case PDU_TYPE_REPLY: #ifdef PDU_DEBUG - printf(KGRN "Key Activate\n" RESET); + printf(KRED "Error: Crypto_PDU failed interpreting PDU Type! Received a Reply!?! \n" RESET); +#endif + break; + } + +#ifdef CCSDS_DEBUG + int x; + if ((status > 0) && (ingest != NULL)) + { + printf(KMAG "CCSDS message put on software bus: 0x" RESET); + for (x = 0; x < status; x++) + { + printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); + } + printf("\n"); + } #endif - status = Crypto_Key_update(KEY_ACTIVE); - break; - case PID_KEY_DEACTIVATION: + + return status; +} + +int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame) +{ + int status = CRYPTO_LIB_SUCCESS; + switch (sdls_frame.pdu.pid) + { + case PID_OTAR: #ifdef PDU_DEBUG - printf(KGRN "Key Deactivate\n" RESET); + printf(KGRN "Key OTAR\n" RESET); #endif - status = Crypto_Key_update(KEY_DEACTIVATED); - break; - case PID_KEY_VERIFICATION: + status = Crypto_Key_OTAR(); + break; + case PID_KEY_ACTIVATION: #ifdef PDU_DEBUG - printf(KGRN "Key Verify\n" RESET); + printf(KGRN "Key Activate\n" RESET); #endif - status = Crypto_Key_verify(ingest, tc_frame); - break; - case PID_KEY_DESTRUCTION: + status = Crypto_Key_update(KEY_ACTIVE); + break; + case PID_KEY_DEACTIVATION: #ifdef PDU_DEBUG - printf(KGRN "Key Destroy\n" RESET); + printf(KGRN "Key Deactivate\n" RESET); #endif - status = Crypto_Key_update(KEY_DESTROYED); - break; - case PID_KEY_INVENTORY: + status = Crypto_Key_update(KEY_DEACTIVATED); + break; + case PID_KEY_VERIFICATION: #ifdef PDU_DEBUG - printf(KGRN "Key Inventory\n" RESET); + printf(KGRN "Key Verify\n" RESET); #endif - status = Crypto_Key_inventory(ingest); - break; - default: - printf(KRED "Error: Crypto_PDU failed interpreting Key Management Procedure Identification Field! " - "\n" RESET); - break; - } - break; - case SG_SA_MGMT: // Security Association Management Procedure - switch (sdls_frame.pdu.pid) - { - case PID_CREATE_SA: + status = Crypto_Key_verify(ingest, tc_frame); + break; + case PID_KEY_DESTRUCTION: #ifdef PDU_DEBUG - printf(KGRN "SA Create\n" RESET); + printf(KGRN "Key Destroy\n" RESET); #endif - status = sa_if->sa_create(); - break; - case PID_DELETE_SA: + status = Crypto_Key_update(KEY_DESTROYED); + break; + case PID_KEY_INVENTORY: #ifdef PDU_DEBUG - printf(KGRN "SA Delete\n" RESET); + printf(KGRN "Key Inventory\n" RESET); #endif - status = sa_if->sa_delete(); - break; - case PID_SET_ARSNW: + status = Crypto_Key_inventory(ingest); + break; + default: #ifdef PDU_DEBUG - printf(KGRN "SA setARSNW\n" RESET); + printf(KRED "Error: Crypto_PDU failed interpreting Key Management Procedure Identification Field! \n" RESET); #endif - status = sa_if->sa_setARSNW(); - break; - case PID_REKEY_SA: + break; + } + return status; +} + +int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) +{ + int status = CRYPTO_LIB_SUCCESS; + switch (sdls_frame.pdu.pid) + { + case PID_CREATE_SA: #ifdef PDU_DEBUG - printf(KGRN "SA Rekey\n" RESET); + printf(KGRN "SA Create\n" RESET); #endif - status = sa_if->sa_rekey(); - break; - case PID_EXPIRE_SA: + status = sa_if->sa_create(); + break; + case PID_DELETE_SA: #ifdef PDU_DEBUG - printf(KGRN "SA Expire\n" RESET); + printf(KGRN "SA Delete\n" RESET); #endif - status = sa_if->sa_expire(); - break; - case PID_SET_ARSN: + status = sa_if->sa_delete(); + break; + case PID_SET_ARSNW: #ifdef PDU_DEBUG - printf(KGRN "SA SetARSN\n" RESET); + printf(KGRN "SA setARSNW\n" RESET); #endif - status = sa_if->sa_setARSN(); - break; - case PID_START_SA: + status = sa_if->sa_setARSNW(); + break; + case PID_REKEY_SA: #ifdef PDU_DEBUG - printf(KGRN "SA Start\n" RESET); + printf(KGRN "SA Rekey\n" RESET); #endif - status = sa_if->sa_start(tc_frame); - break; - case PID_STOP_SA: + status = sa_if->sa_rekey(); + break; + case PID_EXPIRE_SA: #ifdef PDU_DEBUG - printf(KGRN "SA Stop\n" RESET); + printf(KGRN "SA Expire\n" RESET); #endif - status = sa_if->sa_stop(); - break; - case PID_READ_ARSN: + status = sa_if->sa_expire(); + break; + case PID_SET_ARSN: #ifdef PDU_DEBUG - printf(KGRN "SA readARSN\n" RESET); + printf(KGRN "SA SetARSN\n" RESET); #endif - status = Crypto_SA_readARSN(ingest); - break; - case PID_SA_STATUS: + status = sa_if->sa_setARSN(); + break; + case PID_START_SA: #ifdef PDU_DEBUG - printf(KGRN "SA Status\n" RESET); + printf(KGRN "SA Start\n" RESET); #endif - status = sa_if->sa_status(ingest); - break; - default: - printf(KRED "Error: Crypto_PDU failed interpreting SA Procedure Identification Field! \n" RESET); - break; - } - break; - case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure - switch (sdls_frame.pdu.pid) - { - case PID_PING: + status = sa_if->sa_start(tc_frame); + break; + case PID_STOP_SA: #ifdef PDU_DEBUG - printf(KGRN "MC Ping\n" RESET); + printf(KGRN "SA Stop\n" RESET); #endif - status = Crypto_MC_ping(ingest); - break; - case PID_LOG_STATUS: + status = sa_if->sa_stop(); + break; + case PID_READ_ARSN: #ifdef PDU_DEBUG - printf(KGRN "MC Status\n" RESET); + printf(KGRN "SA readARSN\n" RESET); #endif - status = Crypto_MC_status(ingest); - break; - case PID_DUMP_LOG: + status = Crypto_SA_readARSN(ingest); + break; + case PID_SA_STATUS: #ifdef PDU_DEBUG - printf(KGRN "MC Dump\n" RESET); + printf(KGRN "SA Status\n" RESET); #endif - status = Crypto_MC_dump(ingest); - break; - case PID_ERASE_LOG: + status = sa_if->sa_status(ingest); + break; + default: #ifdef PDU_DEBUG - printf(KGRN "MC Erase\n" RESET); + printf(KRED "Error: Crypto_PDU failed interpreting SA Procedure Identification Field! \n" RESET); #endif - status = Crypto_MC_erase(ingest); - break; - case PID_SELF_TEST: + break; + } + return status; +} + +int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest) +{ + int status = CRYPTO_LIB_SUCCESS; + switch (sdls_frame.pdu.pid) + { + case PID_PING: #ifdef PDU_DEBUG - printf(KGRN "MC Selftest\n" RESET); + printf(KGRN "MC Ping\n" RESET); #endif - status = Crypto_MC_selftest(ingest); - break; - case PID_ALARM_FLAG: + status = Crypto_MC_ping(ingest); + break; + case PID_LOG_STATUS: #ifdef PDU_DEBUG - printf(KGRN "MC Reset Alarm\n" RESET); + printf(KGRN "MC Status\n" RESET); #endif - status = Crypto_MC_resetalarm(); - break; - default: - printf(KRED "Error: Crypto_PDU failed interpreting MC Procedure Identification Field! \n" RESET); - break; - } - break; - default: // ERROR - printf(KRED "Error: Crypto_PDU failed interpreting Service Group! \n" RESET); - break; - } + status = Crypto_MC_status(ingest); + break; + case PID_DUMP_LOG: +#ifdef PDU_DEBUG + printf(KGRN "MC Dump\n" RESET); +#endif + status = Crypto_MC_dump(ingest); break; + case PID_ERASE_LOG: +#ifdef PDU_DEBUG + printf(KGRN "MC Erase\n" RESET); +#endif + status = Crypto_MC_erase(ingest); + break; + case PID_SELF_TEST: +#ifdef PDU_DEBUG + printf(KGRN "MC Selftest\n" RESET); +#endif + status = Crypto_MC_selftest(ingest); + break; + case PID_ALARM_FLAG: +#ifdef PDU_DEBUG + printf(KGRN "MC Reset Alarm\n" RESET); +#endif + status = Crypto_MC_resetalarm(); + break; + default: +#ifdef PDU_DEBUG + printf(KRED "Error: Crypto_PDU failed interpreting MC Procedure Identification Field! \n" RESET); + break; +#endif + } + return status; +} - case 1: // User Defined Command - switch (sdls_frame.pdu.sg) - { - default: - switch (sdls_frame.pdu.pid) - { - case 0: // Idle Frame Trigger +int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest) +{ + int status = CRYPTO_LIB_SUCCESS; + switch (sdls_frame.pdu.pid) + { + case 0: // Idle Frame Trigger #ifdef PDU_DEBUG - printf(KMAG "User Idle Trigger\n" RESET); + printf(KMAG "User Idle Trigger\n" RESET); #endif - status = Crypto_User_IdleTrigger(ingest); - break; - case 1: // Toggle Bad SPI + status = Crypto_User_IdleTrigger(ingest); + break; + case 1: // Toggle Bad SPI #ifdef PDU_DEBUG - printf(KMAG "User Toggle Bad SPI\n" RESET); + printf(KMAG "User Toggle Bad SPI\n" RESET); #endif - status = Crypto_User_BadSPI(); - break; - case 2: // Toggle Bad IV + status = Crypto_User_BadSPI(); + break; + case 2: // Toggle Bad IV #ifdef PDU_DEBUG - printf(KMAG "User Toggle Bad IV\n" RESET); + printf(KMAG "User Toggle Bad IV\n" RESET); #endif - status = Crypto_User_BadIV(); - break; - case 3: // Toggle Bad MAC + status = Crypto_User_BadIV(); + break; + case 3: // Toggle Bad MAC #ifdef PDU_DEBUG - printf(KMAG "User Toggle Bad MAC\n" RESET); + printf(KMAG "User Toggle Bad MAC\n" RESET); #endif - status = Crypto_User_BadMAC(); - break; - case 4: // Toggle Bad FECF + status = Crypto_User_BadMAC(); + break; + case 4: // Toggle Bad FECF #ifdef PDU_DEBUG - printf(KMAG "User Toggle Bad FECF\n" RESET); + printf(KMAG "User Toggle Bad FECF\n" RESET); #endif - status = Crypto_User_BadFECF(); - break; - case 5: // Modify Key + status = Crypto_User_BadFECF(); + break; + case 5: // Modify Key #ifdef PDU_DEBUG - printf(KMAG "User Modify Key\n" RESET); + printf(KMAG "User Modify Key\n" RESET); #endif - status = Crypto_User_ModifyKey(); - break; - case 6: // Modify ActiveTM + status = Crypto_User_ModifyKey(); + break; + case 6: // Modify ActiveTM #ifdef PDU_DEBUG - printf(KMAG "User Modify Active TM\n" RESET); + printf(KMAG "User Modify Active TM\n" RESET); #endif - status = Crypto_User_ModifyActiveTM(); - break; - case 7: // Modify TM VCID + status = Crypto_User_ModifyActiveTM(); + break; + case 7: // Modify TM VCID #ifdef PDU_DEBUG - printf(KMAG "User Modify VCID\n" RESET); + printf(KMAG "User Modify VCID\n" RESET); #endif - status = Crypto_User_ModifyVCID(); - break; - default: - printf(KRED "Error: Crypto_PDU received user defined command! \n" RESET); - break; - } - } + status = Crypto_User_ModifyVCID(); break; - } - break; - - case 1: // Reply - printf(KRED "Error: Crypto_PDU failed interpreting PDU Type! Received a Reply!?! \n" RESET); - break; - } - -#ifdef CCSDS_DEBUG - int x; - if ((status > 0) && (ingest != NULL)) - { - printf(KMAG "CCSDS message put on software bus: 0x" RESET); - for (x = 0; x < status; x++) - { - printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); - } - printf("\n"); - } + default: +#ifdef PDU_DEBUG + printf(KRED "Error: Crypto_PDU received user defined command! \n" RESET); #endif - + break; + } return status; } - int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uint8_t vcid, GvcidManagedParameters_t* managed_parameters_in, GvcidManagedParameters_t* managed_parameters_out) From f467d238f8aa080942be9f6bca0fac266e2c83da Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 17:52:30 +0000 Subject: [PATCH 064/241] [nasa/cryptolib#325] fix codeql badge --- .github/workflows/codeql.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f1fb2586..5d365781 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -11,7 +11,8 @@ # name: "CodeQL Advanced" -on: +on: + push: [ dev ] pull_request: branches: [ main, dev ] From 11a9250e423e194f44434391365df847d7087b9f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 17:57:16 +0000 Subject: [PATCH 065/241] [nasa/cryptolib#325] fix codeql badge --- .github/workflows/codeql.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5d365781..bc9e3b35 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -12,7 +12,8 @@ name: "CodeQL Advanced" on: - push: [ dev ] + push: + branches: [ dev ] pull_request: branches: [ main, dev ] From 136e824715dbd35996eff512dba639cedbbef11f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 18:38:50 +0000 Subject: [PATCH 066/241] [nasa/cryptolib#316] Define magic numbers --- include/crypto_config.h | 24 +++++++- src/core/crypto.c | 120 ++++++++++++++++++++-------------------- 2 files changed, 84 insertions(+), 60 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 1b6812bb..498bf9ca 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -90,6 +90,17 @@ #define KEY_DESTROYED 3 #define KEY_CORRUPTED 4 +// Key Length Defines +// ECS +#define AES256_GCM 32 +#define AES256_GCM_SIV 32 +#define AES256_CBC 32 +#define AES256_CCM 32 +// ACS +#define CMAC_AES256 32 +#define HMAC_SHA256 32 +#define HMAC_SHA512 64 + // SA Service Types #define SA_PLAINTEXT 0 #define SA_AUTHENTICATION 1 @@ -119,6 +130,7 @@ #define PAD_SIZE 32 /* bytes */ #define CHALLENGE_SIZE 16 /* bytes */ #define CHALLENGE_MAC_SIZE 16 /* bytes */ +#define BYTE_LEN 8 /* bits */ // Monitoring and Control Defines #define EMV_SIZE 4 /* bytes */ @@ -134,7 +146,7 @@ #define PDU_USER_FLAG_TRUE 1 #define PDU_USER_FLAG_FALSE 0 -// Procedure Identification (PID) +// Procedure Identification (PID) - CCSDS Defined Commands // Service Group - Key Management #define SG_KEY_MGMT 0x00 // 0b00 #define PID_OTAR 0x01 // 0b0001 @@ -164,6 +176,16 @@ #define PID_SELF_TEST 0x05 // 0b0101 #define PID_ALARM_FLAG 0x07 // 0b0111 +// Procedure Identification (PID) - User Defined Commands +#define PID_IDLE_FRAME_TRIGGER 0 +#define PID_TOGGLE_BAD_SPI 1 +#define PID_TOGGLE_BAD_IV 2 +#define PID_TOGGLE_BAD_MAC 3 +#define PID_TOGGLE_BAD_FECF 4 +#define PID_MODIFY_KEY 5 +#define PID_MODIFY_ACTIVE_TM 6 +#define PID_MODIFY_VCID 7 + // TC Defines #define TC_SH_SIZE 8 /* bits */ #define TC_SN_SIZE 2 diff --git a/src/core/crypto.c b/src/core/crypto.c index 93606e4b..4584a678 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -56,8 +56,8 @@ uint8_t badIV = 0; uint8_t badMAC = 0; uint8_t badFECF = 0; // CRC -uint32_t crc32Table[256]; -uint16_t crc16Table[256]; +uint32_t crc32Table[CRC32TBL_SIZE]; +uint16_t crc16Table[CRC16TBL_SIZE]; /* ** Assisting Functions @@ -297,7 +297,7 @@ uint16_t Crypto_Calc_FECF(const uint8_t* ingest, int len_ingest) for (i = 0; i < len_ingest; i++) { // Byte Logic - for (j = 0; j < 8; j++) + for (j = 0; j < BYTE_LEN; j++) { // Bit Logic bit = ((ingest[i] >> (7 - j) & 1) == 1); c15 = ((fecf >> 15 & 1) == 1); @@ -338,7 +338,7 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) for (; size > 0; size--) { - crc = ((crc << 8) & 0xFF00) ^ crc16Table[(crc >> 8) ^ *data++]; + crc = ((crc << BYTE_LEN) & 0xFF00) ^ crc16Table[(crc >> BYTE_LEN) ^ *data++]; } return crc; @@ -356,68 +356,70 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) { int32_t status = CRYPTO_LIB_SUCCESS; + // Check null pointer if (tc_frame == NULL) { status = CRYPTO_LIB_ERR_NULL_BUFFER; - return status; } - // TODO: Break Switch statement into separate functions and remove return statement above - switch (sdls_frame.pdu.type) + + if (status == CRYPTO_LIB_SUCCESS) { - case PDU_TYPE_COMMAND: - switch (sdls_frame.pdu.uf) + switch (sdls_frame.pdu.type) { - case PDU_USER_FLAG_FALSE: // CCSDS Defined Command - switch (sdls_frame.pdu.sg) + case PDU_TYPE_COMMAND: + switch (sdls_frame.pdu.uf) { - case SG_KEY_MGMT: // Key Management Procedure - status = Crypto_SG_KEY_MGMT(ingest, tc_frame); - break; - case SG_SA_MGMT: // Security Association Management Procedure - status = Crypto_SG_SA_MGMT(ingest, tc_frame); - break; - case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure - status = Crypto_SEC_MON_CTRL(ingest); - break; - default: // ERROR + case PDU_USER_FLAG_FALSE: // CCSDS Defined Command + switch (sdls_frame.pdu.sg) + { + case SG_KEY_MGMT: // Key Management Procedure + status = Crypto_SG_KEY_MGMT(ingest, tc_frame); + break; + case SG_SA_MGMT: // Security Association Management Procedure + status = Crypto_SG_SA_MGMT(ingest, tc_frame); + break; + case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure + status = Crypto_SEC_MON_CTRL(ingest); + break; + default: // ERROR #ifdef PDU_DEBUG - printf(KRED "Error: Crypto_PDU failed interpreting Service Group! \n" RESET); + printf(KRED "Error: Crypto_PDU failed interpreting Service Group! \n" RESET); #endif + break; + } break; - } - break; - case PDU_USER_FLAG_TRUE: // User Defined Command - switch (sdls_frame.pdu.sg) - { - default: - status = Crypto_USER_DEFINED_CMD(ingest); + case PDU_USER_FLAG_TRUE: // User Defined Command + switch (sdls_frame.pdu.sg) + { + default: + status = Crypto_USER_DEFINED_CMD(ingest); + } + break; } break; - } - break; - case PDU_TYPE_REPLY: + case PDU_TYPE_REPLY: #ifdef PDU_DEBUG - printf(KRED "Error: Crypto_PDU failed interpreting PDU Type! Received a Reply!?! \n" RESET); + printf(KRED "Error: Crypto_PDU failed interpreting PDU Type! Received a Reply!?! \n" RESET); #endif - break; - } + break; + } #ifdef CCSDS_DEBUG - int x; - if ((status > 0) && (ingest != NULL)) - { - printf(KMAG "CCSDS message put on software bus: 0x" RESET); - for (x = 0; x < status; x++) + int x; + if ((status > 0) && (ingest != NULL)) { - printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); + printf(KMAG "CCSDS message put on software bus: 0x" RESET); + for (x = 0; x < status; x++) + { + printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); + } + printf("\n"); } - printf("\n"); - } #endif - + } return status; } @@ -600,49 +602,49 @@ int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest) int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.pid) { - case 0: // Idle Frame Trigger + case PID_IDLE_FRAME_TRIGGER: // Idle Frame Trigger #ifdef PDU_DEBUG printf(KMAG "User Idle Trigger\n" RESET); #endif status = Crypto_User_IdleTrigger(ingest); break; - case 1: // Toggle Bad SPI + case PID_TOGGLE_BAD_SPI: // Toggle Bad SPI #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad SPI\n" RESET); #endif status = Crypto_User_BadSPI(); break; - case 2: // Toggle Bad IV + case PID_TOGGLE_BAD_IV: // Toggle Bad IV #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad IV\n" RESET); #endif status = Crypto_User_BadIV(); break; - case 3: // Toggle Bad MAC + case PID_TOGGLE_BAD_MAC: // Toggle Bad MAC #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad MAC\n" RESET); #endif status = Crypto_User_BadMAC(); break; - case 4: // Toggle Bad FECF + case PID_TOGGLE_BAD_FECF: // Toggle Bad FECF #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad FECF\n" RESET); #endif status = Crypto_User_BadFECF(); break; - case 5: // Modify Key + case PID_MODIFY_KEY: // Modify Key #ifdef PDU_DEBUG printf(KMAG "User Modify Key\n" RESET); #endif status = Crypto_User_ModifyKey(); break; - case 6: // Modify ActiveTM + case PID_MODIFY_ACTIVE_TM: // Modify ActiveTM #ifdef PDU_DEBUG printf(KMAG "User Modify Active TM\n" RESET); #endif status = Crypto_User_ModifyActiveTM(); break; - case 7: // Modify TM VCID + case PID_MODIFY_VCID: // Modify TM VCID #ifdef PDU_DEBUG printf(KMAG "User Modify VCID\n" RESET); #endif @@ -985,16 +987,16 @@ int32_t Crypto_Get_ECS_Algo_Keylen(uint8_t algo) switch (algo) { case CRYPTO_CIPHER_AES256_GCM: - retval = 32; + retval = AES256_GCM_KEYLEN; break; case CRYPTO_CIPHER_AES256_GCM_SIV: - retval = 32; + retval = AES256_GCM_SIV_KEYLEN; break; case CRYPTO_CIPHER_AES256_CBC: - retval = 32; + retval = AES256_CBC_KEYLEN; break; case CRYPTO_CIPHER_AES256_CCM: - retval = 32; + retval = AES256_CCM_KEYLEN; break; default: break; @@ -1015,13 +1017,13 @@ int32_t Crypto_Get_ACS_Algo_Keylen(uint8_t algo) switch (algo) { case CRYPTO_MAC_CMAC_AES256: - retval = 32; + retval = CMAC_AES256_KEYLEN; break; case CRYPTO_MAC_HMAC_SHA256: - retval = 32; + retval = HMAC_SHA256_KEYLEN; break; case CRYPTO_MAC_HMAC_SHA512: - retval = 64; + retval = HMAC_SHA512_KEYLEN; break; default: break; From fc5af0b668ec1116dbf95e66de2a2fca5c447582 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 18:41:06 +0000 Subject: [PATCH 067/241] [nasa/cryptolib#316] Add missing defines --- include/crypto_config.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 498bf9ca..34c26d85 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -92,14 +92,14 @@ // Key Length Defines // ECS -#define AES256_GCM 32 -#define AES256_GCM_SIV 32 -#define AES256_CBC 32 -#define AES256_CCM 32 +#define AES256_GCM_KEYLEN 32 +#define AES256_GCM_SIV_KEYLEN 32 +#define AES256_CBC_KEYLEN 32 +#define AES256_CCM_KEYLEN 32 // ACS -#define CMAC_AES256 32 -#define HMAC_SHA256 32 -#define HMAC_SHA512 64 +#define CMAC_AES256_KEYLEN 32 +#define HMAC_SHA256_KEYLEN 32 +#define HMAC_SHA512_KEYLEN 64 // SA Service Types #define SA_PLAINTEXT 0 From ba2f99eb7d729faba57a1bf346d6efbcc6592be3 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Sep 2024 19:06:25 +0000 Subject: [PATCH 068/241] [nasa/cryptolib#316] Added a few comments --- src/core/crypto.c | 70 +++++++++++++++++++++++++++++++++++++---------- 1 file changed, 56 insertions(+), 14 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 4584a678..3181a39a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -93,15 +93,12 @@ void clean_akref(SecurityAssociation_t* sa) * @brief Function: Crypto_Is_AEAD_Algorithm * Looks up cipher suite ID and determines if it's an AEAD algorithm. Returns 1 if true, 0 if false; * @param cipher_suite_id: uint32 + * @return int: Success/Failure **/ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) { - // CryptoLib only supports AES-GCM, which is an AEAD (Authenticated Encryption with Associated Data) algorithm, so - // return true/1. - int status = CRYPTO_FALSE; - // TODO - Add cipher suite mapping to which algorithms are AEAD and which are not. if ((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC) || (cipher_suite_id == CRYPTO_CIPHER_AES256_GCM_SIV)) { #ifdef DEBUG @@ -395,6 +392,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) { default: status = Crypto_USER_DEFINED_CMD(ingest); + break; } break; } @@ -423,6 +421,13 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) return status; } +/** + * @brief Function: Crypto_SG_KEY_MGMT + * Parses Key Management Procedure from PID + * @param ingest: uint8_t* + * @param tc_frame: TC_t* + * @return int32: Success/Failure + **/ int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame) { int status = CRYPTO_LIB_SUCCESS; @@ -473,6 +478,13 @@ int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame) return status; } +/** + * @brief Function: Crypto_SG_SA_MGMT + * Parses SA Management Procedure from PID + * @param ingest: uint8_t* + * @param tc_frame: TC_t* + * @return int32: Success/Failure + **/ int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) { int status = CRYPTO_LIB_SUCCESS; @@ -547,6 +559,12 @@ int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) return status; } +/** + * @brief Function: Crypto_SEC_MON_CTRL + * Parses MC Procedure from PID + * @param ingest: uint8_t* + * @return int32: Success/Failure + **/ int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest) { int status = CRYPTO_LIB_SUCCESS; @@ -597,54 +615,60 @@ int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest) return status; } +/** + * @brief Function: Crypto_USER_DEFINED_CMD + * Parses User Defined Procedure from PID + * @param ingest: uint8_t* + * @return int32: Success/Failure + **/ int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.pid) { - case PID_IDLE_FRAME_TRIGGER: // Idle Frame Trigger + case PID_IDLE_FRAME_TRIGGER: #ifdef PDU_DEBUG printf(KMAG "User Idle Trigger\n" RESET); #endif status = Crypto_User_IdleTrigger(ingest); break; - case PID_TOGGLE_BAD_SPI: // Toggle Bad SPI + case PID_TOGGLE_BAD_SPI: #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad SPI\n" RESET); #endif status = Crypto_User_BadSPI(); break; - case PID_TOGGLE_BAD_IV: // Toggle Bad IV + case PID_TOGGLE_BAD_IV: #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad IV\n" RESET); #endif status = Crypto_User_BadIV(); break; - case PID_TOGGLE_BAD_MAC: // Toggle Bad MAC + case PID_TOGGLE_BAD_MAC: #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad MAC\n" RESET); #endif status = Crypto_User_BadMAC(); break; - case PID_TOGGLE_BAD_FECF: // Toggle Bad FECF + case PID_TOGGLE_BAD_FECF: #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad FECF\n" RESET); #endif status = Crypto_User_BadFECF(); break; - case PID_MODIFY_KEY: // Modify Key + case PID_MODIFY_KEY: #ifdef PDU_DEBUG printf(KMAG "User Modify Key\n" RESET); #endif status = Crypto_User_ModifyKey(); break; - case PID_MODIFY_ACTIVE_TM: // Modify ActiveTM + case PID_MODIFY_ACTIVE_TM: #ifdef PDU_DEBUG printf(KMAG "User Modify Active TM\n" RESET); #endif status = Crypto_User_ModifyActiveTM(); break; - case PID_MODIFY_VCID: // Modify TM VCID + case PID_MODIFY_VCID: #ifdef PDU_DEBUG printf(KMAG "User Modify VCID\n" RESET); #endif @@ -659,6 +683,15 @@ int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest) return status; } +/** + * @brief Function: Crypto_Process_Extended_Procedure_Pdu + * @param tfvn: uint8_t + * @param scid: uint16_t + * @param vcid: uint8_t + * @param managed_parameters_in: GvcidManagedParameters_t* + * @param managed_parameters_out: GvcidManagedParameters_t* + * @return int32: Success/Failure + **/ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uint8_t vcid, GvcidManagedParameters_t* managed_parameters_in, GvcidManagedParameters_t* managed_parameters_out) @@ -684,8 +717,10 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin if(status != CRYPTO_LIB_SUCCESS) { +#ifdef DEBUG printf(KRED "Error: Managed Parameters for GVCID(TFVN: %d, SCID: %d, VCID: %d) not found. \n" RESET, tfvn, scid, vcid); +#endif } } return status; @@ -695,6 +730,7 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin * @brief Function: Crypto_Process_Extended_Procedure_Pdu * @param tc_sdls_processed_frame: TC_t* * @param ingest: uint8_t* + * @return int32: Success/Failure * @note TODO - Actually update based on variable config **/ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uint8_t* ingest) @@ -796,6 +832,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin * @param sa_ptr: SecurityAssociation_t* * @param arsn: uint8_t* * @param iv: uint8_t* + * @return int32: Success/Failure **/ int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t* sa_ptr, uint8_t* arsn, uint8_t* iv) { @@ -824,6 +861,7 @@ int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t* sa_ptr, * @param sa_ptr: SecurityAssociation_t* * @param arsn: uint8_t* * @param arsn_valid: uint8_t* + * @return int32: Success/Failure **/ int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* arsn, int8_t* arsn_valid) { @@ -873,6 +911,7 @@ int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* a * @param sa_ptr: SecurityAssociation_t* * @param iv: uint8_t* * @param iv_valid: uint8_t* + * @return int32: Success/Failure **/ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, int8_t* iv_valid) { @@ -922,6 +961,7 @@ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, * @param sa_ptr: SecurityAssociation_t* * @param arsn: uint8_t* * @param iv: uint8_t* + * @return int32: Success/Failure **/ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t* sa_ptr, uint8_t* arsn, uint8_t* iv) { @@ -977,8 +1017,9 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t* sa_ptr, uint8_t* arsn, u /** * @brief: Function: Crypto_Get_ECS_Algo_Keylen -* For a given algorithm, return the associated key length in bytes +* For a given ECS algorithm, return the associated key length in bytes * @param algo: uint8_t +* @return int32: Key Length **/ int32_t Crypto_Get_ECS_Algo_Keylen(uint8_t algo) { @@ -1007,8 +1048,9 @@ int32_t Crypto_Get_ECS_Algo_Keylen(uint8_t algo) /** * @brief: Function: Crypto_Get_ACS_Algo_Keylen -* For a given algorithm, return the associated key length in bytes +* For a given ACS algorithm, return the associated key length in bytes * @param algo: uint8_t +* @return int32: Key Length **/ int32_t Crypto_Get_ACS_Algo_Keylen(uint8_t algo) { From 3083470cbb44ab0130738a180626003b75b1bd1e Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 20 Sep 2024 17:48:05 +0000 Subject: [PATCH 069/241] [nasa/cryptolib#316] Removed a todo, added a few comments --- src/core/crypto.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 3181a39a..e0bad4e5 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -99,6 +99,7 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) { int status = CRYPTO_FALSE; + // Determine if AEAD Algorithm if ((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC) || (cipher_suite_id == CRYPTO_CIPHER_AES256_GCM_SIV)) { #ifdef DEBUG @@ -116,7 +117,6 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) return status; } -// TODO - Review this. Not sure it quite works how we think /** * @brief Function: Crypto_increment * Increments the bytes within a uint8_t array @@ -286,7 +286,7 @@ uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID) uint16_t Crypto_Calc_FECF(const uint8_t* ingest, int len_ingest) { uint16_t fecf = 0xFFFF; - uint16_t poly = 0x1021; // TODO: This polynomial is (CRC-CCITT) for ESA testing, may not match standard protocol + uint16_t poly = 0x1021; // This polynomial is (CRC-CCITT) for ESA testing, may not match standard protocol uint8_t bit; uint8_t c15; int i; @@ -346,6 +346,7 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) */ /** * @brief Function: Crypto_PDU + * Parses PDU and directs to other function based on type/flags/sg * @param ingest: uint8_t* * @param tc_frame: TC_t* * @return int32: Success/Failure From ef050adc84b3822d265bc35bb87e97a202f143a3 Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Fri, 20 Sep 2024 18:17:45 +0000 Subject: [PATCH 070/241] [nasa/cryptolib#314] Update TC_FRAME_DATA_SIZE to be within bounds, and proper comments --- include/crypto_config.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index f942832b..26608804 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -158,7 +158,7 @@ #define TC_SH_SIZE 8 /* bits */ #define TC_SN_SIZE 2 #define TC_SN_WINDOW 10 /* +/- value */ -#define TC_FRAME_DATA_SIZE 1740 /* bytes */ +#define TC_FRAME_DATA_SIZE 1019 /* bytes */ // 1024 - 5byte header // CCSDS PUS Defines #define TLV_DATA_SIZE 494 /* bytes */ From efda55773db949135aa5b341a896eea690067058 Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Fri, 20 Sep 2024 18:20:11 +0000 Subject: [PATCH 071/241] [nasa/cryptolib#314] Remove Magic Numbers, Update Defines --- include/crypto_config.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 26608804..3ab012d5 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -159,6 +159,7 @@ #define TC_SN_SIZE 2 #define TC_SN_WINDOW 10 /* +/- value */ #define TC_FRAME_DATA_SIZE 1019 /* bytes */ // 1024 - 5byte header +#define TC_CADU_BYTES 4 // CCSDS PUS Defines #define TLV_DATA_SIZE 494 /* bytes */ @@ -181,7 +182,7 @@ #define TM_CADU_HAS_ASM 1 // Skip 0x1acffc1d at beginning of each frame // TM CADU based on ASM, currently only holds non-turbo ASM #ifdef TM_CADU_HAS_ASM - #define TM_CADU_SIZE (TM_FRAME_DATA_SIZE + 6) + #define TM_CADU_SIZE (TM_FRAME_DATA_SIZE + TC_CADU_BYTES) #else #define TM_CADU_SIZE TM_FRAME_DATA_SIZE #endif From 5ac6884da3ae4b898bfd51a48d1d150d26bee5aa Mon Sep 17 00:00:00 2001 From: rjbrown2 Date: Fri, 20 Sep 2024 18:26:14 +0000 Subject: [PATCH 072/241] [nasa/cryptolib#314] Update Define to more descriptive name --- include/crypto_config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 3ab012d5..5a7036ea 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -159,7 +159,7 @@ #define TC_SN_SIZE 2 #define TC_SN_WINDOW 10 /* +/- value */ #define TC_FRAME_DATA_SIZE 1019 /* bytes */ // 1024 - 5byte header -#define TC_CADU_BYTES 4 +#define TC_CADU_ASM_SIZE 4 // CCSDS PUS Defines #define TLV_DATA_SIZE 494 /* bytes */ @@ -182,7 +182,7 @@ #define TM_CADU_HAS_ASM 1 // Skip 0x1acffc1d at beginning of each frame // TM CADU based on ASM, currently only holds non-turbo ASM #ifdef TM_CADU_HAS_ASM - #define TM_CADU_SIZE (TM_FRAME_DATA_SIZE + TC_CADU_BYTES) + #define TM_CADU_SIZE (TM_FRAME_DATA_SIZE + TC_CADU_ASM_SIZE) #else #define TM_CADU_SIZE TM_FRAME_DATA_SIZE #endif From ed00c0e0df04983fda619860fe853e2853d959bf Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 17:45:16 +0000 Subject: [PATCH 073/241] [nasa/cryptolib#316] Check IV length <= IV max size --- src/core/crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index e0bad4e5..d5e383ca 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -917,7 +917,7 @@ int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* a int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, int8_t* iv_valid) { int32_t status = CRYPTO_LIB_SUCCESS; - if ((sa_ptr->iv_len > 0) && (sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM)) + if ((sa_ptr->iv_len > 0) && (sa_ptr->iv_len <= IV_SIZE) && (sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM)) { // Check IV is in ARSNW if(crypto_config.crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) From 1a34fbf74a4b0e9712be579fc2900a7dd65b8653 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 17:56:59 +0000 Subject: [PATCH 074/241] [nasa/cryptolib#316] Added status/error for invalid IV length --- include/crypto_error.h | 1 + src/core/crypto.c | 68 +++++++++++++++++++++++------------------- 2 files changed, 39 insertions(+), 30 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 6f4e5555..72ae16d0 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -128,6 +128,7 @@ #define CRYPTO_LIB_ERR_KEY_VALIDATION (-55) #define CRYPTO_LIB_ERR_SPI_INDEX_OOB (-56) #define CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL (-57) +#define CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH (-58) // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 diff --git a/src/core/crypto.c b/src/core/crypto.c index d5e383ca..6182aed8 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -917,40 +917,48 @@ int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* a int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, int8_t* iv_valid) { int32_t status = CRYPTO_LIB_SUCCESS; - if ((sa_ptr->iv_len > 0) && (sa_ptr->iv_len <= IV_SIZE) && (sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM)) + if ((sa_ptr->iv_len > 0) && (sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM)) { - // Check IV is in ARSNW - if(crypto_config.crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) + // Check IV Length + if (sa_ptr->iv_len > IV_SIZE) { - status = Crypto_window(iv, sa_ptr->iv, sa_ptr->iv_len, sa_ptr->arsnw); + status = CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH; } - else // SA_INCREMENT_NONTRANSMITTED_IV_FALSE + if (status == CRYPTO_LIB_SUCCESS) { - // Whole IV gets checked in MAC validation previously, this only verifies transmitted portion is what we expect. - status = Crypto_window(iv, sa_ptr->iv + (sa_ptr->iv_len - sa_ptr->shivf_len), sa_ptr->shivf_len, sa_ptr->arsnw); - } -#ifdef DEBUG - printf("Received IV is\n\t"); - for (int i = 0; i < sa_ptr->iv_len; i++) - { - printf("%02x", *(iv + i)); - } - printf("\nSA IV is\n\t"); - for (int i = 0; i < sa_ptr->iv_len; i++) - { - printf("%02x", *(sa_ptr->iv + i)); - } - printf("\nARSNW is: %d\n", sa_ptr->arsnw); - printf("Crypto_Window return status is: %d\n", status); -#endif - if (status != CRYPTO_LIB_SUCCESS) - { - return CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW; - } - // Valid IV received, increment stored value - else - { - *iv_valid = CRYPTO_TRUE; + // Check IV is in ARSNW + if(crypto_config.crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) + { + status = Crypto_window(iv, sa_ptr->iv, sa_ptr->iv_len, sa_ptr->arsnw); + } + else // SA_INCREMENT_NONTRANSMITTED_IV_FALSE + { + // Whole IV gets checked in MAC validation previously, this only verifies transmitted portion is what we expect. + status = Crypto_window(iv, sa_ptr->iv + (sa_ptr->iv_len - sa_ptr->shivf_len), sa_ptr->shivf_len, sa_ptr->arsnw); + } + #ifdef DEBUG + printf("Received IV is\n\t"); + for (int i = 0; i < sa_ptr->iv_len; i++) + { + printf("%02x", *(iv + i)); + } + printf("\nSA IV is\n\t"); + for (int i = 0; i < sa_ptr->iv_len; i++) + { + printf("%02x", *(sa_ptr->iv + i)); + } + printf("\nARSNW is: %d\n", sa_ptr->arsnw); + printf("Crypto_Window return status is: %d\n", status); + #endif + if (status != CRYPTO_LIB_SUCCESS) + { + return CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW; + } + // Valid IV received, increment stored value + else + { + *iv_valid = CRYPTO_TRUE; + } } } return status; From 17d6806e38c8e0381d6faaf393f59835e943e666 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 18:00:10 +0000 Subject: [PATCH 075/241] [nasa/cryptolib#316] Fix Debug print statement tabbing --- src/core/crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 6182aed8..7368bedf 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -936,7 +936,7 @@ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, // Whole IV gets checked in MAC validation previously, this only verifies transmitted portion is what we expect. status = Crypto_window(iv, sa_ptr->iv + (sa_ptr->iv_len - sa_ptr->shivf_len), sa_ptr->shivf_len, sa_ptr->arsnw); } - #ifdef DEBUG +#ifdef DEBUG printf("Received IV is\n\t"); for (int i = 0; i < sa_ptr->iv_len; i++) { @@ -949,7 +949,7 @@ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, } printf("\nARSNW is: %d\n", sa_ptr->arsnw); printf("Crypto_Window return status is: %d\n", status); - #endif +#endif if (status != CRYPTO_LIB_SUCCESS) { return CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW; From 6937e92cf47e13a82652bfb3943c8e92baa97f49 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 18:43:57 +0000 Subject: [PATCH 076/241] [nasa/cryptolib#299] Turn on thread-comments --- .github/workflows/cpp-linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 390f6c45..4e8eca89 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -17,7 +17,7 @@ jobs: continue-on-error: true with: files-changed-only: false - thread-comments: false + thread-comments: true - name: Fail fast?! if: steps.linter.outputs.checks-failed != 0 From bf3a4158a714bffa775a03e19dc851ac6586f5d7 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 18:45:35 +0000 Subject: [PATCH 077/241] [nasa/cryptolib#299] Turn off fail-fast --- .github/workflows/cpp-linter.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 4e8eca89..9289506d 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -18,7 +18,3 @@ jobs: with: files-changed-only: false thread-comments: true - - - name: Fail fast?! - if: steps.linter.outputs.checks-failed != 0 - run: exit 1 \ No newline at end of file From e72389e33cabb29c6e57a8da04554435f0f6d10c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 18:51:03 +0000 Subject: [PATCH 078/241] [nasa/cryptolib#299] Turn on read/write permissions --- .github/workflows/cpp-linter.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 9289506d..c9fff208 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -9,6 +9,9 @@ on: jobs: cpp-linter: + permissions: + metadata: read + contents: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 From ffd4b621da810648301991ad8b527d2ae0e5ce86 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 18:52:54 +0000 Subject: [PATCH 079/241] [nasa/cryptolib#299] Move permissions tag --- .github/workflows/cpp-linter.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index c9fff208..b9f8d27d 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -3,15 +3,18 @@ name: cpp-linter on: push: branches: [ main, dev, 299-setup-code-formatter ] + permissions: + metadata: read + contents: write pull_request: branches: [ main, dev ] + permissions: + metadata: read + contents: write jobs: cpp-linter: - permissions: - metadata: read - contents: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 From cf26c083d51eabb2a4a7d0255b05631fe41ca14c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 18:59:26 +0000 Subject: [PATCH 080/241] [nasa/cryptolib#299] Move permissions tag --- .github/workflows/cpp-linter.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index b9f8d27d..3ce5c74a 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -1,17 +1,15 @@ name: cpp-linter +permissions: + metadata: read + contents: write + pull-requests: write + on: push: branches: [ main, dev, 299-setup-code-formatter ] - permissions: - metadata: read - contents: write pull_request: branches: [ main, dev ] - permissions: - metadata: read - contents: write - jobs: cpp-linter: @@ -23,4 +21,4 @@ jobs: continue-on-error: true with: files-changed-only: false - thread-comments: true + thread-comments: update From bd30b4c64f9f0a89fd23af2a88ef7ae349f7c561 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 19:11:27 +0000 Subject: [PATCH 081/241] [nasa/cryptolib#299] Add .clang-format file --- .clang-format | 65 ++++++++++++++++++++++++++++++++ .github/workflows/cpp-linter.yml | 11 +++--- 2 files changed, 70 insertions(+), 6 deletions(-) create mode 100644 .clang-format diff --git a/.clang-format b/.clang-format new file mode 100644 index 00000000..8408b3bd --- /dev/null +++ b/.clang-format @@ -0,0 +1,65 @@ +--- +Language: Cpp +AccessModifierOffset: -4 +AlignAfterOpenBracket: Align +AlignConsecutiveAssignments: true +AlignConsecutiveDeclarations: true +AlignConsecutiveMacros: true +AlignEscapedNewlines: Left +AlignOperands: true +AlignTrailingComments: true +AllowAllParametersOfDeclarationOnNextLine: true +AllowShortBlocksOnASingleLine: Empty +AllowShortCaseLabelsOnASingleLine: false +AllowShortFunctionsOnASingleLine: Empty +AllowShortIfStatementsOnASingleLine: false +AllowShortLoopsOnASingleLine: false +AlwaysBreakAfterReturnType: None +AlwaysBreakBeforeMultilineStrings: false +BinPackArguments: true +BinPackParameters: true +BreakBeforeBinaryOperators: None +BreakBeforeBraces: Allman +BreakBeforeTernaryOperators: true +BreakStringLiterals: true +ColumnLimit: 120 +CommentPragmas: '' +ContinuationIndentWidth: 4 +Cpp11BracedListStyle: true +DerivePointerAlignment: false +DisableFormat: false +ExperimentalAutoDetectBinPacking: false +ForEachMacros: [] +IncludeBlocks: Preserve +IncludeCategories: [] +IncludeIsMainRegex: '$' +IndentCaseLabels: true +IndentPPDirectives: None +IndentWidth: 4 +KeepEmptyLinesAtTheStartOfBlocks: true +MacroBlockBegin: '' +MacroBlockEnd: '' +MaxEmptyLinesToKeep: 1 +PenaltyBreakAssignment: 2 +PenaltyBreakBeforeFirstCallParameter: 19 +PenaltyBreakComment: 300 +PenaltyBreakFirstLessLess: 120 +PenaltyBreakString: 1000 +PenaltyExcessCharacter: 1000000 +PenaltyReturnTypeOnItsOwnLine: 60 +PointerAlignment: Right +ReflowComments: true +SortIncludes: false +SpaceAfterCStyleCast: false +SpaceBeforeAssignmentOperators: true +SpaceBeforeParens: ControlStatements +SpaceInEmptyParentheses: false +SpaceBeforeCpp11BracedList: true +SpacesBeforeTrailingComments: 1 +SpacesInCStyleCastParentheses: false +SpacesInParentheses: false +SpacesInSquareBrackets: false +Standard: c++11 +TabWidth: 8 +UseTab: Never +... \ No newline at end of file diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 3ce5c74a..bbc4cd13 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -1,10 +1,5 @@ name: cpp-linter -permissions: - metadata: read - contents: write - pull-requests: write - on: push: branches: [ main, dev, 299-setup-code-formatter ] @@ -13,6 +8,9 @@ on: jobs: cpp-linter: + permissions: + pull-requests: write + contents: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -20,5 +18,6 @@ jobs: id: linter continue-on-error: true with: + style: 'file' files-changed-only: false - thread-comments: update + thread-comments: true From c5d4674dd214f26049631f4e286f26783a54f816 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 19:19:36 +0000 Subject: [PATCH 082/241] [nasa/cryptolib#299] Modify .clang-format file --- .clang-format | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.clang-format b/.clang-format index 8408b3bd..bca306f1 100644 --- a/.clang-format +++ b/.clang-format @@ -1,5 +1,5 @@ --- -Language: Cpp +Language: C AccessModifierOffset: -4 AlignAfterOpenBracket: Align AlignConsecutiveAssignments: true @@ -62,4 +62,6 @@ SpacesInSquareBrackets: false Standard: c++11 TabWidth: 8 UseTab: Never +IncludeDirs: + - ./include ... \ No newline at end of file From a0e168157c8f148756d2f049a7d7201d97c3a29d Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 20:09:25 +0000 Subject: [PATCH 083/241] [nasa/cryptolib#299] Add format/tidy review --- .clang-format | 3 ++- .github/workflows/cpp-linter.yml | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.clang-format b/.clang-format index bca306f1..4e131b5d 100644 --- a/.clang-format +++ b/.clang-format @@ -1,5 +1,5 @@ --- -Language: C +Language: Cpp AccessModifierOffset: -4 AlignAfterOpenBracket: Align AlignConsecutiveAssignments: true @@ -64,4 +64,5 @@ TabWidth: 8 UseTab: Never IncludeDirs: - ./include + - ./test/include ... \ No newline at end of file diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index bbc4cd13..62975fbc 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -11,6 +11,7 @@ jobs: permissions: pull-requests: write contents: write + metadata: read runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -21,3 +22,5 @@ jobs: style: 'file' files-changed-only: false thread-comments: true + format-review: true + tidy-review: true From 14355fc04dae252c3bb0787e849d4c97a978afa1 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 20:10:53 +0000 Subject: [PATCH 084/241] [nasa/cryptolib#299] Remove metadata permission --- .github/workflows/cpp-linter.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 62975fbc..28008d90 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -11,7 +11,6 @@ jobs: permissions: pull-requests: write contents: write - metadata: read runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 From 9ae68996ca76cae571335cde6f3fb1825d489f9b Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 20:22:36 +0000 Subject: [PATCH 085/241] [nasa/cryptolib#299] Remove style --- .github/workflows/cpp-linter.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 28008d90..c91c44b2 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -18,7 +18,6 @@ jobs: id: linter continue-on-error: true with: - style: 'file' files-changed-only: false thread-comments: true format-review: true From b5ce0d6c934516814dfe4088d42fb01926fd751c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 20:34:43 +0000 Subject: [PATCH 086/241] [nasa/cryptolib#299] Re-add style and remove tidy-review --- .clang-format | 1 + .github/workflows/cpp-linter.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.clang-format b/.clang-format index 4e131b5d..f4dc1dbb 100644 --- a/.clang-format +++ b/.clang-format @@ -63,6 +63,7 @@ Standard: c++11 TabWidth: 8 UseTab: Never IncludeDirs: + - ./ - ./include - ./test/include ... \ No newline at end of file diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index c91c44b2..93eb6a2a 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -18,7 +18,7 @@ jobs: id: linter continue-on-error: true with: + style: 'file' files-changed-only: false thread-comments: true format-review: true - tidy-review: true From 78a2b42703736971d871d8f87acfb20ace914d9c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 20:38:03 +0000 Subject: [PATCH 087/241] [nasa/cryptolib#299] Try new style name --- .github/workflows/cpp-linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 93eb6a2a..dd6964ed 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -18,7 +18,7 @@ jobs: id: linter continue-on-error: true with: - style: 'file' + style: '.clang-format' files-changed-only: false thread-comments: true format-review: true From 80a5744c0a2916a2f19c4d6eed201c7d60e4ad88 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 20:43:04 +0000 Subject: [PATCH 088/241] [nasa/cryptolib#299] Try new style name --- .github/workflows/cpp-linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index dd6964ed..8dbd1335 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -18,7 +18,7 @@ jobs: id: linter continue-on-error: true with: - style: '.clang-format' + style: './.clang-format' files-changed-only: false thread-comments: true format-review: true From 69930c5061aa05074edd380cca61f899b00ed86f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 23 Sep 2024 20:47:06 +0000 Subject: [PATCH 089/241] [nasa/cryptolib#299] Try new style name --- .github/workflows/cpp-linter.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 8dbd1335..32483522 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -1,8 +1,6 @@ name: cpp-linter on: - push: - branches: [ main, dev, 299-setup-code-formatter ] pull_request: branches: [ main, dev ] @@ -18,7 +16,7 @@ jobs: id: linter continue-on-error: true with: - style: './.clang-format' + style: 'file' files-changed-only: false thread-comments: true - format-review: true + tidy-review: true From 2789b7a56d0eb01073953ad88a95a28e83c941db Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 24 Sep 2024 21:08:10 +0000 Subject: [PATCH 090/241] [nasa/cryptolib#147] Added SDLS_KEYV defines --- include/crypto_config.h | 5 +++++ include/crypto_structs.h | 4 ++-- src/core/crypto_key_mgmt.c | 11 ++++++----- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 7ae23b8a..ca4d63ac 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -185,6 +185,11 @@ #define AOS_FRAME_DATA_SIZE 1786 /* bytes */ #define AOS_FILL_SIZE 1145 /* bytes */ +// SDLS Behavior Defines +#define SDLS_KEYV_MAX_KEYS 21 /* keys */ +#define SDLS_KEYV_IV_LEN 12 /* bytes */ +#define SDLS_KEYV_KEY_ID_LEN 2 /* bytes */ + // TC Behavior Defines #define TC_SDLS_EP_VCID \ 4 // VCID which has SDLS PDUs (JPL uses VCIDs to determine TC type, there is no space packet layer with APIDs). Set diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 00654bb0..65111bff 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -155,7 +155,7 @@ typedef struct typedef struct { - SDLS_KEYV_CMD_BLK_t blk[29]; // Key Verification Command Block + SDLS_KEYV_CMD_BLK_t blk[SDLS_KEYV_MAX_KEYS]; // Key Verification Command Block } SDLS_KEYV_CMD_t; #define SDLS_KEYV_CMD_SIZE (sizeof(SDLS_KEYV_CMD_t)) @@ -170,7 +170,7 @@ typedef struct typedef struct { - SDLS_KEYV_RPLY_BLK_t blk[29]; // Key Verification Reply Block + SDLS_KEYV_RPLY_BLK_t blk[SDLS_KEYV_MAX_KEYS]; // Key Verification Reply Block } SDLS_KEYV_RPLY_t; #define SDLS_KEYV_RPLY_SIZE (sizeof(SDLS_KEYV_RPLY_t)) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 7ee183a8..6c7146de 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -390,8 +390,9 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) } // Prepare for Reply - sdls_frame.pdu.pdu_len = pdu_keys * (2 + 12 + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE); - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_frame.pdu.pdu_len = pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_KEYV_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE); + // length = pdu_len + HDR + PUS - 1 (per CCSDS Convention) + sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE - 1; *count = Crypto_Prep_Reply(ingest, 128); for (x = 0; x < pdu_keys; x++) { @@ -409,12 +410,12 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) // Initialization Vector iv_loc = *count; - for (y = 0; y < 12; y++) + for (y = 0; y < SDLS_KEYV_IV_LEN; y++) { ingest[*count] = *(tc_frame->tc_sec_header.iv + y); *count += 1; } - ingest[*count - 1] = ingest[*count - 1] + x + 1; + ingest[*count - 1] = ingest[*count - 1] + x + 1; // Why are we incrementing IV by 1? Remove? // Encrypt challenge uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; @@ -426,7 +427,7 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) 32, // Key Length NULL, // SA Reference for key &(ingest[iv_loc]), // IV - 12, // IV Length + SDLS_KEYV_IV_LEN, // IV Length &(ingest[(*count + CHALLENGE_SIZE)]), // MAC CHALLENGE_MAC_SIZE, // MAC Size NULL, From b4793ba990f3377b11f108bd6c5ca92f84f90955 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Wed, 25 Sep 2024 11:15:31 +0000 Subject: [PATCH 091/241] [nasa/cryptolib#148] SA Management SA_Start and SA_Read_ARSN UTs --- include/crypto.h | 4 +- include/crypto_error.h | 2 +- src/core/crypto.c | 8 +-- src/core/crypto_mc.c | 107 ++++++++++++++++++++++----------------- test/CMakeLists.txt | 4 ++ test/unit/ut_crypto_mc.c | 6 ++- 6 files changed, 76 insertions(+), 55 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 8a4639c4..9279d85e 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -212,7 +212,7 @@ int32_t Crypto_MC_status(uint8_t* ingest); int32_t Crypto_MC_dump(uint8_t* ingest); int32_t Crypto_MC_erase(uint8_t* ingest); int32_t Crypto_MC_selftest(uint8_t* ingest); -int32_t Crypto_SA_readARSN(uint8_t* ingest); +int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count); int32_t Crypto_MC_resetalarm(void); // User Functions @@ -236,7 +236,7 @@ void clean_akref(SecurityAssociation_t* sa); int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uint8_t* ingest); int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame); int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame); -int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame); +int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count); int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest); int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest); diff --git a/include/crypto_error.h b/include/crypto_error.h index 72ae16d0..6bdde1ac 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -149,7 +149,7 @@ #define CONFIGURATION_ERROR_CODES 100 #define CONFIGURATION_ERROR_CODES_MAX 103 -#define CRYPTO_CORE_ERROR_CODES_MAX -57 +#define CRYPTO_CORE_ERROR_CODES_MAX -58 extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; diff --git a/src/core/crypto.c b/src/core/crypto.c index 7368bedf..43952c96 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -354,6 +354,8 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) { int32_t status = CRYPTO_LIB_SUCCESS; + int count = 0; + int* count_ptr = &count; // Check null pointer if (tc_frame == NULL) @@ -375,7 +377,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) status = Crypto_SG_KEY_MGMT(ingest, tc_frame); break; case SG_SA_MGMT: // Security Association Management Procedure - status = Crypto_SG_SA_MGMT(ingest, tc_frame); + status = Crypto_SG_SA_MGMT(ingest, tc_frame, count_ptr); break; case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure status = Crypto_SEC_MON_CTRL(ingest); @@ -486,7 +488,7 @@ int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame) * @param tc_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) +int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.pid) @@ -543,7 +545,7 @@ int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) #ifdef PDU_DEBUG printf(KGRN "SA readARSN\n" RESET); #endif - status = Crypto_SA_readARSN(ingest); + status = Crypto_SA_readARSN(ingest, count); break; case PID_SA_STATUS: #ifdef PDU_DEBUG diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index d12e358d..bf1af07c 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -180,66 +180,79 @@ int32_t Crypto_MC_selftest(uint8_t* ingest) * @param ingest: uint8_t* * @return int32: Count **/ -int32_t Crypto_SA_readARSN(uint8_t* ingest) +int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count) { - if(ingest == NULL) return CRYPTO_LIB_ERROR; - uint8_t count = 0; - uint16_t spi = 0x0000; - SecurityAssociation_t* sa_ptr; - int x; + int32_t status = CRYPTO_LIB_SUCCESS; - // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + if(ingest == NULL) + { + status = CRYPTO_LIB_ERROR; + } - // Prepare for Reply - sdls_frame.pdu.pdu_len = 2 + IV_SIZE; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; - count = Crypto_Prep_Reply(ingest, 128); + if (status == CRYPTO_LIB_SUCCESS) + { + //uint8_t count = 0; + uint16_t spi = 0x0000; + SecurityAssociation_t* sa_ptr; + int x; - // Write SPI to reply - ingest[count++] = (spi & 0xFF00) >> 8; - ingest[count++] = (spi & 0x00FF); + // Read ingest + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; - if (sa_if->sa_get_from_spi(spi, &sa_ptr) != CRYPTO_LIB_SUCCESS) - { - // TODO - Error handling - return CRYPTO_LIB_ERROR; // Error -- unable to get SA from SPI. - } - if (sa_ptr->shivf_len > 0) - { // Set IV - authenticated encryption - for (x = 0; x < sa_ptr->shivf_len - 1; x++) + // Prepare for Reply + sdls_frame.pdu.pdu_len = 2 + IV_SIZE; + sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + *count = Crypto_Prep_Reply(ingest, 128); + + // Write SPI to reply + ingest[*count += 1] = (spi & 0xFF00) >> 8; + ingest[*count += 1] = (spi & 0x00FF); + + if (sa_if->sa_get_from_spi(spi, &sa_ptr) != CRYPTO_LIB_SUCCESS) { - ingest[count++] = *(sa_ptr->iv + x); + // TODO - Error handling + status = CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; // Error -- unable to get SA from SPI. } - // TODO: Do we need this? - if (*(sa_ptr->iv + sa_ptr->shivf_len - 1) > 0) - { // Adjust to report last received, not expected - ingest[count++] = *(sa_ptr->iv + sa_ptr->shivf_len - 1) - 1; - } - else + if (status == CRYPTO_LIB_SUCCESS) { - ingest[count++] = *(sa_ptr->iv + sa_ptr->shivf_len - 1); - } - } - else - { - // TODO - } + if (sa_ptr->shivf_len > 0) + { // Set IV - authenticated encryption + for (x = 0; x < sa_ptr->shivf_len - 1; x++) + { + ingest[*count += 1] = *(sa_ptr->iv + x); + } + + // TODO: Do we need this? + if (*(sa_ptr->iv + sa_ptr->shivf_len - 1) > 0) + { // Adjust to report last received, not expected + ingest[*count += 1] = *(sa_ptr->iv + sa_ptr->shivf_len - 1) - 1; + } + else + { + ingest[*count += 1] = *(sa_ptr->iv + sa_ptr->shivf_len - 1); + } + } + else + { + // TODO + } #ifdef PDU_DEBUG - printf("spi = %d \n", spi); - if (sa_ptr->shivf_len > 0) - { - printf("ARSN = 0x"); - for (x = 0; x < sa_ptr->shivf_len; x++) - { - printf("%02x", *(sa_ptr->iv + x)); + printf("spi = %d \n", spi); + if (sa_ptr->shivf_len > 0) + { + printf("ARSN = 0x"); + for (x = 0; x < sa_ptr->shivf_len; x++) + { + printf("%02x", *(sa_ptr->iv + x)); + } + printf("\n"); + } +#endif } - printf("\n"); } -#endif - return count; + return status; } /** diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 64ff3aa0..7d2e7db2 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -57,6 +57,10 @@ add_test(NAME UT_TM_PROCESS COMMAND ${PROJECT_BINARY_DIR}/bin/ut_tm_process WORKING_DIRECTORY ${PROJECT_TEST_DIR}) +add_test(NAME UT_EP_SA_MGMT + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_sa_mgmt + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + if(NOT ${CRYPTO_WOLFSSL}) add_test(NAME UT_AES_GCM_SIV COMMAND ${PROJECT_BINARY_DIR}/bin/ut_aes_gcm_siv diff --git a/test/unit/ut_crypto_mc.c b/test/unit/ut_crypto_mc.c index f94deec9..47df596b 100644 --- a/test/unit/ut_crypto_mc.c +++ b/test/unit/ut_crypto_mc.c @@ -85,6 +85,8 @@ UTEST(CRYPTO_MC, READARSN) { remove("sa_save_file.bin"); int count = 0; + int* temp_count = &count; + int32_t status = CRYPTO_LIB_ERROR; uint8_t ingest[1024] = {0}; Crypto_Init_TC_Unit_Test(); SaInterface sa_if = get_sa_interface_inmemory(); @@ -92,9 +94,9 @@ UTEST(CRYPTO_MC, READARSN) test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); sa_if->sa_get_from_spi(1, &test_association); - count = Crypto_SA_readARSN(ingest); + status = Crypto_SA_readARSN(ingest, temp_count); sa_if = sa_if; - ASSERT_EQ(11, count); // Future me's problem... why? + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } /** From 824417b874e851e1f63cf3b0ae9a657bbedbca94 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Wed, 25 Sep 2024 13:42:42 +0000 Subject: [PATCH 092/241] [nasa/cryptolib#148] Fix rekey and set_arsn PID defines --- include/crypto_config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 9e1b4b97..733df7ec 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -158,13 +158,13 @@ // Service Group - Security Association Management #define SG_SA_MGMT 0x01 // 0b01 #define PID_CREATE_SA 0x01 //0b0001 -#define PID_REKEY_SA 0x05 //0b0110 +#define PID_REKEY_SA 0x06 //0b0110 #define PID_START_SA 0x0B //0b1011 #define PID_STOP_SA 0x0E // 0b1110 #define PID_EXPIRE_SA 0x09 // 0b1001 #define PID_DELETE_SA 0x04 // 0b0100 #define PID_SET_ARSN 0x0A //0b1010 -#define PID_SET_ARSNW 0x06 // 0b0101 +#define PID_SET_ARSNW 0x05 // 0b0101 #define PID_READ_ARSN 0x00 // 0b0000 #define PID_SA_STATUS 0x0F // 0b1111 // Service Group - Security Monitoring & Control From d5f8945b2ca85db3946653cd7711b91ef00ec3ea Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Wed, 25 Sep 2024 13:45:42 +0000 Subject: [PATCH 093/241] [nasa/cryptolib#148] Added UT files and added functionality --- src/core/crypto.c | 4 +- src/core/crypto_mc.c | 10 +- .../internal/sa_interface_inmemory.template.c | 82 +-- test/include/ut_ep_sa_mgmt.h | 35 ++ test/unit/ut_ep_sa_mgmt.c | 509 ++++++++++++++++++ 5 files changed, 603 insertions(+), 37 deletions(-) create mode 100644 test/include/ut_ep_sa_mgmt.h create mode 100644 test/unit/ut_ep_sa_mgmt.c diff --git a/src/core/crypto.c b/src/core/crypto.c index 43952c96..1a4c648a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -410,10 +410,10 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) #ifdef CCSDS_DEBUG int x; - if ((status > 0) && (ingest != NULL)) + if ((*count_ptr > 0) && (ingest != NULL)) { printf(KMAG "CCSDS message put on software bus: 0x" RESET); - for (x = 0; x < status; x++) + for (x = 0; x < *count_ptr; x++) { printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); } diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index bf1af07c..2318acce 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -216,7 +216,7 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count) if (status == CRYPTO_LIB_SUCCESS) { - if (sa_ptr->shivf_len > 0) + if (sa_ptr->shivf_len > 0 && sa_ptr->ecs == 1 && sa_ptr->acs == 1) { // Set IV - authenticated encryption for (x = 0; x < sa_ptr->shivf_len - 1; x++) { @@ -236,15 +236,17 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count) else { // TODO + // Also, count not being returned correctly since not Auth Enc } #ifdef PDU_DEBUG printf("spi = %d \n", spi); - if (sa_ptr->shivf_len > 0) + printf("ARSN_LEN: %d\n", sa_ptr->arsn_len); + if (sa_ptr->shivf_len > 0) // Not sure why shivf_len is being used { printf("ARSN = 0x"); - for (x = 0; x < sa_ptr->shivf_len; x++) + for (x = 0; x < sa_ptr->arsn_len; x++) { - printf("%02x", *(sa_ptr->iv + x)); + printf("%02x", *(sa_ptr->arsn + x)); } printf("\n"); } diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 57570234..cab55a99 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1453,11 +1453,11 @@ static int32_t sa_setARSN(void) // Check SPI exists if (spi < NUM_SA) { + if (sa[spi].shivf_len > 0 && sa[spi].ecs == 1 && sa[spi].acs == 1) + { // Set IV - authenticated encryption #ifdef PDU_DEBUG - printf("SPI %d IV updated to: 0x", spi); + printf("SPI %d IV updated to: 0x", spi); #endif - if (sa[spi].shivf_len > 0) - { // Set IV - authenticated encryption for (x = 0; x < IV_SIZE; x++) { *(sa[spi].iv + x) = (uint8_t)sdls_frame.pdu.data[x + 2]; @@ -1469,7 +1469,16 @@ static int32_t sa_setARSN(void) } else { // Set SN - // TODO +#ifdef PDU_DEBUG + printf("SPI %d ARSN updated to: 0x", spi); +#endif + for (x = 0; x < sa[spi].arsn_len; x++) + { + *(sa[spi].arsn + x) = (uint8_t)sdls_frame.pdu.data[x + 2]; +#ifdef PDU_DEBUG + printf("%02x", *(sa[spi].arsn + x)); +#endif + } } #ifdef PDU_DEBUG printf("\n"); @@ -1500,7 +1509,7 @@ static int32_t sa_setARSNW(void) // Check SPI exists if (spi < NUM_SA) { - sa[spi].arsnw_len = (uint8_t)sdls_frame.pdu.data[2]; + //sa[spi].arsnw_len = (uint8_t)sdls_frame.pdu.data[2]; // Check for out of bounds if (sa[spi].arsnw_len > (ARSN_SIZE)) @@ -1510,8 +1519,11 @@ static int32_t sa_setARSNW(void) for (x = 0; x < sa[spi].arsnw_len; x++) { - sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 3]) << (sa[spi].arsnw_len - x)); + sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 2]) << (sa[spi].arsnw_len - 1 - x)); } +#ifdef PDU_DEBUG + printf("ARSN set to: %d\n", sa[spi].arsnw); +#endif } else { @@ -1528,36 +1540,44 @@ static int32_t sa_setARSNW(void) **/ static int32_t sa_status(uint8_t* ingest) { - if(ingest == NULL) return CRYPTO_LIB_ERROR; - - // Local variables - int count = 0; - uint16_t spi = 0x0000; - - // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; - printf("spi = %d \n", spi); - - // Check SPI exists - if (spi < NUM_SA) + // TODO: Count is not being returned yet + int32_t status = CRYPTO_LIB_SUCCESS; + if(ingest == NULL) { - // Prepare for Reply - sdls_frame.pdu.pdu_len = 3; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; - count = Crypto_Prep_Reply(ingest, 128); - // PDU - ingest[count++] = (spi & 0xFF00) >> 8; - ingest[count++] = (spi & 0x00FF); - ingest[count++] = sa[spi].lpid; + status = CRYPTO_LIB_ERROR; } - else + + if (status == CRYPTO_LIB_SUCCESS) { - printf("sa_status ERROR: SPI %d does not exist.\n", spi); - } + // Local variables + int count = 0; + uint16_t spi = 0x0000; + + // Read ingest + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + printf("spi = %d \n", spi); + + // Check SPI exists + if (spi < NUM_SA) + { + // Prepare for Reply + sdls_frame.pdu.pdu_len = 3; + sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + count = Crypto_Prep_Reply(ingest, 128); + // PDU + ingest[count++] = (spi & 0xFF00) >> 8; + ingest[count++] = (spi & 0x00FF); + ingest[count++] = sa[spi].lpid; + } + else + { + printf("sa_status ERROR: SPI %d does not exist.\n", spi); + } #ifdef SA_DEBUG - Crypto_saPrint(&sa[spi]); + Crypto_saPrint(&sa[spi]); #endif + } - return count; + return status; } \ No newline at end of file diff --git a/test/include/ut_ep_sa_mgmt.h b/test/include/ut_ep_sa_mgmt.h new file mode 100644 index 00000000..4ce37519 --- /dev/null +++ b/test/include/ut_ep_sa_mgmt.h @@ -0,0 +1,35 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +#ifndef CRYPTOLIB_UT_EP_SA_MGMT_H +#define CRYPTOLIB_UT_EP_SA_MGMT_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include "crypto.h" +#include "shared_util.h" +#include + +#ifdef __cplusplus +} /* Close scope of 'extern "C"' declaration which encloses file. */ +#endif + +#endif //CRYPTOLIB_UT_EP_SA_MGMT_H \ No newline at end of file diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c new file mode 100644 index 00000000..9e2bca37 --- /dev/null +++ b/test/unit/ut_ep_sa_mgmt.c @@ -0,0 +1,509 @@ +#include "ut_ep_sa_mgmt.h" +#include "crypto.h" +#include "crypto_error.h" +#include "sa_interface.h" +#include "utest.h" + +UTEST(EP_SA_MGMT, SA_6_REKEY_133) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_REKEY_h = "2003002a00ff000100001880d0ac0018197f0b0016000c00060085000000000000000000000000da959fc8555555555555"; + // |2003002a00| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d0ac| = seq, pktid + // |0018| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |0016| = PDU Tag + // |000c| = PDU Length + // |0006| = SA + // |0085| = Key ID + // |000000000000000000000000da959fc8| = IV + + uint8_t *buffer_REKEY_b = NULL; + int buffer_REKEY_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 6 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_UNKEYED; + + // Convert frames that will be processed + hex_conversion(buffer_REKEY_h, (char**) &buffer_REKEY_b, &buffer_REKEY_len); + + status = Crypto_TC_ProcessSecurity(buffer_REKEY_b, &buffer_REKEY_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_REKEY_b); +} + +UTEST(EP_SA_MGMT, SA_START_6) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_START_h = "2003002000ff000100001880d0ad000e197f0b001b0004000600003040f6f7a61a5555"; + // |2003002000| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d0ad| = seq, pktid + // |000e| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |001b| = PDU Tag + // |0004| = PDU Length + // |0006| = SA being started + + uint8_t *buffer_START_b = NULL; + int buffer_START_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Convert frames that will be processed + hex_conversion(buffer_START_h, (char**) &buffer_START_b, &buffer_START_len); + + status = Crypto_TC_ProcessSecurity(buffer_START_b, &buffer_START_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_START_b); +} + +UTEST(EP_SA_MGMT, SA_6_READ_ARSN) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_READ_h = "2003001c00ff000100001880d0b0000a197f0b001000020006555555555555"; + // |2003001c00| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d0ad| = seq, pktid + // |000e| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |001b| = PDU Tag + // |0002| = PDU Length + // |0006| = SA being read + + uint8_t *buffer_READ_b = NULL; + int buffer_READ_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 1 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->arsn_len = 4; + test_association->arsn[0] = 0xDE; + test_association->arsn[1] = 0xAD; + test_association->arsn[2] = 0xBE; + test_association->arsn[3] = 0xEF; + + // Convert frames that will be processed + hex_conversion(buffer_READ_h, (char**) &buffer_READ_b, &buffer_READ_len); + + status = Crypto_TC_ProcessSecurity(buffer_READ_b, &buffer_READ_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_READ_b); +} + +UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_SET_h = "2003001a00ff000100001880d0b1000a197f0b0015000400060955"; + // |2003002800| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d0b1| = seq, pktid + // |0009| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |0015| = PDU Tag + // |000a| = PDU Length + // |0006| = SA being modified + // |09| = ARSNW + + uint8_t *buffer_SET_b = NULL; + int buffer_SET_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 1 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_OPERATIONAL; + + // Convert frames that will be processed + hex_conversion(buffer_SET_h, (char**) &buffer_SET_b, &buffer_SET_len); + + status = Crypto_TC_ProcessSecurity(buffer_SET_b, &buffer_SET_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + sa_if->sa_get_from_spi(6, &test_association); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_SET_b); +} + +UTEST(EP_SA_MGMT, SA_6_SET_ARSN) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_SET_h = "2003002800ff000100001880d0b10016197f0b001a000a000600000000000000000000006413b5983e55"; + // |2003002800| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d0b1| = seq, pktid + // |0016| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |001a| = PDU Tag + // |000a| = PDU Length + // |0006| = SA being modified + // |00000000000000000000006413b5983e| = ARSN + + uint8_t *buffer_SET_b = NULL; + int buffer_SET_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 1 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->arsn_len = 16; + + // Convert frames that will be processed + hex_conversion(buffer_SET_h, (char**) &buffer_SET_b, &buffer_SET_len); + + status = Crypto_TC_ProcessSecurity(buffer_SET_b, &buffer_SET_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + sa_if->sa_get_from_spi(6, &test_association); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_SET_b); +} + +UTEST(EP_SA_MGMT, SA_6_STATUS) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_STATUS_h = "2003001800ff000100001880d0b00008197f0b001f00020006"; + // |2003002000| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d0b0| = seq, pktid + // |000e| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |001b| = PDU Tag + // |0002| = PDU Length + // |0006| = SA being started + + uint8_t *buffer_STATUS_b = NULL; + int buffer_STATUS_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 1 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_OPERATIONAL; + + // Convert frames that will be processed + hex_conversion(buffer_STATUS_h, (char**) &buffer_STATUS_b, &buffer_STATUS_len); + + status = Crypto_TC_ProcessSecurity(buffer_STATUS_b, &buffer_STATUS_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_STATUS_b); +} + +UTEST(EP_SA_MGMT, SA_STOP_6) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_STOP_h = "2003001c00ff000100001880d0b6000a197f0b001e00020006938f21c4555555555555"; + // |2003001c00| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d0b6| = seq, pktid + // |000a| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |001e| = PDU Tag + // |0002| = PDU Length + // |0006| = SA being stopped + + uint8_t *buffer_STOP_b = NULL; + int buffer_STOP_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 1 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_OPERATIONAL; + + // Convert frames that will be processed + hex_conversion(buffer_STOP_h, (char**) &buffer_STOP_b, &buffer_STOP_len); + + status = Crypto_TC_ProcessSecurity(buffer_STOP_b, &buffer_STOP_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_STOP_b); +} + +UTEST(EP_SA_MGMT, SA_EXPIRE_6) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_EXPIRE_h = "2003001c00ff000100001880d0b7000a197f0b001900020006f72e21c4555555555555"; + // |2003001c00| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d0b7| = seq, pktid + // |000a| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |0019| = PDU Tag + // |0002| = PDU Length + // |0006| = SA being stopped + + uint8_t *buffer_EXPIRE_b = NULL; + int buffer_EXPIRE_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Convert frames that will be processed + hex_conversion(buffer_EXPIRE_h, (char**) &buffer_EXPIRE_b, &buffer_EXPIRE_len); + + status = Crypto_TC_ProcessSecurity(buffer_EXPIRE_b, &buffer_EXPIRE_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_EXPIRE_b); +} + +UTEST_MAIN(); \ No newline at end of file From 35c9f2d801705b9467d4b2d26442228c5ddf6b1a Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Wed, 25 Sep 2024 13:49:55 -0400 Subject: [PATCH 094/241] [nasa/cryptolib#147] Adjust Key Verification to use block of replies in memory, fix segfault --- .gitignore | 679 +++++++++++++++++++++++++++++++ include/crypto.h | 2 +- include/crypto_structs.h | 2 +- src/core/crypto.c | 2 + src/core/crypto_key_mgmt.c | 57 ++- test/unit/ut_ep_key_validation.c | 15 +- 6 files changed, 731 insertions(+), 26 deletions(-) diff --git a/.gitignore b/.gitignore index 547fec94..6d23cf9f 100644 --- a/.gitignore +++ b/.gitignore @@ -17,3 +17,682 @@ vgcore* core.* log.txt Makefile +cmake_install.cmake +CMakeCache.txt +CTestTestfile.cmake +DartConfiguration.tcl +sa_save_file.bin +bin/et_dt_validation +bin/ut_aes_gcm_siv +bin/ut_aos_apply +bin/ut_aos_process +bin/ut_crypto +bin/ut_crypto_config +bin/ut_crypto_mc +bin/ut_ep_key_validation +bin/ut_mysql_m_tls_connection +bin/ut_mysql_tls_connection +bin/ut_sa_save +bin/ut_sadb_err_cases_kmc_crypto +bin/ut_tc_apply +bin/ut_tc_process +bin/ut_tm_apply +bin/ut_tm_process +CMakeFiles/cmake.check_cache +CMakeFiles/CMakeDirectoryInformation.cmake +CMakeFiles/CMakeOutput.log +CMakeFiles/CMakeRuleHashes.txt +CMakeFiles/Makefile.cmake +CMakeFiles/Makefile2 +CMakeFiles/progress.marks +CMakeFiles/TargetDirectories.txt +CMakeFiles/3.22.1/CMakeCCompiler.cmake +CMakeFiles/3.22.1/CMakeDetermineCompilerABI_C.bin +CMakeFiles/3.22.1/CMakeSystem.cmake +CMakeFiles/3.22.1/CompilerIdC/a.out +CMakeFiles/3.22.1/CompilerIdC/CMakeCCompilerId.c +CMakeFiles/Continuous.dir/build.make +CMakeFiles/Continuous.dir/cmake_clean.cmake +CMakeFiles/Continuous.dir/compiler_depend.make +CMakeFiles/Continuous.dir/compiler_depend.ts +CMakeFiles/Continuous.dir/DependInfo.cmake +CMakeFiles/Continuous.dir/progress.make +CMakeFiles/ContinuousBuild.dir/build.make +CMakeFiles/ContinuousBuild.dir/cmake_clean.cmake +CMakeFiles/ContinuousBuild.dir/compiler_depend.make +CMakeFiles/ContinuousBuild.dir/compiler_depend.ts +CMakeFiles/ContinuousBuild.dir/DependInfo.cmake +CMakeFiles/ContinuousBuild.dir/progress.make +CMakeFiles/ContinuousBuild.dir/progress.make.tmp38559 +CMakeFiles/ContinuousConfigure.dir/build.make +CMakeFiles/ContinuousConfigure.dir/cmake_clean.cmake +CMakeFiles/ContinuousConfigure.dir/compiler_depend.make +CMakeFiles/ContinuousConfigure.dir/compiler_depend.ts +CMakeFiles/ContinuousConfigure.dir/DependInfo.cmake +CMakeFiles/ContinuousConfigure.dir/progress.make +CMakeFiles/ContinuousCoverage.dir/build.make +CMakeFiles/ContinuousCoverage.dir/cmake_clean.cmake +CMakeFiles/ContinuousCoverage.dir/compiler_depend.make +CMakeFiles/ContinuousCoverage.dir/compiler_depend.ts +CMakeFiles/ContinuousCoverage.dir/DependInfo.cmake +CMakeFiles/ContinuousCoverage.dir/progress.make +CMakeFiles/ContinuousMemCheck.dir/build.make +CMakeFiles/ContinuousMemCheck.dir/cmake_clean.cmake +CMakeFiles/ContinuousMemCheck.dir/compiler_depend.make +CMakeFiles/ContinuousMemCheck.dir/compiler_depend.ts +CMakeFiles/ContinuousMemCheck.dir/DependInfo.cmake +CMakeFiles/ContinuousMemCheck.dir/progress.make +CMakeFiles/ContinuousStart.dir/build.make +CMakeFiles/ContinuousStart.dir/cmake_clean.cmake +CMakeFiles/ContinuousStart.dir/compiler_depend.make +CMakeFiles/ContinuousStart.dir/compiler_depend.ts +CMakeFiles/ContinuousStart.dir/DependInfo.cmake +CMakeFiles/ContinuousStart.dir/progress.make +CMakeFiles/ContinuousSubmit.dir/build.make +CMakeFiles/ContinuousSubmit.dir/cmake_clean.cmake +CMakeFiles/ContinuousSubmit.dir/compiler_depend.make +CMakeFiles/ContinuousSubmit.dir/compiler_depend.ts +CMakeFiles/ContinuousSubmit.dir/DependInfo.cmake +CMakeFiles/ContinuousSubmit.dir/progress.make +CMakeFiles/ContinuousTest.dir/build.make +CMakeFiles/ContinuousTest.dir/cmake_clean.cmake +CMakeFiles/ContinuousTest.dir/compiler_depend.make +CMakeFiles/ContinuousTest.dir/compiler_depend.ts +CMakeFiles/ContinuousTest.dir/DependInfo.cmake +CMakeFiles/ContinuousTest.dir/progress.make +CMakeFiles/ContinuousUpdate.dir/build.make +CMakeFiles/ContinuousUpdate.dir/cmake_clean.cmake +CMakeFiles/ContinuousUpdate.dir/compiler_depend.make +CMakeFiles/ContinuousUpdate.dir/compiler_depend.ts +CMakeFiles/ContinuousUpdate.dir/DependInfo.cmake +CMakeFiles/ContinuousUpdate.dir/progress.make +CMakeFiles/Experimental.dir/build.make +CMakeFiles/Experimental.dir/cmake_clean.cmake +CMakeFiles/Experimental.dir/compiler_depend.make +CMakeFiles/Experimental.dir/compiler_depend.ts +CMakeFiles/Experimental.dir/DependInfo.cmake +CMakeFiles/Experimental.dir/progress.make +CMakeFiles/ExperimentalBuild.dir/build.make +CMakeFiles/ExperimentalBuild.dir/cmake_clean.cmake +CMakeFiles/ExperimentalBuild.dir/compiler_depend.make +CMakeFiles/ExperimentalBuild.dir/compiler_depend.ts +CMakeFiles/ExperimentalBuild.dir/DependInfo.cmake +CMakeFiles/ExperimentalBuild.dir/progress.make +CMakeFiles/ExperimentalConfigure.dir/build.make +CMakeFiles/ExperimentalConfigure.dir/cmake_clean.cmake +CMakeFiles/ExperimentalConfigure.dir/compiler_depend.make +CMakeFiles/ExperimentalConfigure.dir/compiler_depend.ts +CMakeFiles/ExperimentalConfigure.dir/DependInfo.cmake +CMakeFiles/ExperimentalConfigure.dir/progress.make +CMakeFiles/ExperimentalCoverage.dir/build.make +CMakeFiles/ExperimentalCoverage.dir/cmake_clean.cmake +CMakeFiles/ExperimentalCoverage.dir/compiler_depend.make +CMakeFiles/ExperimentalCoverage.dir/compiler_depend.ts +CMakeFiles/ExperimentalCoverage.dir/DependInfo.cmake +CMakeFiles/ExperimentalCoverage.dir/progress.make +CMakeFiles/ExperimentalMemCheck.dir/build.make +CMakeFiles/ExperimentalMemCheck.dir/cmake_clean.cmake +CMakeFiles/ExperimentalMemCheck.dir/compiler_depend.make +CMakeFiles/ExperimentalMemCheck.dir/compiler_depend.ts +CMakeFiles/ExperimentalMemCheck.dir/DependInfo.cmake +CMakeFiles/ExperimentalMemCheck.dir/progress.make +CMakeFiles/ExperimentalStart.dir/build.make +CMakeFiles/ExperimentalStart.dir/cmake_clean.cmake +CMakeFiles/ExperimentalStart.dir/compiler_depend.make +CMakeFiles/ExperimentalStart.dir/compiler_depend.ts +CMakeFiles/ExperimentalStart.dir/DependInfo.cmake +CMakeFiles/ExperimentalStart.dir/progress.make +CMakeFiles/ExperimentalSubmit.dir/build.make +CMakeFiles/ExperimentalSubmit.dir/cmake_clean.cmake +CMakeFiles/ExperimentalSubmit.dir/compiler_depend.make +CMakeFiles/ExperimentalSubmit.dir/compiler_depend.ts +CMakeFiles/ExperimentalSubmit.dir/DependInfo.cmake +CMakeFiles/ExperimentalSubmit.dir/progress.make +CMakeFiles/ExperimentalTest.dir/build.make +CMakeFiles/ExperimentalTest.dir/cmake_clean.cmake +CMakeFiles/ExperimentalTest.dir/compiler_depend.make +CMakeFiles/ExperimentalTest.dir/compiler_depend.ts +CMakeFiles/ExperimentalTest.dir/DependInfo.cmake +CMakeFiles/ExperimentalTest.dir/progress.make +CMakeFiles/ExperimentalUpdate.dir/build.make +CMakeFiles/ExperimentalUpdate.dir/cmake_clean.cmake +CMakeFiles/ExperimentalUpdate.dir/compiler_depend.make +CMakeFiles/ExperimentalUpdate.dir/compiler_depend.ts +CMakeFiles/ExperimentalUpdate.dir/DependInfo.cmake +CMakeFiles/ExperimentalUpdate.dir/progress.make +CMakeFiles/Nightly.dir/build.make +CMakeFiles/Nightly.dir/cmake_clean.cmake +CMakeFiles/Nightly.dir/compiler_depend.make +CMakeFiles/Nightly.dir/compiler_depend.ts +CMakeFiles/Nightly.dir/DependInfo.cmake +CMakeFiles/Nightly.dir/progress.make +CMakeFiles/NightlyBuild.dir/build.make +CMakeFiles/NightlyBuild.dir/cmake_clean.cmake +CMakeFiles/NightlyBuild.dir/compiler_depend.make +CMakeFiles/NightlyBuild.dir/compiler_depend.ts +CMakeFiles/NightlyBuild.dir/DependInfo.cmake +CMakeFiles/NightlyBuild.dir/progress.make +CMakeFiles/NightlyConfigure.dir/build.make +CMakeFiles/NightlyConfigure.dir/cmake_clean.cmake +CMakeFiles/NightlyConfigure.dir/compiler_depend.make +CMakeFiles/NightlyConfigure.dir/compiler_depend.ts +CMakeFiles/NightlyConfigure.dir/DependInfo.cmake +CMakeFiles/NightlyConfigure.dir/progress.make +CMakeFiles/NightlyCoverage.dir/build.make +CMakeFiles/NightlyCoverage.dir/cmake_clean.cmake +CMakeFiles/NightlyCoverage.dir/compiler_depend.make +CMakeFiles/NightlyCoverage.dir/compiler_depend.ts +CMakeFiles/NightlyCoverage.dir/DependInfo.cmake +CMakeFiles/NightlyCoverage.dir/progress.make +CMakeFiles/NightlyMemCheck.dir/build.make +CMakeFiles/NightlyMemCheck.dir/cmake_clean.cmake +CMakeFiles/NightlyMemCheck.dir/compiler_depend.make +CMakeFiles/NightlyMemCheck.dir/compiler_depend.ts +CMakeFiles/NightlyMemCheck.dir/DependInfo.cmake +CMakeFiles/NightlyMemCheck.dir/progress.make +CMakeFiles/NightlyMemoryCheck.dir/build.make +CMakeFiles/NightlyMemoryCheck.dir/cmake_clean.cmake +CMakeFiles/NightlyMemoryCheck.dir/compiler_depend.make +CMakeFiles/NightlyMemoryCheck.dir/compiler_depend.ts +CMakeFiles/NightlyMemoryCheck.dir/DependInfo.cmake +CMakeFiles/NightlyMemoryCheck.dir/progress.make +CMakeFiles/NightlyStart.dir/build.make +CMakeFiles/NightlyStart.dir/cmake_clean.cmake +CMakeFiles/NightlyStart.dir/compiler_depend.make +CMakeFiles/NightlyStart.dir/compiler_depend.ts +CMakeFiles/NightlyStart.dir/DependInfo.cmake +CMakeFiles/NightlyStart.dir/progress.make +CMakeFiles/NightlySubmit.dir/build.make +CMakeFiles/NightlySubmit.dir/cmake_clean.cmake +CMakeFiles/NightlySubmit.dir/compiler_depend.make +CMakeFiles/NightlySubmit.dir/compiler_depend.ts +CMakeFiles/NightlySubmit.dir/DependInfo.cmake +CMakeFiles/NightlySubmit.dir/progress.make +CMakeFiles/NightlyTest.dir/build.make +CMakeFiles/NightlyTest.dir/cmake_clean.cmake +CMakeFiles/NightlyTest.dir/compiler_depend.make +CMakeFiles/NightlyTest.dir/compiler_depend.ts +CMakeFiles/NightlyTest.dir/DependInfo.cmake +CMakeFiles/NightlyTest.dir/progress.make +CMakeFiles/NightlyUpdate.dir/build.make +CMakeFiles/NightlyUpdate.dir/cmake_clean.cmake +CMakeFiles/NightlyUpdate.dir/compiler_depend.make +CMakeFiles/NightlyUpdate.dir/compiler_depend.ts +CMakeFiles/NightlyUpdate.dir/DependInfo.cmake +CMakeFiles/NightlyUpdate.dir/progress.make +src/cmake_install.cmake +src/CTestTestfile.cmake +src/CMakeFiles/CMakeDirectoryInformation.cmake +src/CMakeFiles/progress.marks +src/CMakeFiles/crypto.dir/build.make +src/CMakeFiles/crypto.dir/cmake_clean.cmake +src/CMakeFiles/crypto.dir/compiler_depend.internal +src/CMakeFiles/crypto.dir/compiler_depend.internal.tmp42f59 +src/CMakeFiles/crypto.dir/compiler_depend.internal.tmp93b2c +src/CMakeFiles/crypto.dir/compiler_depend.internal.tmpe28df +src/CMakeFiles/crypto.dir/compiler_depend.internal.tmpea58b +src/CMakeFiles/crypto.dir/compiler_depend.make +src/CMakeFiles/crypto.dir/compiler_depend.ts +src/CMakeFiles/crypto.dir/depend.make +src/CMakeFiles/crypto.dir/DependInfo.cmake +src/CMakeFiles/crypto.dir/flags.make +src/CMakeFiles/crypto.dir/link.txt +src/CMakeFiles/crypto.dir/progress.make +src/CMakeFiles/crypto.dir/core/crypto.c.gcda +src/CMakeFiles/crypto.dir/core/crypto.c.gcno +src/CMakeFiles/crypto.dir/core/crypto.c.o +src/CMakeFiles/crypto.dir/core/crypto.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_aos.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_aos.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_aos.c.o +src/CMakeFiles/crypto.dir/core/crypto_aos.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_config.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_config.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_config.c.o +src/CMakeFiles/crypto.dir/core/crypto_config.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_error.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_error.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_error.c.o +src/CMakeFiles/crypto.dir/core/crypto_error.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_key_mgmt.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_key_mgmt.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_key_mgmt.c.o +src/CMakeFiles/crypto.dir/core/crypto_key_mgmt.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_mc.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_mc.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_mc.c.o +src/CMakeFiles/crypto.dir/core/crypto_mc.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_print.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_print.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_print.c.o +src/CMakeFiles/crypto.dir/core/crypto_print.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_tc.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_tc.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_tc.c.o +src/CMakeFiles/crypto.dir/core/crypto_tc.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_tm.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_tm.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_tm.c.o +src/CMakeFiles/crypto.dir/core/crypto_tm.c.o.d +src/CMakeFiles/crypto.dir/core/crypto_user.c.gcda +src/CMakeFiles/crypto.dir/core/crypto_user.c.gcno +src/CMakeFiles/crypto.dir/core/crypto_user.c.o +src/CMakeFiles/crypto.dir/core/crypto_user.c.o.d +src/CMakeFiles/crypto.dir/crypto/custom_stub/cryptography_interface_custom_stub.template.c.gcda +src/CMakeFiles/crypto.dir/crypto/custom_stub/cryptography_interface_custom_stub.template.c.gcno +src/CMakeFiles/crypto.dir/crypto/custom_stub/cryptography_interface_custom_stub.template.c.o +src/CMakeFiles/crypto.dir/crypto/custom_stub/cryptography_interface_custom_stub.template.c.o.d +src/CMakeFiles/crypto.dir/crypto/kmc_stub/cryptography_interface_kmc.stub.c.gcda +src/CMakeFiles/crypto.dir/crypto/kmc_stub/cryptography_interface_kmc.stub.c.gcno +src/CMakeFiles/crypto.dir/crypto/kmc_stub/cryptography_interface_kmc.stub.c.o +src/CMakeFiles/crypto.dir/crypto/kmc_stub/cryptography_interface_kmc.stub.c.o.d +src/CMakeFiles/crypto.dir/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c.gcda +src/CMakeFiles/crypto.dir/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c.gcno +src/CMakeFiles/crypto.dir/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c.o +src/CMakeFiles/crypto.dir/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c.o.d +src/CMakeFiles/crypto.dir/crypto/wolfssl_stub/cryptography_interface_wolfssl.stub.c.gcda +src/CMakeFiles/crypto.dir/crypto/wolfssl_stub/cryptography_interface_wolfssl.stub.c.gcno +src/CMakeFiles/crypto.dir/crypto/wolfssl_stub/cryptography_interface_wolfssl.stub.c.o +src/CMakeFiles/crypto.dir/crypto/wolfssl_stub/cryptography_interface_wolfssl.stub.c.o.d +src/CMakeFiles/crypto.dir/key/custom_stub/key_interface_custom_stub.template.c.gcda +src/CMakeFiles/crypto.dir/key/custom_stub/key_interface_custom_stub.template.c.gcno +src/CMakeFiles/crypto.dir/key/custom_stub/key_interface_custom_stub.template.c.o +src/CMakeFiles/crypto.dir/key/custom_stub/key_interface_custom_stub.template.c.o.d +src/CMakeFiles/crypto.dir/key/internal/key_interface_internal.template.c.gcda +src/CMakeFiles/crypto.dir/key/internal/key_interface_internal.template.c.gcno +src/CMakeFiles/crypto.dir/key/internal/key_interface_internal.template.c.o +src/CMakeFiles/crypto.dir/key/internal/key_interface_internal.template.c.o.d +src/CMakeFiles/crypto.dir/key/kmc_stub/key_interface_kmc_stub.template.c.gcda +src/CMakeFiles/crypto.dir/key/kmc_stub/key_interface_kmc_stub.template.c.gcno +src/CMakeFiles/crypto.dir/key/kmc_stub/key_interface_kmc_stub.template.c.o +src/CMakeFiles/crypto.dir/key/kmc_stub/key_interface_kmc_stub.template.c.o.d +src/CMakeFiles/crypto.dir/mc/custom_stub/mc_interface_custom_stub.template.c.gcda +src/CMakeFiles/crypto.dir/mc/custom_stub/mc_interface_custom_stub.template.c.gcno +src/CMakeFiles/crypto.dir/mc/custom_stub/mc_interface_custom_stub.template.c.o +src/CMakeFiles/crypto.dir/mc/custom_stub/mc_interface_custom_stub.template.c.o.d +src/CMakeFiles/crypto.dir/mc/disabled_stub/mc_interface_disabled_stub.template.c.gcda +src/CMakeFiles/crypto.dir/mc/disabled_stub/mc_interface_disabled_stub.template.c.gcno +src/CMakeFiles/crypto.dir/mc/disabled_stub/mc_interface_disabled_stub.template.c.o +src/CMakeFiles/crypto.dir/mc/disabled_stub/mc_interface_disabled_stub.template.c.o.d +src/CMakeFiles/crypto.dir/mc/internal/mc_interface_internal.template.c.gcda +src/CMakeFiles/crypto.dir/mc/internal/mc_interface_internal.template.c.gcno +src/CMakeFiles/crypto.dir/mc/internal/mc_interface_internal.template.c.o +src/CMakeFiles/crypto.dir/mc/internal/mc_interface_internal.template.c.o.d +src/CMakeFiles/crypto.dir/sa/custom_stub/sa_interface_custom.stub.c.gcda +src/CMakeFiles/crypto.dir/sa/custom_stub/sa_interface_custom.stub.c.gcno +src/CMakeFiles/crypto.dir/sa/custom_stub/sa_interface_custom.stub.c.o +src/CMakeFiles/crypto.dir/sa/custom_stub/sa_interface_custom.stub.c.o.d +src/CMakeFiles/crypto.dir/sa/internal/sa_interface_inmemory.template.c.gcda +src/CMakeFiles/crypto.dir/sa/internal/sa_interface_inmemory.template.c.gcno +src/CMakeFiles/crypto.dir/sa/internal/sa_interface_inmemory.template.c.o +src/CMakeFiles/crypto.dir/sa/internal/sa_interface_inmemory.template.c.o.d +src/CMakeFiles/crypto.dir/sa/mariadb_stub/sa_interface_mariadb.stub.c.gcda +src/CMakeFiles/crypto.dir/sa/mariadb_stub/sa_interface_mariadb.stub.c.gcno +src/CMakeFiles/crypto.dir/sa/mariadb_stub/sa_interface_mariadb.stub.c.o +src/CMakeFiles/crypto.dir/sa/mariadb_stub/sa_interface_mariadb.stub.c.o.d +test/cmake_install.cmake +test/CTestTestfile.cmake +test/CMakeFiles/CMakeDirectoryInformation.cmake +test/CMakeFiles/progress.marks +test/CMakeFiles/et_dt_validation.dir/build.make +test/CMakeFiles/et_dt_validation.dir/cmake_clean.cmake +test/CMakeFiles/et_dt_validation.dir/compiler_depend.internal +test/CMakeFiles/et_dt_validation.dir/compiler_depend.internal.tmp4078d +test/CMakeFiles/et_dt_validation.dir/compiler_depend.make +test/CMakeFiles/et_dt_validation.dir/compiler_depend.ts +test/CMakeFiles/et_dt_validation.dir/depend.make +test/CMakeFiles/et_dt_validation.dir/DependInfo.cmake +test/CMakeFiles/et_dt_validation.dir/flags.make +test/CMakeFiles/et_dt_validation.dir/link.txt +test/CMakeFiles/et_dt_validation.dir/progress.make +test/CMakeFiles/et_dt_validation.dir/core/shared_util.c.gcda +test/CMakeFiles/et_dt_validation.dir/core/shared_util.c.gcno +test/CMakeFiles/et_dt_validation.dir/core/shared_util.c.o +test/CMakeFiles/et_dt_validation.dir/core/shared_util.c.o.d +test/CMakeFiles/et_dt_validation.dir/unit/et_dt_validation.c.gcda +test/CMakeFiles/et_dt_validation.dir/unit/et_dt_validation.c.gcno +test/CMakeFiles/et_dt_validation.dir/unit/et_dt_validation.c.o +test/CMakeFiles/et_dt_validation.dir/unit/et_dt_validation.c.o.d +test/CMakeFiles/gcov.dir/build.make +test/CMakeFiles/gcov.dir/cmake_clean.cmake +test/CMakeFiles/gcov.dir/compiler_depend.make +test/CMakeFiles/gcov.dir/compiler_depend.ts +test/CMakeFiles/gcov.dir/DependInfo.cmake +test/CMakeFiles/gcov.dir/progress.make +test/CMakeFiles/scrub.dir/build.make +test/CMakeFiles/scrub.dir/cmake_clean.cmake +test/CMakeFiles/scrub.dir/compiler_depend.make +test/CMakeFiles/scrub.dir/compiler_depend.ts +test/CMakeFiles/scrub.dir/DependInfo.cmake +test/CMakeFiles/scrub.dir/progress.make +test/CMakeFiles/ut_aes_gcm_siv.dir/build.make +test/CMakeFiles/ut_aes_gcm_siv.dir/cmake_clean.cmake +test/CMakeFiles/ut_aes_gcm_siv.dir/compiler_depend.internal +test/CMakeFiles/ut_aes_gcm_siv.dir/compiler_depend.make +test/CMakeFiles/ut_aes_gcm_siv.dir/compiler_depend.ts +test/CMakeFiles/ut_aes_gcm_siv.dir/depend.make +test/CMakeFiles/ut_aes_gcm_siv.dir/depend.make.tmp919b1 +test/CMakeFiles/ut_aes_gcm_siv.dir/DependInfo.cmake +test/CMakeFiles/ut_aes_gcm_siv.dir/flags.make +test/CMakeFiles/ut_aes_gcm_siv.dir/link.txt +test/CMakeFiles/ut_aes_gcm_siv.dir/progress.make +test/CMakeFiles/ut_aes_gcm_siv.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_aes_gcm_siv.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_aes_gcm_siv.dir/core/shared_util.c.o +test/CMakeFiles/ut_aes_gcm_siv.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_aes_gcm_siv.dir/unit/ut_aes_gcm_siv.c.gcda +test/CMakeFiles/ut_aes_gcm_siv.dir/unit/ut_aes_gcm_siv.c.gcno +test/CMakeFiles/ut_aes_gcm_siv.dir/unit/ut_aes_gcm_siv.c.o +test/CMakeFiles/ut_aes_gcm_siv.dir/unit/ut_aes_gcm_siv.c.o.d +test/CMakeFiles/ut_aos_apply.dir/build.make +test/CMakeFiles/ut_aos_apply.dir/cmake_clean.cmake +test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal +test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal.tmp6591d +test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal.tmp66d0f +test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal.tmp7852e +test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal.tmpe78a5 +test/CMakeFiles/ut_aos_apply.dir/compiler_depend.make +test/CMakeFiles/ut_aos_apply.dir/compiler_depend.ts +test/CMakeFiles/ut_aos_apply.dir/depend.make +test/CMakeFiles/ut_aos_apply.dir/DependInfo.cmake +test/CMakeFiles/ut_aos_apply.dir/flags.make +test/CMakeFiles/ut_aos_apply.dir/link.txt +test/CMakeFiles/ut_aos_apply.dir/progress.make +test/CMakeFiles/ut_aos_apply.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_aos_apply.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_aos_apply.dir/core/shared_util.c.o +test/CMakeFiles/ut_aos_apply.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_aos_apply.dir/unit/ut_aos_apply.c.gcda +test/CMakeFiles/ut_aos_apply.dir/unit/ut_aos_apply.c.gcno +test/CMakeFiles/ut_aos_apply.dir/unit/ut_aos_apply.c.o +test/CMakeFiles/ut_aos_apply.dir/unit/ut_aos_apply.c.o.d +test/CMakeFiles/ut_aos_process.dir/build.make +test/CMakeFiles/ut_aos_process.dir/cmake_clean.cmake +test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal +test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmp1d940 +test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmp43581 +test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmp692f0 +test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmp9a968 +test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmpb039e +test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmpcf343 +test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmpd8366 +test/CMakeFiles/ut_aos_process.dir/compiler_depend.make +test/CMakeFiles/ut_aos_process.dir/compiler_depend.make.tmp0109b +test/CMakeFiles/ut_aos_process.dir/compiler_depend.ts +test/CMakeFiles/ut_aos_process.dir/depend.make +test/CMakeFiles/ut_aos_process.dir/DependInfo.cmake +test/CMakeFiles/ut_aos_process.dir/flags.make +test/CMakeFiles/ut_aos_process.dir/link.txt +test/CMakeFiles/ut_aos_process.dir/progress.make +test/CMakeFiles/ut_aos_process.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_aos_process.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_aos_process.dir/core/shared_util.c.o +test/CMakeFiles/ut_aos_process.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_aos_process.dir/unit/ut_aos_process.c.gcda +test/CMakeFiles/ut_aos_process.dir/unit/ut_aos_process.c.gcno +test/CMakeFiles/ut_aos_process.dir/unit/ut_aos_process.c.o +test/CMakeFiles/ut_aos_process.dir/unit/ut_aos_process.c.o.d +test/CMakeFiles/ut_crypto.dir/build.make +test/CMakeFiles/ut_crypto.dir/cmake_clean.cmake +test/CMakeFiles/ut_crypto.dir/compiler_depend.internal +test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmp0e029 +test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmp9a785 +test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmp9c660 +test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmpd75d7 +test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmpf9940 +test/CMakeFiles/ut_crypto.dir/compiler_depend.make +test/CMakeFiles/ut_crypto.dir/compiler_depend.ts +test/CMakeFiles/ut_crypto.dir/depend.make +test/CMakeFiles/ut_crypto.dir/DependInfo.cmake +test/CMakeFiles/ut_crypto.dir/flags.make +test/CMakeFiles/ut_crypto.dir/link.txt +test/CMakeFiles/ut_crypto.dir/progress.make +test/CMakeFiles/ut_crypto.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_crypto.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_crypto.dir/core/shared_util.c.o +test/CMakeFiles/ut_crypto.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_crypto.dir/unit/ut_crypto.c.gcda +test/CMakeFiles/ut_crypto.dir/unit/ut_crypto.c.gcno +test/CMakeFiles/ut_crypto.dir/unit/ut_crypto.c.o +test/CMakeFiles/ut_crypto.dir/unit/ut_crypto.c.o.d +test/CMakeFiles/ut_crypto_config.dir/build.make +test/CMakeFiles/ut_crypto_config.dir/cmake_clean.cmake +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp1e991 +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp26782 +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp2f7d7 +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp34269 +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp7bb32 +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmpd62ff +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmpf0f8b +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.make +test/CMakeFiles/ut_crypto_config.dir/compiler_depend.ts +test/CMakeFiles/ut_crypto_config.dir/depend.make +test/CMakeFiles/ut_crypto_config.dir/DependInfo.cmake +test/CMakeFiles/ut_crypto_config.dir/flags.make +test/CMakeFiles/ut_crypto_config.dir/link.txt +test/CMakeFiles/ut_crypto_config.dir/progress.make +test/CMakeFiles/ut_crypto_config.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_crypto_config.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_crypto_config.dir/core/shared_util.c.o +test/CMakeFiles/ut_crypto_config.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_crypto_config.dir/unit/ut_crypto_config.c.gcda +test/CMakeFiles/ut_crypto_config.dir/unit/ut_crypto_config.c.gcno +test/CMakeFiles/ut_crypto_config.dir/unit/ut_crypto_config.c.o +test/CMakeFiles/ut_crypto_config.dir/unit/ut_crypto_config.c.o.d +test/CMakeFiles/ut_crypto_mc.dir/build.make +test/CMakeFiles/ut_crypto_mc.dir/cmake_clean.cmake +test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.internal +test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.internal.tmpad969 +test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.internal.tmpdadc6 +test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.make +test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.ts +test/CMakeFiles/ut_crypto_mc.dir/depend.make +test/CMakeFiles/ut_crypto_mc.dir/DependInfo.cmake +test/CMakeFiles/ut_crypto_mc.dir/flags.make +test/CMakeFiles/ut_crypto_mc.dir/link.txt +test/CMakeFiles/ut_crypto_mc.dir/progress.make +test/CMakeFiles/ut_crypto_mc.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_crypto_mc.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_crypto_mc.dir/core/shared_util.c.o +test/CMakeFiles/ut_crypto_mc.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_crypto_mc.dir/unit/ut_crypto_mc.c.gcda +test/CMakeFiles/ut_crypto_mc.dir/unit/ut_crypto_mc.c.gcno +test/CMakeFiles/ut_crypto_mc.dir/unit/ut_crypto_mc.c.o +test/CMakeFiles/ut_crypto_mc.dir/unit/ut_crypto_mc.c.o.d +test/CMakeFiles/ut_ep_key_validation.dir/build.make +test/CMakeFiles/ut_ep_key_validation.dir/cmake_clean.cmake +test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal +test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmp1a3de +test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmp8ca19 +test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmpb3f30 +test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmpbb088 +test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmpcaf94 +test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.make +test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.ts +test/CMakeFiles/ut_ep_key_validation.dir/depend.make +test/CMakeFiles/ut_ep_key_validation.dir/DependInfo.cmake +test/CMakeFiles/ut_ep_key_validation.dir/flags.make +test/CMakeFiles/ut_ep_key_validation.dir/link.txt +test/CMakeFiles/ut_ep_key_validation.dir/progress.make +test/CMakeFiles/ut_ep_key_validation.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_ep_key_validation.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_ep_key_validation.dir/core/shared_util.c.o +test/CMakeFiles/ut_ep_key_validation.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_ep_key_validation.dir/unit/ut_ep_key_validation.c.gcda +test/CMakeFiles/ut_ep_key_validation.dir/unit/ut_ep_key_validation.c.gcno +test/CMakeFiles/ut_ep_key_validation.dir/unit/ut_ep_key_validation.c.o +test/CMakeFiles/ut_ep_key_validation.dir/unit/ut_ep_key_validation.c.o.d +test/CMakeFiles/ut_mysql_m_tls_connection.dir/build.make +test/CMakeFiles/ut_mysql_m_tls_connection.dir/cmake_clean.cmake +test/CMakeFiles/ut_mysql_m_tls_connection.dir/compiler_depend.internal +test/CMakeFiles/ut_mysql_m_tls_connection.dir/compiler_depend.internal.tmpd2ee9 +test/CMakeFiles/ut_mysql_m_tls_connection.dir/compiler_depend.make +test/CMakeFiles/ut_mysql_m_tls_connection.dir/compiler_depend.ts +test/CMakeFiles/ut_mysql_m_tls_connection.dir/depend.make +test/CMakeFiles/ut_mysql_m_tls_connection.dir/DependInfo.cmake +test/CMakeFiles/ut_mysql_m_tls_connection.dir/flags.make +test/CMakeFiles/ut_mysql_m_tls_connection.dir/link.txt +test/CMakeFiles/ut_mysql_m_tls_connection.dir/progress.make +test/CMakeFiles/ut_mysql_m_tls_connection.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_mysql_m_tls_connection.dir/core/shared_util.c.o +test/CMakeFiles/ut_mysql_m_tls_connection.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_mysql_m_tls_connection.dir/unit/ut_mysql_m_tls_connection.c.gcno +test/CMakeFiles/ut_mysql_m_tls_connection.dir/unit/ut_mysql_m_tls_connection.c.o +test/CMakeFiles/ut_mysql_m_tls_connection.dir/unit/ut_mysql_m_tls_connection.c.o.d +test/CMakeFiles/ut_mysql_tls_connection.dir/build.make +test/CMakeFiles/ut_mysql_tls_connection.dir/cmake_clean.cmake +test/CMakeFiles/ut_mysql_tls_connection.dir/compiler_depend.internal +test/CMakeFiles/ut_mysql_tls_connection.dir/compiler_depend.internal.tmp5a860 +test/CMakeFiles/ut_mysql_tls_connection.dir/compiler_depend.make +test/CMakeFiles/ut_mysql_tls_connection.dir/compiler_depend.ts +test/CMakeFiles/ut_mysql_tls_connection.dir/depend.make +test/CMakeFiles/ut_mysql_tls_connection.dir/DependInfo.cmake +test/CMakeFiles/ut_mysql_tls_connection.dir/flags.make +test/CMakeFiles/ut_mysql_tls_connection.dir/link.txt +test/CMakeFiles/ut_mysql_tls_connection.dir/progress.make +test/CMakeFiles/ut_mysql_tls_connection.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_mysql_tls_connection.dir/core/shared_util.c.o +test/CMakeFiles/ut_mysql_tls_connection.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_mysql_tls_connection.dir/unit/ut_mysql_tls_connection.c.gcno +test/CMakeFiles/ut_mysql_tls_connection.dir/unit/ut_mysql_tls_connection.c.o +test/CMakeFiles/ut_mysql_tls_connection.dir/unit/ut_mysql_tls_connection.c.o.d +test/CMakeFiles/ut_sa_save.dir/build.make +test/CMakeFiles/ut_sa_save.dir/cmake_clean.cmake +test/CMakeFiles/ut_sa_save.dir/compiler_depend.internal +test/CMakeFiles/ut_sa_save.dir/compiler_depend.internal.tmp1c114 +test/CMakeFiles/ut_sa_save.dir/compiler_depend.internal.tmp3e9d5 +test/CMakeFiles/ut_sa_save.dir/compiler_depend.internal.tmpa1269 +test/CMakeFiles/ut_sa_save.dir/compiler_depend.make +test/CMakeFiles/ut_sa_save.dir/compiler_depend.ts +test/CMakeFiles/ut_sa_save.dir/depend.make +test/CMakeFiles/ut_sa_save.dir/DependInfo.cmake +test/CMakeFiles/ut_sa_save.dir/flags.make +test/CMakeFiles/ut_sa_save.dir/link.txt +test/CMakeFiles/ut_sa_save.dir/progress.make +test/CMakeFiles/ut_sa_save.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_sa_save.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_sa_save.dir/core/shared_util.c.o +test/CMakeFiles/ut_sa_save.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_sa_save.dir/unit/ut_sa_save.c.gcda +test/CMakeFiles/ut_sa_save.dir/unit/ut_sa_save.c.gcno +test/CMakeFiles/ut_sa_save.dir/unit/ut_sa_save.c.o +test/CMakeFiles/ut_sa_save.dir/unit/ut_sa_save.c.o.d +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/build.make +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/cmake_clean.cmake +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmp1d97b +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmp2bd6f +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmpbf2ef +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmpdf920 +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmpe4969 +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.make +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.ts +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/depend.make +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/DependInfo.cmake +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/flags.make +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/link.txt +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/progress.make +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/core/shared_util.c.o +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/unit/ut_sadb_err_cases_kmc_crypto.c.gcno +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/unit/ut_sadb_err_cases_kmc_crypto.c.o +test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/unit/ut_sadb_err_cases_kmc_crypto.c.o.d +test/CMakeFiles/ut_tc_apply.dir/build.make +test/CMakeFiles/ut_tc_apply.dir/cmake_clean.cmake +test/CMakeFiles/ut_tc_apply.dir/compiler_depend.internal +test/CMakeFiles/ut_tc_apply.dir/compiler_depend.internal.tmp8ecd9 +test/CMakeFiles/ut_tc_apply.dir/compiler_depend.internal.tmpcc9fb +test/CMakeFiles/ut_tc_apply.dir/compiler_depend.make +test/CMakeFiles/ut_tc_apply.dir/compiler_depend.ts +test/CMakeFiles/ut_tc_apply.dir/depend.make +test/CMakeFiles/ut_tc_apply.dir/DependInfo.cmake +test/CMakeFiles/ut_tc_apply.dir/flags.make +test/CMakeFiles/ut_tc_apply.dir/link.txt +test/CMakeFiles/ut_tc_apply.dir/progress.make +test/CMakeFiles/ut_tc_apply.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_tc_apply.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_tc_apply.dir/core/shared_util.c.o +test/CMakeFiles/ut_tc_apply.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_tc_apply.dir/unit/ut_tc_apply.c.gcda +test/CMakeFiles/ut_tc_apply.dir/unit/ut_tc_apply.c.gcno +test/CMakeFiles/ut_tc_apply.dir/unit/ut_tc_apply.c.o +test/CMakeFiles/ut_tc_apply.dir/unit/ut_tc_apply.c.o.d +test/CMakeFiles/ut_tc_process.dir/build.make +test/CMakeFiles/ut_tc_process.dir/cmake_clean.cmake +test/CMakeFiles/ut_tc_process.dir/compiler_depend.internal +test/CMakeFiles/ut_tc_process.dir/compiler_depend.internal.tmp0d844 +test/CMakeFiles/ut_tc_process.dir/compiler_depend.internal.tmp263c3 +test/CMakeFiles/ut_tc_process.dir/compiler_depend.internal.tmp5e58f +test/CMakeFiles/ut_tc_process.dir/compiler_depend.make +test/CMakeFiles/ut_tc_process.dir/compiler_depend.ts +test/CMakeFiles/ut_tc_process.dir/depend.make +test/CMakeFiles/ut_tc_process.dir/DependInfo.cmake +test/CMakeFiles/ut_tc_process.dir/flags.make +test/CMakeFiles/ut_tc_process.dir/link.txt +test/CMakeFiles/ut_tc_process.dir/progress.make +test/CMakeFiles/ut_tc_process.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_tc_process.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_tc_process.dir/core/shared_util.c.o +test/CMakeFiles/ut_tc_process.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_tc_process.dir/unit/ut_tc_process.c.gcda +test/CMakeFiles/ut_tc_process.dir/unit/ut_tc_process.c.gcno +test/CMakeFiles/ut_tc_process.dir/unit/ut_tc_process.c.o +test/CMakeFiles/ut_tc_process.dir/unit/ut_tc_process.c.o.d +test/CMakeFiles/ut_tm_apply.dir/build.make +test/CMakeFiles/ut_tm_apply.dir/cmake_clean.cmake +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmp3533b +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmp39698 +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmp643bc +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmpb2441 +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmpd8be5 +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmpff179 +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.make +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.make.tmp8ed4c +test/CMakeFiles/ut_tm_apply.dir/compiler_depend.ts +test/CMakeFiles/ut_tm_apply.dir/depend.make +test/CMakeFiles/ut_tm_apply.dir/DependInfo.cmake +test/CMakeFiles/ut_tm_apply.dir/flags.make +test/CMakeFiles/ut_tm_apply.dir/link.txt +test/CMakeFiles/ut_tm_apply.dir/progress.make +test/CMakeFiles/ut_tm_apply.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_tm_apply.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_tm_apply.dir/core/shared_util.c.o +test/CMakeFiles/ut_tm_apply.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_tm_apply.dir/unit/ut_tm_apply.c.gcda +test/CMakeFiles/ut_tm_apply.dir/unit/ut_tm_apply.c.gcno +test/CMakeFiles/ut_tm_apply.dir/unit/ut_tm_apply.c.o +test/CMakeFiles/ut_tm_apply.dir/unit/ut_tm_apply.c.o.d +test/CMakeFiles/ut_tm_process.dir/build.make +test/CMakeFiles/ut_tm_process.dir/cmake_clean.cmake +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp04d6f +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp43b22 +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp48038 +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp4b32f +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp5f062 +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp7859e +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmpce567 +test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmpf7073 +test/CMakeFiles/ut_tm_process.dir/compiler_depend.make +test/CMakeFiles/ut_tm_process.dir/compiler_depend.ts +test/CMakeFiles/ut_tm_process.dir/depend.make +test/CMakeFiles/ut_tm_process.dir/DependInfo.cmake +test/CMakeFiles/ut_tm_process.dir/flags.make +test/CMakeFiles/ut_tm_process.dir/link.txt +test/CMakeFiles/ut_tm_process.dir/progress.make +test/CMakeFiles/ut_tm_process.dir/core/shared_util.c.gcda +test/CMakeFiles/ut_tm_process.dir/core/shared_util.c.gcno +test/CMakeFiles/ut_tm_process.dir/core/shared_util.c.o +test/CMakeFiles/ut_tm_process.dir/core/shared_util.c.o.d +test/CMakeFiles/ut_tm_process.dir/unit/ut_tm_process.c.gcda +test/CMakeFiles/ut_tm_process.dir/unit/ut_tm_process.c.gcno +test/CMakeFiles/ut_tm_process.dir/unit/ut_tm_process.c.o +test/CMakeFiles/ut_tm_process.dir/unit/ut_tm_process.c.o.d +Testing/Temporary/CTestCheckpoint.txt +Testing/Temporary/CTestCostData.txt +Testing/Temporary/LastTest.log +Testing/Temporary/LastTest.log.tmp +Testing/Temporary/LastTestsFailed.log diff --git a/include/crypto.h b/include/crypto.h index 4af3c972..6945875e 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -270,6 +270,7 @@ extern char* crypto_deep_copy_string(char* src_string); */ // Data stores used in multiple components extern CCSDS_t sdls_frame; +extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // extern TM_t tm_frame; extern uint8_t tm_frame[1786]; extern TM_FramePrimaryHeader_t tm_frame_pri_hdr; @@ -294,7 +295,6 @@ extern SaInterface sa_if; extern CryptographyInterface cryptography_if; // extern crypto_key_t ak_ring[NUM_KEYS]; -extern CCSDS_t sdls_frame; extern SadbMariaDBConfig_t* sa_mariadb_config; extern GvcidManagedParameters_t* gvcid_managed_parameters; extern GvcidManagedParameters_t* current_managed_parameters; diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 65111bff..6352811e 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -164,7 +164,7 @@ typedef struct uint16_t kid : 16; // Key ID uint8_t iv[IV_SIZE]; // Key Initialization Vector uint8_t challenged[CHALLENGE_SIZE]; // Encrypted Challenge - uint8_t cmac[CHALLENGE_MAC_SIZE]; // Challenge Message Authentication Code + uint8_t mac[CHALLENGE_MAC_SIZE]; // Challenge Message Authentication Code } SDLS_KEYV_RPLY_BLK_t; #define SDLS_KEYV_RPLY_BLK_SIZE (sizeof(SDLS_KEYV_RPLY_BLK_t)) diff --git a/src/core/crypto.c b/src/core/crypto.c index 5a97b9e8..117d5c67 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -34,6 +34,8 @@ CFS_MODULE_DECLARE_LIB(crypto); */ // crypto_key_t ak_ring[NUM_KEYS]; CCSDS_t sdls_frame; +// SDLS Replies +SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // Reply block for challenged keys // TM_t tm_frame; uint8_t tm_frame[1786]; // Testing TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 6c7146de..99aa8eef 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -352,8 +352,6 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) // Local variables SDLS_KEYV_CMD_t packet; int pdu_keys = sdls_frame.pdu.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; - uint8_t iv_loc; - // uint8_t tmp_mac[MAC_SIZE]; int x; int y; int32_t status = CRYPTO_LIB_SUCCESS; @@ -394,41 +392,47 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) // length = pdu_len + HDR + PUS - 1 (per CCSDS Convention) sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE - 1; *count = Crypto_Prep_Reply(ingest, 128); + uint16_t pdu_data_idx = 0; for (x = 0; x < pdu_keys; x++) { // Key ID - ingest[*count += 1] = (packet.blk[x].kid & 0xFF00) >> 8; - ingest[*count += 1] = (packet.blk[x].kid & 0x00FF); + sdls_ep_keyv_reply.blk[x].kid = packet.blk[x].kid; + + sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; + pdu_data_idx += 1; + sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); + pdu_data_idx += 1; - uint16_t ekp_kid = ((packet.blk[x].kid & 0xFF00) >> 8) | (packet.blk[x].kid & 0x00FF); // Get Key - ekp = key_if->get_key(ekp_kid); + ekp = key_if->get_key(sdls_ep_keyv_reply.blk[x].kid); if (ekp == NULL) { return CRYPTO_LIB_ERR_KEY_ID_ERROR; } // Initialization Vector - iv_loc = *count; for (y = 0; y < SDLS_KEYV_IV_LEN; y++) { - ingest[*count] = *(tc_frame->tc_sec_header.iv + y); + sdls_frame.pdu.data[pdu_data_idx] = *(tc_frame->tc_sec_header.iv + y); + sdls_ep_keyv_reply.blk[x].iv[y] = *(tc_frame->tc_sec_header.iv + y); + pdu_data_idx += 1; *count += 1; } - ingest[*count - 1] = ingest[*count - 1] + x + 1; // Why are we incrementing IV by 1? Remove? + // ***** This increments the lowest bytes of the IVs so they aren't + sdls_ep_keyv_reply.blk[x].iv[11] = sdls_ep_keyv_reply.blk[x].iv[SDLS_KEYV_IV_LEN-1] + x + 1; // Encrypt challenge uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; - cryptography_if->cryptography_aead_encrypt(&(ingest[*count]), // ciphertext output + cryptography_if->cryptography_aead_encrypt(&(sdls_ep_keyv_reply.blk[x].challenged[0]), // ciphertext output (size_t)CHALLENGE_SIZE, // length of data &(packet.blk[x].challenge[0]), // plaintext input (size_t)CHALLENGE_SIZE, // in data length &(ekp->value[0]), // Key Index 32, // Key Length NULL, // SA Reference for key - &(ingest[iv_loc]), // IV + &(sdls_ep_keyv_reply.blk[x].iv[0]), // IV SDLS_KEYV_IV_LEN, // IV Length - &(ingest[(*count + CHALLENGE_SIZE)]), // MAC + &(sdls_ep_keyv_reply.blk[x].mac[0]), // MAC CHALLENGE_MAC_SIZE, // MAC Size NULL, 0, @@ -441,10 +445,37 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) ); *count += CHALLENGE_SIZE + CHALLENGE_MAC_SIZE; // Don't forget to increment count! + pdu_data_idx += CHALLENGE_SIZE + CHALLENGE_MAC_SIZE; } + + // SDLS TLV PDU + uint8_t header_byte = sdls_frame.pdu.type | sdls_frame.pdu.uf | sdls_frame.pdu.sg | sdls_frame.pdu.pid | sdls_frame.pdu.pdu_len; #ifdef PDU_DEBUG - printf("Crypto_Key_verify: Response is %d bytes \n", *count); + + printf("Header byte is: %02X", header_byte); + for ( int i = 0; i < pdu_keys; i++) + { + printf("\nKey Index %d Verification results:", i); + printf("\n\tKID: %04X", sdls_ep_keyv_reply.blk[i].kid); + printf("\n\tIV: "); + for (int j = 0; j < 12; j ++) // TODO + { + printf("%02X", sdls_ep_keyv_reply.blk[i].iv[j]); + } + printf("\n\tChallenged: "); + for (int j = 0; j < CHALLENGE_SIZE; j ++) + { + printf("%02X", sdls_ep_keyv_reply.blk[i].challenged[j]); + } + printf("\n\tMAC: "); + for (int j = 0; j < CHALLENGE_MAC_SIZE; j ++) + { + printf("%02X", sdls_ep_keyv_reply.blk[i].mac[j]); + } + + } + printf("\nCrypto_Key_verify: Response is %d bytes \n", *count); #endif return status; diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c index e71479df..48a5e995 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_validation.c @@ -389,7 +389,7 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "000000000000000000000001"; // The last valid IV that was seen by the SA + // Truth PDU 0880D03A006584005C0000000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF548E28857E00000000000000000000000002 char* buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; // |2003003e00| = Primary Header // |ff| = SPI @@ -406,8 +406,8 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // |0086| = Key ID (134) // |75c06302465bc6d5091a29957eebed35| = Challenge // |c00a6ed8| = Trailer - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_VERIFY_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_VERIFY_len = 0; + uint8_t *buffer_nist_key_b, *buffer_VERIFY_b = NULL; + int buffer_nist_key_len, buffer_VERIFY_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; @@ -426,9 +426,6 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) test_association->ecs = CRYPTO_CIPHER_NONE; test_association->est = 0; test_association->ast = 0; - test_association->iv_len = 12; - //test_association->shivf_len = 12; - test_association->stmacf_len = 16; test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw_len = 1; @@ -440,18 +437,14 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // Convert frames that will be processed hex_conversion(buffer_VERIFY_h, (char**) &buffer_VERIFY_b, &buffer_VERIFY_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect success on next valid IV && ARSN - printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); status = Crypto_TC_ProcessSecurity(buffer_VERIFY_b, &buffer_VERIFY_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); - free(buffer_nist_iv_b); free(buffer_nist_key_b); free(buffer_VERIFY_b); From bde446d819b71898c10846c6e03c7b01788b0a03 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 26 Sep 2024 17:07:06 +0000 Subject: [PATCH 095/241] [nasa/cryptolib#146] All MC unit tests --- src/core/crypto.c | 1 + src/core/crypto_mc.c | 9 +- test/CMakeLists.txt | 4 + test/include/ut_ep_mc.h | 35 ++++ test/unit/ut_ep_mc.c | 351 ++++++++++++++++++++++++++++++++++++++++ 5 files changed, 396 insertions(+), 4 deletions(-) create mode 100644 test/include/ut_ep_mc.h create mode 100644 test/unit/ut_ep_mc.c diff --git a/src/core/crypto.c b/src/core/crypto.c index 7368bedf..43caca55 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -568,6 +568,7 @@ int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) **/ int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest) { + // TODO: Not yet returning count int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.pid) { diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index d12e358d..54ed1cc7 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -54,7 +54,7 @@ int32_t Crypto_MC_status(uint8_t* ingest) // TODO: Update log_summary.rs; // Prepare for Reply - sdls_frame.pdu.pdu_len = 2; // 4 + sdls_frame.pdu.pdu_len = SDLS_MC_LOG_RPLY_SIZE; // 4 sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); @@ -79,13 +79,14 @@ int32_t Crypto_MC_status(uint8_t* ingest) **/ int32_t Crypto_MC_dump(uint8_t* ingest) { + // TODO: Fix Reply Size, same as key verification if(ingest == NULL) return CRYPTO_LIB_ERROR; int count = 0; int x; int y; // Prepare for Reply - sdls_frame.pdu.pdu_len = (log_count * 6); // SDLS_MC_DUMP_RPLY_SIZE + sdls_frame.pdu.pdu_len = SDLS_MC_DUMP_RPLY_SIZE; // SDLS_MC_DUMP_RPLY_SIZE sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); @@ -139,7 +140,7 @@ int32_t Crypto_MC_erase(uint8_t* ingest) log_summary.rs = LOG_SIZE; // Prepare for Reply - sdls_frame.pdu.pdu_len = 2; // 4 + sdls_frame.pdu.pdu_len = SDLS_MC_LOG_RPLY_SIZE; // 4 sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); @@ -166,7 +167,7 @@ int32_t Crypto_MC_selftest(uint8_t* ingest) // TODO: Perform test // Prepare for Reply - sdls_frame.pdu.pdu_len = 1; + sdls_frame.pdu.pdu_len = SDLS_MC_ST_RPLY_SIZE; sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 64ff3aa0..6426b190 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -57,6 +57,10 @@ add_test(NAME UT_TM_PROCESS COMMAND ${PROJECT_BINARY_DIR}/bin/ut_tm_process WORKING_DIRECTORY ${PROJECT_TEST_DIR}) +add_test(NAME UT_EP_MC + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_mc + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + if(NOT ${CRYPTO_WOLFSSL}) add_test(NAME UT_AES_GCM_SIV COMMAND ${PROJECT_BINARY_DIR}/bin/ut_aes_gcm_siv diff --git a/test/include/ut_ep_mc.h b/test/include/ut_ep_mc.h new file mode 100644 index 00000000..6c1c2448 --- /dev/null +++ b/test/include/ut_ep_mc.h @@ -0,0 +1,35 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +#ifndef CRYPTOLIB_UT_EP_MC_H +#define CRYPTOLIB_UT_EP_MC_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include "crypto.h" +#include "shared_util.h" +#include + +#ifdef __cplusplus +} /* Close scope of 'extern "C"' declaration which encloses file. */ +#endif + +#endif //CRYPTOLIB_UT_EP_MC_H \ No newline at end of file diff --git a/test/unit/ut_ep_mc.c b/test/unit/ut_ep_mc.c new file mode 100644 index 00000000..aef29710 --- /dev/null +++ b/test/unit/ut_ep_mc.c @@ -0,0 +1,351 @@ +#include "ut_ep_mc.h" +#include "crypto.h" +#include "crypto_error.h" +#include "sa_interface.h" +#include "utest.h" + +UTEST(EP_MC, MC_REGULAR_PING) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_PING_h = "2003001a00ff000100001880d2c70008197f0b00310000b1fe312855"; + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |0001| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d2c7| = seq, pktid + // |0008| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |0031| = PDU Tag + // |0000| = PDU Length + // |b1fe3128| = FSR + // |55| = Padding + + uint8_t *buffer_PING_b = NULL; + int buffer_PING_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 6 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_UNKEYED; + + // Convert frames that will be processed + hex_conversion(buffer_PING_h, (char**) &buffer_PING_b, &buffer_PING_len); + + status = Crypto_TC_ProcessSecurity(buffer_PING_b, &buffer_PING_len, &tc_nist_processed_frame); + //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ASSERT_EQ(9, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_PING_b); +} + +UTEST(EP_MC, MC_STATUS) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_STATUS_h = "2003001a00ff000100001880d2c70008197f0b00320000b1fe312855"; + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |0001| = + // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = + // |5555555| = + + uint8_t *buffer_STATUS_b = NULL; + int buffer_STATUS_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 6 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_UNKEYED; + + // Convert frames that will be processed + hex_conversion(buffer_STATUS_h, (char**) &buffer_STATUS_b, &buffer_STATUS_len); + + status = Crypto_TC_ProcessSecurity(buffer_STATUS_b, &buffer_STATUS_len, &tc_nist_processed_frame); + //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ASSERT_EQ(11, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_STATUS_b); +} + +UTEST(EP_MC, MC_DUMP) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_DUMP_h = "2003001a00ff000100001880d2c70008197f0b00330000b1fe312855"; + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |0001| = + // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = + // |5555555| = + + uint8_t *buffer_DUMP_b = NULL; + int buffer_DUMP_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 6 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_UNKEYED; + + // Convert frames that will be processed + hex_conversion(buffer_DUMP_h, (char**) &buffer_DUMP_b, &buffer_DUMP_len); + + status = Crypto_TC_ProcessSecurity(buffer_DUMP_b, &buffer_DUMP_len, &tc_nist_processed_frame); + //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ASSERT_GT(status, 0); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_DUMP_b); +} + +UTEST(EP_MC, MC_ERASE) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_ERASE_h = "2003001a00ff000100001880d2c70008197f0b00340000b1fe312855"; + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |0001| = + // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = + // |5555555| = + + uint8_t *buffer_ERASE_b = NULL; + int buffer_ERASE_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 6 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_UNKEYED; + + // Convert frames that will be processed + hex_conversion(buffer_ERASE_h, (char**) &buffer_ERASE_b, &buffer_ERASE_len); + + status = Crypto_TC_ProcessSecurity(buffer_ERASE_b, &buffer_ERASE_len, &tc_nist_processed_frame); + //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ASSERT_EQ(11, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_ERASE_b); +} + +UTEST(EP_MC, MC_SELF_TEST) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_SELF_h = "2003001a00ff000100001880d2c70008197f0b00350000b1fe312855"; + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |0001| = + // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = + // |5555555| = + + uint8_t *buffer_SELF_b = NULL; + int buffer_SELF_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 6 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_UNKEYED; + + // Convert frames that will be processed + hex_conversion(buffer_SELF_h, (char**) &buffer_SELF_b, &buffer_SELF_len); + + status = Crypto_TC_ProcessSecurity(buffer_SELF_b, &buffer_SELF_len, &tc_nist_processed_frame); + //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ASSERT_EQ(10, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_SELF_b); +} + +UTEST(EP_MC, MC_ALARM_FLAG_RESET) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char* buffer_ALARM_h = "2003001a00ff000100001880d2c70008197f0b00370000b1fe312855"; + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |0001| = + // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = + // |5555555| = + + uint8_t *buffer_ALARM_b = NULL; + int buffer_ALARM_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association; + + // Modify SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->shivf_len = 0; + + // Modify SA 6 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_UNKEYED; + + // Convert frames that will be processed + hex_conversion(buffer_ALARM_h, (char**) &buffer_ALARM_b, &buffer_ALARM_len); + + status = Crypto_TC_ProcessSecurity(buffer_ALARM_b, &buffer_ALARM_len, &tc_nist_processed_frame); + //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_ALARM_b); +} + +UTEST_MAIN() \ No newline at end of file From 125c8e33002147c1305ff2964c019e7d6c161c34 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 30 Sep 2024 20:12:10 +0000 Subject: [PATCH 096/241] [nasa/cryptolib#146] Fix segfault in MC EP unit tests, added debug prints --- src/core/crypto_config.c | 40 +++++++++++++++++++++------------------- src/core/crypto_mc.c | 17 ++++++++++++++--- test/unit/ut_ep_mc.c | 21 +++++++++++++++------ 3 files changed, 50 insertions(+), 28 deletions(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 5fee4b3a..a5bc5587 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -728,25 +728,27 @@ void Crypto_Local_Config(void) // Initial TM configuration // tm_frame.tm_sec_header.spi = 1; - // Initialize Log - log_summary.num_se = 2; - log_summary.rs = LOG_SIZE; - // Add a two messages to the log - log_summary.rs--; - mc_log.blk[log_count].emt = STARTUP_EID; - mc_log.blk[log_count].emv[0] = 0x4E; - mc_log.blk[log_count].emv[1] = 0x41; - mc_log.blk[log_count].emv[2] = 0x53; - mc_log.blk[log_count].emv[3] = 0x41; - mc_log.blk[log_count++].em_len = 4; - log_summary.rs--; - mc_log.blk[log_count].emt = STARTUP_EID; - mc_log.blk[log_count].emv[0] = 0x4E; - mc_log.blk[log_count].emv[1] = 0x41; - mc_log.blk[log_count].emv[2] = 0x53; - mc_log.blk[log_count].emv[3] = 0x41; - mc_log.blk[log_count++].em_len = 4; - + if (log_count == 0) + { + // Initialize Log + log_summary.num_se = 2; + log_summary.rs = LOG_SIZE; + // Add a two messages to the log + log_summary.rs--; + mc_log.blk[log_count].emt = STARTUP_EID; + mc_log.blk[log_count].emv[0] = 0x4E; + mc_log.blk[log_count].emv[1] = 0x41; + mc_log.blk[log_count].emv[2] = 0x53; + mc_log.blk[log_count].emv[3] = 0x41; + mc_log.blk[log_count++].em_len = 4; + log_summary.rs--; + mc_log.blk[log_count].emt = STARTUP_EID; + mc_log.blk[log_count].emv[0] = 0x4E; + mc_log.blk[log_count].emv[1] = 0x41; + mc_log.blk[log_count].emv[2] = 0x53; + mc_log.blk[log_count].emv[3] = 0x41; + mc_log.blk[log_count++].em_len = 4; + } } /** diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 54ed1cc7..c37a8991 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -86,20 +86,31 @@ int32_t Crypto_MC_dump(uint8_t* ingest) int y; // Prepare for Reply - sdls_frame.pdu.pdu_len = SDLS_MC_DUMP_RPLY_SIZE; // SDLS_MC_DUMP_RPLY_SIZE - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_frame.pdu.pdu_len = SDLS_MC_DUMP_RPLY_SIZE * log_count * 8; // SDLS_MC_DUMP_RPLY_SIZE + //sdls_frame.pdu.pdu_len = SDLS_MC_DUMP_BLK_RPLY_SIZE; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.pdu_len/8) + 9; count = Crypto_Prep_Reply(ingest, 128); // PDU for (x = 0; x < log_count; x++) { ingest[count++] = mc_log.blk[x].emt; - // ingest[count++] = (mc_log.blk[x].em_len & 0xFF00) >> 8; + ingest[count++] = (mc_log.blk[x].em_len & 0xFF00) >> 8; ingest[count++] = (mc_log.blk[x].em_len & 0x00FF); for (y = 0; y < EMV_SIZE; y++) { ingest[count++] = mc_log.blk[x].emv[y]; } +#ifdef PDU_DEBUG + printf("Log %d emt: 0x%02x\n", x, mc_log.blk[x].emt); + printf("Log %d em_len: 0x%04x\n", x, (mc_log.blk[x].em_len & 0xFFFF)); + printf("Log %d emv: 0x", x); + for (y = 0; y < EMV_SIZE; y++) + { + printf("%02x", mc_log.blk[x].emv[y]); + } + printf("\n\n"); +#endif } #ifdef PDU_DEBUG diff --git a/test/unit/ut_ep_mc.c b/test/unit/ut_ep_mc.c index aef29710..cf06db4c 100644 --- a/test/unit/ut_ep_mc.c +++ b/test/unit/ut_ep_mc.c @@ -143,12 +143,21 @@ UTEST(EP_MC, MC_DUMP) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext + // 0880d2c70039b300300a044e4153410a044e4153410a044e4153410a044e4153410a044e4153410a044e415341 char* buffer_DUMP_h = "2003001a00ff000100001880d2c70008197f0b00330000b1fe312855"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |0001| = - // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = - // |5555555| = + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |00010000| = Security Header + // |1880| = CryptoLib App ID + // |d2c7| = seq, packet id + // |0008| = packet length + // |197f| = pusv, ack, st + // |0b| = sst + // |0033| = PDU Tag + // |0000| = PDU Length + // |b1fe| + // |3128| + // |55| = Padding uint8_t *buffer_DUMP_b = NULL; int buffer_DUMP_len = 0; @@ -199,7 +208,7 @@ UTEST(EP_MC, MC_ERASE) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_ERASE_h = "2003001a00ff000100001880d2c70008197f0b00340000b1fe312855"; + char* buffer_ERASE_h = "2003001b00ff000100001880d2c70008197f0b00340000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs // |0001| = From a76fd9b48be9b335f4be0c84a21688ea9f52d37c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 30 Sep 2024 20:29:22 +0000 Subject: [PATCH 097/241] [nasa/cryptolib#146] Added packet breakdowns --- test/unit/ut_ep_mc.c | 66 ++++++++++++++++++++++++++++++++------------ 1 file changed, 49 insertions(+), 17 deletions(-) diff --git a/test/unit/ut_ep_mc.c b/test/unit/ut_ep_mc.c index cf06db4c..09f934de 100644 --- a/test/unit/ut_ep_mc.c +++ b/test/unit/ut_ep_mc.c @@ -88,11 +88,19 @@ UTEST(EP_MC, MC_STATUS) // NOTE: Added Transfer Frame header to the plaintext char* buffer_STATUS_h = "2003001a00ff000100001880d2c70008197f0b00320000b1fe312855"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |0001| = - // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = - // |5555555| = + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |00010000| = Security Header + // |1880| = CryptoLib App ID + // |d2c7| = seq, packet id + // |0008| = packet length + // |197f| = pusv, ack, st + // |0b| = sst + // |0032| = PDU Tag + // |0000| = PDU Length + // |b1fe| + // |3128| + // |55| = Padding uint8_t *buffer_STATUS_b = NULL; int buffer_STATUS_len = 0; @@ -208,12 +216,20 @@ UTEST(EP_MC, MC_ERASE) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_ERASE_h = "2003001b00ff000100001880d2c70008197f0b00340000b1fe312855"; + char* buffer_ERASE_h = "2003001a00ff000100001880d2c70008197f0b00340000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |0001| = - // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = - // |5555555| = + // |00010000| = Security Header + // |1880| = CryptoLib App ID + // |d2c7| = seq, packet id + // |0008| = packet length + // |197f| = pusv, ack, st + // |0b| = sst + // |0034| = PDU Tag + // |0000| = PDU Length + // |b1fe| + // |3128| + // |55| = Padding uint8_t *buffer_ERASE_b = NULL; int buffer_ERASE_len = 0; @@ -265,11 +281,19 @@ UTEST(EP_MC, MC_SELF_TEST) // NOTE: Added Transfer Frame header to the plaintext char* buffer_SELF_h = "2003001a00ff000100001880d2c70008197f0b00350000b1fe312855"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |0001| = - // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = - // |5555555| = + // |2003001a00| = Primary Header + // |ff| = Ext. Procs + // |00010000| = Security Header + // |1880| = CryptoLib App ID + // |d2c7| = seq, packet id + // |0008| = packet length + // |197f| = pusv, ack, st + // |0b| = sst + // |0035| = PDU Tag + // |0000| = PDU Length + // |b1fe| + // |3128| + // |55| = Padding uint8_t *buffer_SELF_b = NULL; int buffer_SELF_len = 0; @@ -323,9 +347,17 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) char* buffer_ALARM_h = "2003001a00ff000100001880d2c70008197f0b00370000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |0001| = - // |00000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b9743| = - // |5555555| = + // |00010000| = Security Header + // |1880| = CryptoLib App ID + // |d2c7| = seq, packet id + // |0008| = packet length + // |197f| = pusv, ack, st + // |0b| = sst + // |0037| = PDU Tag + // |0000| = PDU Length + // |b1fe| + // |3128| + // |55| = Padding uint8_t *buffer_ALARM_b = NULL; int buffer_ALARM_len = 0; From 02ba2b6f0695b7f0e79f919a2a67c672f38d496a Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 1 Oct 2024 18:15:43 +0000 Subject: [PATCH 098/241] [nasa/cryptolib#146] Handle pdu_len as bits --- src/core/crypto_mc.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index c37a8991..95c1d38b 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -54,8 +54,8 @@ int32_t Crypto_MC_status(uint8_t* ingest) // TODO: Update log_summary.rs; // Prepare for Reply - sdls_frame.pdu.pdu_len = SDLS_MC_LOG_RPLY_SIZE; // 4 - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_frame.pdu.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; // 4 + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.pdu_len / 8) + 9; count = Crypto_Prep_Reply(ingest, 128); // PDU @@ -88,7 +88,7 @@ int32_t Crypto_MC_dump(uint8_t* ingest) // Prepare for Reply sdls_frame.pdu.pdu_len = SDLS_MC_DUMP_RPLY_SIZE * log_count * 8; // SDLS_MC_DUMP_RPLY_SIZE //sdls_frame.pdu.pdu_len = SDLS_MC_DUMP_BLK_RPLY_SIZE; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.pdu_len/8) + 9; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.pdu_len / 8) + 9; count = Crypto_Prep_Reply(ingest, 128); // PDU @@ -151,8 +151,8 @@ int32_t Crypto_MC_erase(uint8_t* ingest) log_summary.rs = LOG_SIZE; // Prepare for Reply - sdls_frame.pdu.pdu_len = SDLS_MC_LOG_RPLY_SIZE; // 4 - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_frame.pdu.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; // 4 + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.pdu_len / 8) + 9; count = Crypto_Prep_Reply(ingest, 128); // PDU @@ -178,8 +178,8 @@ int32_t Crypto_MC_selftest(uint8_t* ingest) // TODO: Perform test // Prepare for Reply - sdls_frame.pdu.pdu_len = SDLS_MC_ST_RPLY_SIZE; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_frame.pdu.pdu_len = SDLS_MC_ST_RPLY_SIZE * 8; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.pdu_len / 8) + 9; count = Crypto_Prep_Reply(ingest, 128); ingest[count++] = result; @@ -204,8 +204,8 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest) spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; // Prepare for Reply - sdls_frame.pdu.pdu_len = 2 + IV_SIZE; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_frame.pdu.pdu_len = (2 + IV_SIZE) * 8; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.pdu_len / 8) + 9; count = Crypto_Prep_Reply(ingest, 128); // Write SPI to reply From 993237fa4cd466f2f38c72df9d07ee35a9ec0e86 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Wed, 2 Oct 2024 15:02:46 -0400 Subject: [PATCH 099/241] [nasa\cryptolib#147] WIP... troubleshooting SDLS EP Replies --- include/crypto.h | 5 +- include/crypto_print.h | 2 +- include/crypto_structs.h | 20 +-- src/core/crypto.c | 166 +++++++++--------- src/core/crypto_key_mgmt.c | 136 +++++++++----- src/core/crypto_mc.c | 26 +-- src/core/crypto_print.c | 48 ++--- src/core/crypto_user.c | 18 +- ...ryptography_interface_libgcrypt.template.c | 10 +- .../cryptography_interface_wolfssl.template.c | 8 +- .../internal/sa_interface_inmemory.template.c | 98 +++++------ test/unit/ut_crypto.c | 88 +++++----- 12 files changed, 339 insertions(+), 286 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 6945875e..6303e15c 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -215,7 +215,7 @@ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, int32_t Crypto_Key_OTAR(void); int32_t Crypto_Key_update(uint8_t state); int32_t Crypto_Key_inventory(uint8_t* , int*); -int32_t Crypto_Key_verify(uint8_t* , TC_t* tc_frame, int*); +int32_t Crypto_Key_verify(TC_t* tc_frame, int*); // Security Monitoring & Control Procedure int32_t Crypto_MC_ping(uint8_t* ingest); @@ -269,8 +269,9 @@ extern char* crypto_deep_copy_string(char* src_string); ** Extern Global Variables */ // Data stores used in multiple components -extern CCSDS_t sdls_frame; +extern CCSDS_t sdls_resp_pkt; extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; +extern uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; // extern TM_t tm_frame; extern uint8_t tm_frame[1786]; extern TM_FramePrimaryHeader_t tm_frame_pri_hdr; diff --git a/include/crypto_print.h b/include/crypto_print.h index 8e6e299a..bd66add0 100644 --- a/include/crypto_print.h +++ b/include/crypto_print.h @@ -32,7 +32,7 @@ void Crypto_tcPrint(TC_t* tc_frame); void Crypto_tmPrint(TM_t* tm_frame); void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw); void Crypto_fsrPrint(SDLS_FSR_t* report); -void Crypto_ccsdsPrint(CCSDS_t* sdls_frame); +void Crypto_ccsdsPrint(CCSDS_t* sdls_resp_pkt); void Crypto_saPrint(SecurityAssociation_t* sa); void Crypto_hexprint(const void* c, size_t n); void Crypto_binprint(void* c, size_t n); diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 6352811e..cb31e6c2 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -105,7 +105,13 @@ typedef struct uint8_t uf : 1; // User Flag uint8_t sg : 2; // Service Group Field uint8_t pid : 4; // Procedure Identification Field - uint16_t pdu_len : 16; // EP Data Field Length - BITS + uint16_t pdu_len; // EP Data Field Length - BITS +} SDLS_TLV_Hdr_t; +#define SDLS_TLV_HDR_SIZE (sizeof(SDLS_TLV_Hdr_t)) + +typedef struct +{ + SDLS_TLV_Hdr_t hdr; uint8_t data[TLV_DATA_SIZE]; } SDLS_TLV_t; #define SDLS_TLV_SIZE (sizeof(SDLS_TLV_t)) @@ -155,7 +161,7 @@ typedef struct typedef struct { - SDLS_KEYV_CMD_BLK_t blk[SDLS_KEYV_MAX_KEYS]; // Key Verification Command Block + SDLS_KEYV_CMD_BLK_t blk[29]; // Key Verification Command Block } SDLS_KEYV_CMD_t; #define SDLS_KEYV_CMD_SIZE (sizeof(SDLS_KEYV_CMD_t)) @@ -170,7 +176,7 @@ typedef struct typedef struct { - SDLS_KEYV_RPLY_BLK_t blk[SDLS_KEYV_MAX_KEYS]; // Key Verification Reply Block + SDLS_KEYV_RPLY_BLK_t blk[29]; // Key Verification Reply Block } SDLS_KEYV_RPLY_t; #define SDLS_KEYV_RPLY_SIZE (sizeof(SDLS_KEYV_RPLY_t)) @@ -312,14 +318,6 @@ typedef struct } CCSDS_PUS_t; #define CCSDS_PUS_SIZE (sizeof(CCSDS_PUS_t)) -/* unused? -typedef struct -{ - uint8_t CmdHeader[CFE_SB_CMD_HDR_SIZE]; - -} Crypto_NoArgsCmd_t; -*/ - typedef struct { CCSDS_HDR_t hdr; diff --git a/src/core/crypto.c b/src/core/crypto.c index 117d5c67..c4711afa 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -33,9 +33,10 @@ CFS_MODULE_DECLARE_LIB(crypto); ** Global Variables */ // crypto_key_t ak_ring[NUM_KEYS]; -CCSDS_t sdls_frame; +CCSDS_t sdls_resp_pkt; // SDLS Replies SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // Reply block for challenged keys +uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; // TM_t tm_frame; uint8_t tm_frame[1786]; // Testing TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication @@ -259,44 +260,47 @@ int32_t Crypto_compare_less_equal(uint8_t* actual, uint8_t* expected, int length /** * @brief Function: Crypto_Prep_Reply * Assumes that both the pkt_length and pdu_len are set properly - * @param ingest: uint8_t* + * @param reply: uint8_t* * @param appID: uint8 * @return uint8: Count **/ -uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID) +uint8_t Crypto_Prep_Reply(uint8_t* reply, uint8_t appID) { uint8_t count = 0; - if (ingest == NULL) + if (reply == NULL) return count; // Prepare CCSDS for reply - sdls_frame.hdr.pvn = 0; - sdls_frame.hdr.type = 0; - sdls_frame.hdr.shdr = 1; - sdls_frame.hdr.appID = appID; - - sdls_frame.pdu.type = 1; - - // Fill ingest with reply header - ingest[count++] = (sdls_frame.hdr.pvn << 5) | (sdls_frame.hdr.type << 4) | (sdls_frame.hdr.shdr << 3) | - ((sdls_frame.hdr.appID & 0x700 >> 8)); - ingest[count++] = (sdls_frame.hdr.appID & 0x00FF); - ingest[count++] = (sdls_frame.hdr.seq << 6) | ((sdls_frame.hdr.pktid & 0x3F00) >> 8); - ingest[count++] = (sdls_frame.hdr.pktid & 0x00FF); - ingest[count++] = (sdls_frame.hdr.pkt_length & 0xFF00) >> 8; - ingest[count++] = (sdls_frame.hdr.pkt_length & 0x00FF); - - // Fill ingest with PUS - // ingest[count++] = (sdls_frame.pus.shf << 7) | (sdls_frame.pus.pusv << 4) | (sdls_frame.pus.ack); - // ingest[count++] = (sdls_frame.pus.st); - // ingest[count++] = (sdls_frame.pus.sst); - // ingest[count++] = (sdls_frame.pus.sid << 4) | (sdls_frame.pus.spare); - - // Fill ingest with Tag and Length - ingest[count++] = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | (sdls_frame.pdu.pid); - ingest[count++] = (sdls_frame.pdu.pdu_len & 0xFF00) >> 8; - ingest[count++] = (sdls_frame.pdu.pdu_len & 0x00FF); + sdls_resp_pkt.hdr.pvn = 0; + sdls_resp_pkt.hdr.type = 0; + sdls_resp_pkt.hdr.shdr = 1; + sdls_resp_pkt.hdr.appID = appID; + + sdls_resp_pkt.hdr.type = 1; + + // Fill reply with reply header + reply[count++] = (sdls_resp_pkt.hdr.pvn << 5) | (sdls_resp_pkt.hdr.type << 4) | (sdls_resp_pkt.hdr.shdr << 3) | + ((sdls_resp_pkt.hdr.appID & 0x700 >> 8)); + reply[count++] = (sdls_resp_pkt.hdr.appID & 0x00FF); + reply[count++] = (sdls_resp_pkt.hdr.seq << 6) | ((sdls_resp_pkt.hdr.pktid & 0x3F00) >> 8); + reply[count++] = (sdls_resp_pkt.hdr.pktid & 0x00FF); + reply[count++] = (sdls_resp_pkt.hdr.pkt_length & 0xFF00) >> 8; + reply[count++] = (sdls_resp_pkt.hdr.pkt_length & 0x00FF); + + if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + { + // Fill reply with PUS + reply[count++] = (sdls_resp_pkt.pus.shf << 7) | (sdls_resp_pkt.pus.pusv << 4) | (sdls_resp_pkt.pus.ack); + reply[count++] = (sdls_resp_pkt.pus.st); + reply[count++] = (sdls_resp_pkt.pus.sst); + reply[count++] = (sdls_resp_pkt.pus.sid << 4) | (sdls_resp_pkt.pus.spare); + } + + // Fill reply with Tag and Length + reply[count++] = + (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | (sdls_resp_pkt.pdu.hdr.pid); + reply[count++] = (sdls_resp_pkt.pdu.hdr.pdu_len & 0xFF00) >> 8; + reply[count++] = (sdls_resp_pkt.pdu.hdr.pdu_len & 0x00FF); return count; } @@ -435,16 +439,16 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) printf("In Crypto PDU\n"); - switch (sdls_frame.pdu.type) + switch (sdls_resp_pkt.hdr.type) { case 0: // Command - switch (sdls_frame.pdu.uf) + switch (sdls_resp_pkt.pdu.hdr.uf) { case 0: // CCSDS Defined Command - switch (sdls_frame.pdu.sg) + switch (sdls_resp_pkt.pdu.hdr.sg) { case SG_KEY_MGMT: // Key Management Procedure - switch (sdls_frame.pdu.pid) + switch (sdls_resp_pkt.pdu.hdr.pid) { case PID_OTAR: #ifdef PDU_DEBUG @@ -468,7 +472,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) #ifdef PDU_DEBUG printf(KGRN "Key Verify\n" RESET); #endif - status = Crypto_Key_verify(ingest, tc_frame, count_ptr); + status = Crypto_Key_verify(tc_frame, count_ptr); break; case PID_KEY_DESTRUCTION: #ifdef PDU_DEBUG @@ -489,7 +493,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) } break; case SG_SA_MGMT: // Security Association Management Procedure - switch (sdls_frame.pdu.pid) + switch (sdls_resp_pkt.pdu.hdr.pid) { case PID_CREATE_SA: #ifdef PDU_DEBUG @@ -557,7 +561,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) } break; case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure - switch (sdls_frame.pdu.pid) + switch (sdls_resp_pkt.pdu.hdr.pid) { case PID_PING: #ifdef PDU_DEBUG @@ -607,10 +611,10 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) break; case 1: // User Defined Command - switch (sdls_frame.pdu.sg) + switch (sdls_resp_pkt.pdu.hdr.sg) { default: - switch (sdls_frame.pdu.pid) + switch (sdls_resp_pkt.pdu.hdr.pid) { case 0: // Idle Frame Trigger #ifdef PDU_DEBUG @@ -676,18 +680,18 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) printf("Status: %d\nCount: %d\n", status, *count_ptr); -#ifdef CCSDS_DEBUG - int x; - if ((status == 0) && (*count_ptr > 0) && (ingest != NULL)) - { - printf(KMAG "CCSDS message put on software bus: 0x" RESET); - for (x = 0; x < *count_ptr; x++) - { - printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); - } - printf("\n"); - } -#endif +// #ifdef CCSDS_DEBUG +// int x; +// if ((status == 0) && (*count_ptr > 0) && (ingest != NULL)) +// { +// printf(KMAG "CCSDS message put on software bus: 0x" RESET); +// for (x = 0; x < *count_ptr; x++) +// { +// printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); +// } +// printf("\n"); +// } +// #endif return status; } @@ -796,38 +800,38 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin printf(KGRN "Received SDLS command: " RESET); #endif // CCSDS Header - sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; - sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; - sdls_frame.hdr.appID = + sdls_resp_pkt.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; + sdls_resp_pkt.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; + sdls_resp_pkt.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; + sdls_resp_pkt.hdr.appID = ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; - sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; - sdls_frame.hdr.pktid = + sdls_resp_pkt.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; + sdls_resp_pkt.hdr.pktid = ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; - sdls_frame.hdr.pkt_length = (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + sdls_resp_pkt.hdr.pkt_length = (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; // CCSDS PUS - sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; - sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; - sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); - sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; - sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; - sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; - sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); + sdls_resp_pkt.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; + sdls_resp_pkt.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; + sdls_resp_pkt.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); + sdls_resp_pkt.pus.st = tc_sdls_processed_frame->tc_pdu[7]; + sdls_resp_pkt.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; + sdls_resp_pkt.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; + sdls_resp_pkt.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); // SDLS TLV PDU - sdls_frame.pdu.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + sdls_resp_pkt.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; + sdls_resp_pkt.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_resp_pkt.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_resp_pkt.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_resp_pkt.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + for (x = 13; x < (13 + sdls_resp_pkt.hdr.pkt_length); x++) { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + sdls_resp_pkt.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; } #ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); + Crypto_ccsdsPrint(&sdls_resp_pkt); #endif // Determine type of PDU @@ -841,20 +845,20 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU - sdls_frame.pdu.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; - sdls_frame.pdu.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; - sdls_frame.pdu.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; - sdls_frame.pdu.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); - sdls_frame.pdu.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; + sdls_resp_pkt.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; + sdls_resp_pkt.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; + sdls_resp_pkt.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; + sdls_resp_pkt.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); + sdls_resp_pkt.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; for (x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) { // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely // fails. Must consider Uplink Sessions (sequence numbers). - sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; + sdls_resp_pkt.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; } #ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); + Crypto_ccsdsPrint(&sdls_resp_pkt); #endif // Determine type of PDU diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 99aa8eef..27136e3f 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -44,12 +44,13 @@ int32_t Crypto_Key_OTAR(void) int x = 0; int y; int32_t status = CRYPTO_LIB_SUCCESS; - int pdu_keys = (sdls_frame.pdu.pdu_len - 30) / (2 + 32); + // uint16_t pdu_len = (uint16_t) sdls_resp_pkt.pdu.hdr.pdu_len[1] << 8 | sdls_resp_pkt.pdu.hdr.pdu_len[0]; + int pdu_keys = (sdls_resp_pkt.pdu.hdr.pdu_len - 30) / (2 + 32); int w; crypto_key_t* ekp = NULL; printf("# PDU Keys: %d\n", pdu_keys); // Master Key ID - packet.mkid = (sdls_frame.pdu.data[0] << 8) | (sdls_frame.pdu.data[1]); + packet.mkid = (sdls_resp_pkt.pdu.data[0] << 8) | (sdls_resp_pkt.pdu.data[1]); printf("MKID: %d\n", packet.mkid); if (packet.mkid >= 128) { @@ -72,14 +73,14 @@ int32_t Crypto_Key_OTAR(void) for (count = 2; count < (2 + 12); count++) { // Initialization Vector - packet.iv[count - 2] = sdls_frame.pdu.data[count]; + packet.iv[count - 2] = sdls_resp_pkt.pdu.data[count]; //printf("packet.iv[%d] = 0x%02x\n", count-2, packet.iv[count-2]); } - count = sdls_frame.pdu.pdu_len - MAC_SIZE; + count = sdls_resp_pkt.pdu.hdr.pdu_len - MAC_SIZE; for (w = 0; w < 16; w++) { // MAC - packet.mac[w] = sdls_frame.pdu.data[count + w]; + packet.mac[w] = sdls_resp_pkt.pdu.data[count + w]; //printf("packet.mac[%d] = 0x%02x\n", w, packet.mac[w]); } @@ -90,7 +91,7 @@ int32_t Crypto_Key_OTAR(void) } uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; - status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output + status = cryptography_if->cryptography_aead_decrypt(&(sdls_resp_pkt.pdu.data[14]), // plaintext output (size_t)(pdu_keys * (2 + 32)), // length of data NULL, // in place decryption 0, // in data length @@ -114,7 +115,7 @@ int32_t Crypto_Key_OTAR(void) // Read in Decrypted Data for (count = 14; x < pdu_keys; x++) { // Encrypted Key Blocks - packet.EKB[x].ekid = (sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]); + packet.EKB[x].ekid = (sdls_resp_pkt.pdu.data[count] << 8) | (sdls_resp_pkt.pdu.data[count + 1]); if (packet.EKB[x].ekid < 128) { report.af = 1; @@ -145,12 +146,12 @@ int32_t Crypto_Key_OTAR(void) for (y = count; y < (32 + count); y++) { // Encrypted Key - packet.EKB[x].ek[y - count] = sdls_frame.pdu.data[y]; + packet.EKB[x].ek[y - count] = sdls_resp_pkt.pdu.data[y]; #ifdef SA_DEBUG printf("\t packet.EKB[%d].ek[%d] = 0x%02x\n", x, y - count, packet.EKB[x].ek[y - count]); #endif // Setup Key Ring - ekp->value[y - count] = sdls_frame.pdu.data[y]; + ekp->value[y - count] = sdls_resp_pkt.pdu.data[y]; } count = count + 32; @@ -184,7 +185,7 @@ int32_t Crypto_Key_update(uint8_t state) { // Local variables SDLS_KEY_BLK_t packet; int count = 0; - int pdu_keys = sdls_frame.pdu.pdu_len / 2; + int pdu_keys = sdls_resp_pkt.pdu.hdr.pdu_len / 2; int32_t status; crypto_key_t* ekp = NULL; int x; @@ -201,7 +202,7 @@ int32_t Crypto_Key_update(uint8_t state) // Read in PDU for (x = 0; x < pdu_keys; x++) { - packet.kblk[x].kid = (sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]); + packet.kblk[x].kid = (sdls_resp_pkt.pdu.data[count] << 8) | (sdls_resp_pkt.pdu.data[count + 1]); count = count + 2; #ifdef PDU_DEBUG if (x != (pdu_keys - 1)) @@ -312,15 +313,15 @@ int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) } // Read in PDU - packet.kid_first = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); + packet.kid_first = ((uint8_t)sdls_resp_pkt.pdu.data[*count] << 8) | ((uint8_t)sdls_resp_pkt.pdu.data[*count + 1]); *count = *count + 2; - packet.kid_last = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); + packet.kid_last = ((uint8_t)sdls_resp_pkt.pdu.data[*count] << 8) | ((uint8_t)sdls_resp_pkt.pdu.data[*count + 1]); *count = *count + 2; // Prepare for Reply range = packet.kid_last - packet.kid_first; - sdls_frame.pdu.pdu_len = 2 + (range * (2 + 1)); - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = 2 + (range * (2 + 1)); + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; *count = Crypto_Prep_Reply(ingest, 128); ingest[*count += 1] = (range & 0xFF00) >> 8; ingest[*count += 1] = (range & 0x00FF); @@ -343,15 +344,14 @@ int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) /** * @brief Function: Crypto_Key_verify - * @param ingest: uint8_t* * @param tc_frame: TC_t* * @return int32: count **/ -int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) +int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) { // Local variables SDLS_KEYV_CMD_t packet; - int pdu_keys = sdls_frame.pdu.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; + int pdu_keys = sdls_resp_pkt.pdu.hdr.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; int x; int y; int32_t status = CRYPTO_LIB_SUCCESS; @@ -371,15 +371,15 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) for (x = 0; x < pdu_keys; x++) { // Key ID - packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); + packet.blk[x].kid = ((uint8_t)sdls_resp_pkt.pdu.data[*count] << 8) | ((uint8_t)sdls_resp_pkt.pdu.data[*count + 1]); *count += 2; #ifdef PDU_DEBUG - printf("Crypto_Key_verify: Block %d Key ID is %d \n", x, packet.blk[x].kid); + printf("\tCrypto_Key_verify: Block %d Key ID is %d ", x, packet.blk[x].kid); #endif // Key Challenge for (y = 0; y < CHALLENGE_SIZE; y++) { - packet.blk[x].challenge[y] = sdls_frame.pdu.data[*count]; + packet.blk[x].challenge[y] = sdls_resp_pkt.pdu.data[*count]; *count += 1; } #ifdef PDU_DEBUG @@ -388,20 +388,43 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) } // Prepare for Reply - sdls_frame.pdu.pdu_len = pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_KEYV_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE); + sdls_resp_pkt.pdu.hdr.pdu_len = pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_KEYV_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * 8; + // length = pdu_len + HDR + PUS - 1 (per CCSDS Convention) - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE - 1; - *count = Crypto_Prep_Reply(ingest, 128); - uint16_t pdu_data_idx = 0; + if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + { + printf("HAS PUS! :)\n"); + sdls_resp_pkt.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_resp_pkt.pdu.hdr.pdu_len/8) - 1; + printf("TOTAL LENGTH IS: %d\n", sdls_resp_pkt.hdr.pkt_length); + printf("PUS LENGTH IS %ld\n", CCSDS_PUS_SIZE); + printf("CCSDS_HDR_SIZE IS %ld\n", CCSDS_HDR_SIZE); + printf("TLV_HDR_SIZE IS %ld\n", SDLS_TLV_HDR_SIZE); + printf("PDU length: Bits %d, bytes: %d\n", sdls_resp_pkt.pdu.hdr.pdu_len, (sdls_resp_pkt.pdu.hdr.pdu_len/8)); + + } + else + { + printf("NO HAS PUS :(\n"); + sdls_resp_pkt.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_resp_pkt.pdu.hdr.pdu_len/8) - 1; + printf("PDU length: Bits %d, bytes: %d\n", sdls_resp_pkt.pdu.hdr.pdu_len, (sdls_resp_pkt.pdu.hdr.pdu_len/8)); + } + + *count = Crypto_Prep_Reply(sdls_ep_reply, 128); + uint16_t pdu_data_idx = *count; + for (x = 0; x < pdu_keys; x++) { // Key ID sdls_ep_keyv_reply.blk[x].kid = packet.blk[x].kid; - sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; + sdls_resp_pkt.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; + sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; pdu_data_idx += 1; - sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); + + sdls_resp_pkt.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); + sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); pdu_data_idx += 1; + *count += 2; // Get Key ekp = key_if->get_key(sdls_ep_keyv_reply.blk[x].kid); @@ -413,13 +436,16 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) // Initialization Vector for (y = 0; y < SDLS_KEYV_IV_LEN; y++) { - sdls_frame.pdu.data[pdu_data_idx] = *(tc_frame->tc_sec_header.iv + y); + sdls_resp_pkt.pdu.data[pdu_data_idx] = *(tc_frame->tc_sec_header.iv + y); sdls_ep_keyv_reply.blk[x].iv[y] = *(tc_frame->tc_sec_header.iv + y); + sdls_ep_reply[pdu_data_idx] = *(tc_frame->tc_sec_header.iv + y); pdu_data_idx += 1; *count += 1; } - // ***** This increments the lowest bytes of the IVs so they aren't + // ***** This increments the lowest bytes of the IVs so they aren't identical + sdls_resp_pkt.pdu.data[pdu_data_idx-1] = sdls_resp_pkt.pdu.data[pdu_data_idx-1] + x + 1; sdls_ep_keyv_reply.blk[x].iv[11] = sdls_ep_keyv_reply.blk[x].iv[SDLS_KEYV_IV_LEN-1] + x + 1; + sdls_ep_reply[pdu_data_idx-1] = sdls_ep_reply[pdu_data_idx-1] + x + 1; // Encrypt challenge uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; @@ -428,7 +454,7 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) &(packet.blk[x].challenge[0]), // plaintext input (size_t)CHALLENGE_SIZE, // in data length &(ekp->value[0]), // Key Index - 32, // Key Length + 32, // Key Length NULL, // SA Reference for key &(sdls_ep_keyv_reply.blk[x].iv[0]), // IV SDLS_KEYV_IV_LEN, // IV Length @@ -436,30 +462,35 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) CHALLENGE_MAC_SIZE, // MAC Size NULL, 0, - CRYPTO_TRUE, // Encrypt - CRYPTO_TRUE, // Authenticate + CRYPTO_TRUE, // Encrypt + CRYPTO_TRUE, // Authenticate CRYPTO_FALSE, // AAD &ecs, // encryption cipher - NULL, // authentication cipher - NULL // cam_cookies + NULL, // authentication cipher + NULL // cam_cookies ); + // Copy from the KEYV Blocks into the output PDU + memcpy(&sdls_resp_pkt.pdu.data[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].challenged[0]), CHALLENGE_SIZE); + memcpy(&sdls_ep_reply[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].challenged[0]), CHALLENGE_SIZE); + pdu_data_idx += CHALLENGE_SIZE; + + memcpy(&sdls_resp_pkt.pdu.data[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].mac[0]), CHALLENGE_MAC_SIZE); + memcpy(&sdls_ep_reply[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].mac[0]), CHALLENGE_MAC_SIZE); + pdu_data_idx += CHALLENGE_MAC_SIZE; + *count += CHALLENGE_SIZE + CHALLENGE_MAC_SIZE; // Don't forget to increment count! - pdu_data_idx += CHALLENGE_SIZE + CHALLENGE_MAC_SIZE; } - - // SDLS TLV PDU - uint8_t header_byte = sdls_frame.pdu.type | sdls_frame.pdu.uf | sdls_frame.pdu.sg | sdls_frame.pdu.pid | sdls_frame.pdu.pdu_len; #ifdef PDU_DEBUG - - printf("Header byte is: %02X", header_byte); + + /* Easy to read debug block for verified keys */ for ( int i = 0; i < pdu_keys; i++) { printf("\nKey Index %d Verification results:", i); printf("\n\tKID: %04X", sdls_ep_keyv_reply.blk[i].kid); printf("\n\tIV: "); - for (int j = 0; j < 12; j ++) // TODO + for (int j = 0; j < SDLS_KEYV_IV_LEN; j ++) { printf("%02X", sdls_ep_keyv_reply.blk[i].iv[j]); } @@ -475,8 +506,27 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame, int* count) } } - printf("\nCrypto_Key_verify: Response is %d bytes \n", *count); + printf("\n\nCrypto_Key_Verify: Response is %d bytes \n", *count); + + printf("\nPrinting NEW SDLS response packet:\n\t"); + for (uint16_t idx = 0; idx < *count; idx++) + { + printf("%02X", sdls_ep_reply[idx]); + } + printf("\n"); + + #endif return status; -} \ No newline at end of file +} + + +// 1010EB406500927F0B00415C00 < 13 bytes. for why? + +// 415C00 < wrong PDU header + +// 1010EB406500927F0B00 + +// Data length = 92 (0x5C) +// 0084000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF548E2885008600000000000000000000000275C47F30CA26E64AF30C19EBFFE0B314849133E138AC65BC2806E520A90C96A8 diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index d12e358d..77d1baca 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -34,8 +34,8 @@ int32_t Crypto_MC_ping(uint8_t* ingest) int count = 0; // Prepare for Reply - sdls_frame.pdu.pdu_len = 0; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = 0; + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); return count; @@ -54,8 +54,8 @@ int32_t Crypto_MC_status(uint8_t* ingest) // TODO: Update log_summary.rs; // Prepare for Reply - sdls_frame.pdu.pdu_len = 2; // 4 - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = 2; // 4 + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); // PDU @@ -85,8 +85,8 @@ int32_t Crypto_MC_dump(uint8_t* ingest) int y; // Prepare for Reply - sdls_frame.pdu.pdu_len = (log_count * 6); // SDLS_MC_DUMP_RPLY_SIZE - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = (log_count * 6); // SDLS_MC_DUMP_RPLY_SIZE + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); // PDU @@ -139,8 +139,8 @@ int32_t Crypto_MC_erase(uint8_t* ingest) log_summary.rs = LOG_SIZE; // Prepare for Reply - sdls_frame.pdu.pdu_len = 2; // 4 - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = 2; // 4 + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); // PDU @@ -166,8 +166,8 @@ int32_t Crypto_MC_selftest(uint8_t* ingest) // TODO: Perform test // Prepare for Reply - sdls_frame.pdu.pdu_len = 1; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = 1; + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); ingest[count++] = result; @@ -189,11 +189,11 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest) int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; // Prepare for Reply - sdls_frame.pdu.pdu_len = 2 + IV_SIZE; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = 2 + IV_SIZE; + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); // Write SPI to reply diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index e6ca66b2..71d36018 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -145,36 +145,36 @@ void Crypto_fsrPrint(SDLS_FSR_t* report) /** * @brief Function: Crypto_ccsdsPrint * Prints the current CCSDS in memory. - * @param sdls_frame: CCSDS_t* + * @param sdls_resp_pkt: CCSDS_t* **/ -void Crypto_ccsdsPrint(CCSDS_t* sdls_frame) +void Crypto_ccsdsPrint(CCSDS_t* sdls_resp_pkt) { printf("Current CCSDS in memory is: \n"); printf("\t Primary Header\n"); - printf("\t\t pvn = 0x%01x \n", sdls_frame->hdr.pvn); - printf("\t\t type = 0x%01x \n", sdls_frame->hdr.type); - printf("\t\t shdr = 0x%01x \n", sdls_frame->hdr.shdr); - printf("\t\t appID = 0x%03x \n", sdls_frame->hdr.appID); - printf("\t\t seq = 0x%01x \n", sdls_frame->hdr.seq); - printf("\t\t pktid = 0x%04x \n", sdls_frame->hdr.pktid); - printf("\t\t pkt_length = 0x%04x \n", sdls_frame->hdr.pkt_length); + printf("\t\t pvn = 0x%01x \n", sdls_resp_pkt->hdr.pvn); + printf("\t\t type = 0x%01x \n", sdls_resp_pkt->hdr.type); + printf("\t\t shdr = 0x%01x \n", sdls_resp_pkt->hdr.shdr); + printf("\t\t appID = 0x%03x \n", sdls_resp_pkt->hdr.appID); + printf("\t\t seq = 0x%01x \n", sdls_resp_pkt->hdr.seq); + printf("\t\t pktid = 0x%04x \n", sdls_resp_pkt->hdr.pktid); + printf("\t\t pkt_length = 0x%04x \n", sdls_resp_pkt->hdr.pkt_length); printf("\t PUS Header\n"); - printf("\t\t shf = 0x%01x \n", sdls_frame->pus.shf); - printf("\t\t pusv = 0x%01x \n", sdls_frame->pus.pusv); - printf("\t\t ack = 0x%01x \n", sdls_frame->pus.ack); - printf("\t\t st = 0x%02x \n", sdls_frame->pus.st); - printf("\t\t sst = 0x%02x \n", sdls_frame->pus.sst); - printf("\t\t sid = 0x%01x \n", sdls_frame->pus.sid); - printf("\t\t spare = 0x%01x \n", sdls_frame->pus.spare); + printf("\t\t shf = 0x%01x \n", sdls_resp_pkt->pus.shf); + printf("\t\t pusv = 0x%01x \n", sdls_resp_pkt->pus.pusv); + printf("\t\t ack = 0x%01x \n", sdls_resp_pkt->pus.ack); + printf("\t\t st = 0x%02x \n", sdls_resp_pkt->pus.st); + printf("\t\t sst = 0x%02x \n", sdls_resp_pkt->pus.sst); + printf("\t\t sid = 0x%01x \n", sdls_resp_pkt->pus.sid); + printf("\t\t spare = 0x%01x \n", sdls_resp_pkt->pus.spare); printf("\t PDU \n"); - printf("\t\t type = 0x%01x \n", sdls_frame->pdu.type); - printf("\t\t uf = 0x%01x \n", sdls_frame->pdu.uf); - printf("\t\t sg = 0x%01x \n", sdls_frame->pdu.sg); - printf("\t\t pid = 0x%01x \n", sdls_frame->pdu.pid); - printf("\t\t pdu_len = 0x%04x \n", sdls_frame->pdu.pdu_len); - printf("\t\t data[0] = 0x%02x \n", sdls_frame->pdu.data[0]); - printf("\t\t data[1] = 0x%02x \n", sdls_frame->pdu.data[1]); - printf("\t\t data[2] = 0x%02x \n", sdls_frame->pdu.data[2]); + printf("\t\t type = 0x%01x \n", sdls_resp_pkt->pdu.hdr.type); + printf("\t\t uf = 0x%01x \n", sdls_resp_pkt->pdu.hdr.uf); + printf("\t\t sg = 0x%01x \n", sdls_resp_pkt->pdu.hdr.sg); + printf("\t\t pid = 0x%01x \n", sdls_resp_pkt->pdu.hdr.pid); + printf("\t\t pdu_len = 0x%04x \n", sdls_resp_pkt->pdu.hdr.pdu_len); + printf("\t\t data[0] = 0x%02x \n", sdls_resp_pkt->pdu.data[0]); + printf("\t\t data[1] = 0x%02x \n", sdls_resp_pkt->pdu.data[1]); + printf("\t\t data[2] = 0x%02x \n", sdls_resp_pkt->pdu.data[2]); printf("\n"); } diff --git a/src/core/crypto_user.c b/src/core/crypto_user.c index b35617b9..816fe63f 100644 --- a/src/core/crypto_user.c +++ b/src/core/crypto_user.c @@ -31,8 +31,8 @@ int32_t Crypto_User_IdleTrigger(uint8_t* ingest) uint8_t count = 0; // Prepare for Reply - sdls_frame.pdu.pdu_len = 0; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = 0; + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 144); return count; @@ -121,8 +121,8 @@ int32_t Crypto_User_BadFECF(void) int32_t Crypto_User_ModifyKey(void) { // Local variables - uint16_t kid = ((uint8_t)sdls_frame.pdu.data[0] << 8) | ((uint8_t)sdls_frame.pdu.data[1]); - uint8_t mod = (uint8_t)sdls_frame.pdu.data[2]; + uint16_t kid = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | ((uint8_t)sdls_resp_pkt.pdu.data[1]); + uint8_t mod = (uint8_t)sdls_resp_pkt.pdu.data[2]; crypto_key_t* ekp = NULL; @@ -139,7 +139,7 @@ int32_t Crypto_User_ModifyKey(void) printf("Key %d value invalidated! \n", kid); break; case 2: // Modify key state - ekp->key_state = (uint8_t)sdls_frame.pdu.data[3] & 0x0F; + ekp->key_state = (uint8_t)sdls_resp_pkt.pdu.data[3] & 0x0F; printf("Key %d state changed to %d! \n", kid, mod); break; default: @@ -152,13 +152,13 @@ int32_t Crypto_User_ModifyKey(void) /** * @brief Function: Crypto_User_ModifyActiveTM - * Modifies tm_sec_header.spi based on sdls_frame.pdu.data[0] + * Modifies tm_sec_header.spi based on sdls_resp_pkt.pdu.data[0] * @return int32: Success/Failure **/ int32_t Crypto_User_ModifyActiveTM(void) { // TODO Check this - tm_frame_sec_hdr.spi = (uint8_t)sdls_frame.pdu.data[0]; + tm_frame_sec_hdr.spi = (uint8_t)sdls_resp_pkt.pdu.data[0]; return CRYPTO_LIB_SUCCESS; } @@ -168,9 +168,9 @@ int32_t Crypto_User_ModifyActiveTM(void) **/ int32_t Crypto_User_ModifyVCID(void) { - // tm_frame.tm_header.vcid = (uint8_t)sdls_frame.pdu.data[0]; + // tm_frame.tm_header.vcid = (uint8_t)sdls_resp_pkt.pdu.data[0]; // Check this - tm_frame_pri_hdr.vcid = (uint8_t)sdls_frame.pdu.data[0]; + tm_frame_pri_hdr.vcid = (uint8_t)sdls_resp_pkt.pdu.data[0]; SecurityAssociation_t* sa_ptr; int i; int j; diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index 668ac113..b1985d37 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -497,7 +497,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, { printf("%02X", *(data_in + j)); } - printf("\n"); + printf("\n" RESET); #endif @@ -528,7 +528,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, { printf("%02X", *(data_out + j)); } - printf("\n"); + printf("\n" RESET); #endif gcry_cipher_close(tmp_hd); @@ -590,7 +590,7 @@ int32_t cryptography_gcry_setup(int32_t mode, int32_t algo, gcry_cipher_hd_t* tm { printf("%02X", *(key_ptr + i)); } - printf("\n"); + printf("\n" RESET); #endif if ((*gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) @@ -660,7 +660,7 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, { printf("%02X", *(data_in + j)); } - printf("\n"); + printf("\n" RESET); #endif if(aad_bool == CRYPTO_TRUE) // Authenticate with AAD! @@ -717,7 +717,7 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, { printf("%02X", *(data_out + j)); } - printf("\n"); + printf("\n" RESET); #endif if (authenticate_bool == CRYPTO_TRUE) diff --git a/src/crypto/wolfssl/cryptography_interface_wolfssl.template.c b/src/crypto/wolfssl/cryptography_interface_wolfssl.template.c index 238f1e4b..66c4cc8f 100644 --- a/src/crypto/wolfssl/cryptography_interface_wolfssl.template.c +++ b/src/crypto/wolfssl/cryptography_interface_wolfssl.template.c @@ -404,7 +404,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, { printf("%02X", *(data_in + j)); } - printf("\n"); + printf("\n" RESET); #endif // Reference: https://www.wolfssl.com/documentation/manuals/wolfssl/group__AES.html @@ -447,7 +447,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, { printf("%02X", *(data_out + j)); } - printf("\n"); + printf("\n" RESET); #endif return status; @@ -486,7 +486,7 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, { printf("%02X", *(data_in + j)); } - printf("\n"); + printf("\n" RESET); #endif // Reference: https://www.wolfssl.com/documentation/manuals/wolfssl/group__AES.html @@ -531,7 +531,7 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, { printf("%02X", *(data_out + j)); } - printf("\n"); + printf("\n" RESET); #endif return status; diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index b10979b0..55c8b5a4 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -978,11 +978,11 @@ static int32_t sa_start(TC_t* tc_frame) int i; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; // Overwrite last PID sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) @@ -991,15 +991,15 @@ static int32_t sa_start(TC_t* tc_frame) { count = 2; - for (x = 0; x <= ((sdls_frame.pdu.pdu_len - 2) / 4); x++) + for (x = 0; x <= ((sdls_resp_pkt.pdu.hdr.pdu_len - 2) / 4); x++) { // Read in GVCID - gvcid.tfvn = (sdls_frame.pdu.data[count] >> 4); - gvcid.scid = (sdls_frame.pdu.data[count] << 12) | (sdls_frame.pdu.data[count + 1] << 4) | - (sdls_frame.pdu.data[count + 2] >> 4); - gvcid.vcid = (sdls_frame.pdu.data[count + 2] << 4) | (sdls_frame.pdu.data[count + 3] && 0x3F); + gvcid.tfvn = (sdls_resp_pkt.pdu.data[count] >> 4); + gvcid.scid = (sdls_resp_pkt.pdu.data[count] << 12) | (sdls_resp_pkt.pdu.data[count + 1] << 4) | + (sdls_resp_pkt.pdu.data[count + 2] >> 4); + gvcid.vcid = (sdls_resp_pkt.pdu.data[count + 2] << 4) | (sdls_resp_pkt.pdu.data[count + 3] && 0x3F); if (current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) { - gvcid.mapid = (sdls_frame.pdu.data[count + 3]); + gvcid.mapid = (sdls_resp_pkt.pdu.data[count + 3]); } else { @@ -1106,12 +1106,12 @@ static int32_t sa_stop(void) int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; printf("spi = %d \n", spi); // Overwrite last PID sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; // Check SPI exists and in 'Active' state if (spi < NUM_SA) @@ -1167,23 +1167,23 @@ static int32_t sa_rekey(void) int x = 0; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[count] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[count + 1]; count = count + 2; // Overwrite last PID sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) { if (sa[spi].sa_state == SA_UNKEYED) { // Encryption Key - sa[spi].ekid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; + sa[spi].ekid = ((uint8_t)sdls_resp_pkt.pdu.data[count] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[count + 1]; count = count + 2; // Authentication Key - // sa[spi].akid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count+1]; + // sa[spi].akid = ((uint8_t)sdls_resp_pkt.pdu.data[count] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[count+1]; // count = count + 2; // Anti-Replay Seq Num @@ -1196,9 +1196,9 @@ static int32_t sa_rekey(void) { // TODO: Uncomment once fixed in ESA implementation // TODO: Assuming this was fixed... - *(sa[spi].iv + x - count) = (uint8_t)sdls_frame.pdu.data[x]; + *(sa[spi].iv + x - count) = (uint8_t)sdls_resp_pkt.pdu.data[x]; #ifdef PDU_DEBUG - printf("%02x", sdls_frame.pdu.data[x]); + printf("%02x", sdls_resp_pkt.pdu.data[x]); #endif } } @@ -1245,12 +1245,12 @@ static int32_t sa_expire(void) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; printf("spi = %d \n", spi); // Overwrite last PID sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) @@ -1286,51 +1286,51 @@ static int32_t sa_create(void) uint16_t spi = 0x0000; int x; - // Read sdls_frame.pdu.data - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + // Read sdls_resp_pkt.pdu.data + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; printf("spi = %d \n", spi); // Overwrite last PID sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; // Write SA Configuration - sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; - sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; - sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); - sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; - sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); - sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); - sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); + sa[spi].est = ((uint8_t)sdls_resp_pkt.pdu.data[2] & 0x80) >> 7; + sa[spi].ast = ((uint8_t)sdls_resp_pkt.pdu.data[2] & 0x40) >> 6; + sa[spi].shivf_len = ((uint8_t)sdls_resp_pkt.pdu.data[2] & 0x3F); + sa[spi].shsnf_len = ((uint8_t)sdls_resp_pkt.pdu.data[3] & 0xFC) >> 2; + sa[spi].shplf_len = ((uint8_t)sdls_resp_pkt.pdu.data[3] & 0x03); + sa[spi].stmacf_len = ((uint8_t)sdls_resp_pkt.pdu.data[4]); + sa[spi].ecs_len = ((uint8_t)sdls_resp_pkt.pdu.data[5]); for (x = 0; x < sa[spi].ecs_len; x++) { - sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].ecs = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); } - sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].shivf_len = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); for (x = 0; x < sa[spi].shivf_len; x++) { - sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].iv[x] = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); } - sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].acs_len = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); for (x = 0; x < sa[spi].acs_len; x++) { - sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].acs = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); } - sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1])); + sa[spi].abm_len = (uint8_t)((sdls_resp_pkt.pdu.data[count] << 8) | (sdls_resp_pkt.pdu.data[count + 1])); count = count + 2; for (x = 0; x < sa[spi].abm_len; x++) { - sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].abm[x] = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); } - sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].arsn_len = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); for (x = 0; x < sa[spi].arsn_len; x++) { - *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]); + *(sa[spi].arsn + x) = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); } - sa[spi].arsnw_len = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].arsnw_len = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); for (x = 0; x < sa[spi].arsnw_len; x++) { - sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_frame.pdu.data[count++]) << (sa[spi].arsnw_len - x)); + sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_resp_pkt.pdu.data[count++]) << (sa[spi].arsnw_len - x)); } // TODO: Checks for valid data @@ -1355,12 +1355,12 @@ static int32_t sa_delete(void) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; printf("spi = %d \n", spi); // Overwrite last PID sa[spi].lpid = - (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid; + (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) @@ -1398,7 +1398,7 @@ static int32_t sa_setARSN(void) int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; printf("spi = %d \n", spi); // TODO: Check SA type (authenticated, encrypted, both) and set appropriately @@ -1414,7 +1414,7 @@ static int32_t sa_setARSN(void) { // Set IV - authenticated encryption for (x = 0; x < IV_SIZE; x++) { - *(sa[spi].iv + x) = (uint8_t)sdls_frame.pdu.data[x + 2]; + *(sa[spi].iv + x) = (uint8_t)sdls_resp_pkt.pdu.data[x + 2]; #ifdef PDU_DEBUG printf("%02x", *(sa[spi].iv + x)); #endif @@ -1448,13 +1448,13 @@ static int32_t sa_setARSNW(void) int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; printf("spi = %d \n", spi); // Check SPI exists if (spi < NUM_SA) { - sa[spi].arsnw_len = (uint8_t)sdls_frame.pdu.data[2]; + sa[spi].arsnw_len = (uint8_t)sdls_resp_pkt.pdu.data[2]; // Check for out of bounds if (sa[spi].arsnw_len > (ARSN_SIZE)) @@ -1464,7 +1464,7 @@ static int32_t sa_setARSNW(void) for (x = 0; x < sa[spi].arsnw_len; x++) { - sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 3]) << (sa[spi].arsnw_len - x)); + sa[spi].arsnw = (((uint8_t)sdls_resp_pkt.pdu.data[x + 3]) << (sa[spi].arsnw_len - x)); } } else @@ -1489,15 +1489,15 @@ static int32_t sa_status(uint8_t* ingest) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; printf("spi = %d \n", spi); // Check SPI exists if (spi < NUM_SA) { // Prepare for Reply - sdls_frame.pdu.pdu_len = 3; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = 3; + sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); // PDU ingest[count++] = (spi & 0xFF00) >> 8; diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index d4d0ab75..54572472 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -108,157 +108,157 @@ UTEST(CRYPTO_C, PDU_SWITCH) Crypto_Init(); - sdls_frame.pdu.type = 0; - sdls_frame.pdu.uf = 0; - sdls_frame.pdu.sg = SG_KEY_MGMT; - sdls_frame.pdu.pid = PID_OTAR; + sdls_resp_pkt.hdr.type = 0; + sdls_resp_pkt.pdu.hdr.uf = 0; + sdls_resp_pkt.pdu.hdr.sg = SG_KEY_MGMT; + sdls_resp_pkt.pdu.hdr.pid = PID_OTAR; uint8_t* ingest = NULL; TC_t tc_frame; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_KEY_ACTIVATION; + sdls_resp_pkt.pdu.hdr.pid = PID_KEY_ACTIVATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_KEY_DEACTIVATION; + sdls_resp_pkt.pdu.hdr.pid = PID_KEY_DEACTIVATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pdu_len = 0; - sdls_frame.pdu.pid = PID_KEY_VERIFICATION; + sdls_resp_pkt.pdu.hdr.pdu_len = 0; + sdls_resp_pkt.pdu.hdr.pid = PID_KEY_VERIFICATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_KEY_DESTRUCTION; + sdls_resp_pkt.pdu.hdr.pid = PID_KEY_DESTRUCTION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_KEY_INVENTORY; + sdls_resp_pkt.pdu.hdr.pid = PID_KEY_INVENTORY; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING); - sdls_frame.pdu.pid = SG_KEY_MGMT; + sdls_resp_pkt.pdu.hdr.pid = SG_KEY_MGMT; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.sg = SG_SA_MGMT; - sdls_frame.pdu.pid = PID_CREATE_SA; + sdls_resp_pkt.pdu.hdr.sg = SG_SA_MGMT; + sdls_resp_pkt.pdu.hdr.pid = PID_CREATE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_DELETE_SA; + sdls_resp_pkt.pdu.hdr.pid = PID_DELETE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_SET_ARSNW; + sdls_resp_pkt.pdu.hdr.pid = PID_SET_ARSNW; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_REKEY_SA; + sdls_resp_pkt.pdu.hdr.pid = PID_REKEY_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_EXPIRE_SA; + sdls_resp_pkt.pdu.hdr.pid = PID_EXPIRE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_SET_ARSN; + sdls_resp_pkt.pdu.hdr.pid = PID_SET_ARSN; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_START_SA; + sdls_resp_pkt.pdu.hdr.pid = PID_START_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_STOP_SA; + sdls_resp_pkt.pdu.hdr.pid = PID_STOP_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = PID_READ_ARSN; + sdls_resp_pkt.pdu.hdr.pid = PID_READ_ARSN; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.pid = PID_SA_STATUS; + sdls_resp_pkt.pdu.hdr.pid = PID_SA_STATUS; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.pid = 0b111; + sdls_resp_pkt.pdu.hdr.pid = 0b111; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.sg = SG_SEC_MON_CTRL; - sdls_frame.pdu.pid = PID_LOG_STATUS; + sdls_resp_pkt.pdu.hdr.sg = SG_SEC_MON_CTRL; + sdls_resp_pkt.pdu.hdr.pid = PID_LOG_STATUS; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.pid = PID_DUMP_LOG; + sdls_resp_pkt.pdu.hdr.pid = PID_DUMP_LOG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.pid = PID_ERASE_LOG; + sdls_resp_pkt.pdu.hdr.pid = PID_ERASE_LOG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.pid = PID_SELF_TEST; + sdls_resp_pkt.pdu.hdr.pid = PID_SELF_TEST; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.pid = PID_ALARM_FLAG; + sdls_resp_pkt.pdu.hdr.pid = PID_ALARM_FLAG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = 0b1111; + sdls_resp_pkt.pdu.hdr.pid = 0b1111; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.sg = PID_LOG_STATUS; - sdls_frame.pdu.pid = PID_LOG_STATUS; + sdls_resp_pkt.pdu.hdr.sg = PID_LOG_STATUS; + sdls_resp_pkt.pdu.hdr.pid = PID_LOG_STATUS; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.uf = 1; - sdls_frame.pdu.pid = 0; + sdls_resp_pkt.pdu.hdr.uf = 1; + sdls_resp_pkt.pdu.hdr.pid = 0; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = 1; + sdls_resp_pkt.pdu.hdr.pid = 1; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = 2; + sdls_resp_pkt.pdu.hdr.pid = 2; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = 3; + sdls_resp_pkt.pdu.hdr.pid = 3; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = 4; + sdls_resp_pkt.pdu.hdr.pid = 4; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = 5; + sdls_resp_pkt.pdu.hdr.pid = 5; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = 6; + sdls_resp_pkt.pdu.hdr.pid = 6; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); // TODO: (RB) Disabled for now. Key Inventory needs to be re-worked. - Not currently using EP - // sdls_frame.pdu.pid = 7; + // sdls_resp_pkt.pdu.hdr.pid = 7; // status = Crypto_PDU(ingest, &tc_frame); // ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.pid = 8; + sdls_resp_pkt.pdu.hdr.pid = 8; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.type = 1; - sdls_frame.pdu.pid = 8; + sdls_resp_pkt.hdr.type = 1; + sdls_resp_pkt.pdu.hdr.pid = 8; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } From 5f6f09ba74899fab590e9fc84d8569480672f017 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Wed, 2 Oct 2024 15:38:47 -0400 Subject: [PATCH 100/241] [nasa/cryptolib#147] Packed structure to fix off-by-1 length when using sizeof. Appears to have fixed Key verification! Need updated Uts to confirm --- include/crypto_structs.h | 2 +- src/core/crypto.c | 18 +----------------- src/core/crypto_key_mgmt.c | 23 ++--------------------- 3 files changed, 4 insertions(+), 39 deletions(-) diff --git a/include/crypto_structs.h b/include/crypto_structs.h index cb31e6c2..6343eb68 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -106,7 +106,7 @@ typedef struct uint8_t sg : 2; // Service Group Field uint8_t pid : 4; // Procedure Identification Field uint16_t pdu_len; // EP Data Field Length - BITS -} SDLS_TLV_Hdr_t; +} __attribute__ ((packed)) SDLS_TLV_Hdr_t; #define SDLS_TLV_HDR_SIZE (sizeof(SDLS_TLV_Hdr_t)) typedef struct diff --git a/src/core/crypto.c b/src/core/crypto.c index c4711afa..b66647fb 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -276,11 +276,10 @@ uint8_t Crypto_Prep_Reply(uint8_t* reply, uint8_t appID) sdls_resp_pkt.hdr.shdr = 1; sdls_resp_pkt.hdr.appID = appID; - sdls_resp_pkt.hdr.type = 1; - // Fill reply with reply header reply[count++] = (sdls_resp_pkt.hdr.pvn << 5) | (sdls_resp_pkt.hdr.type << 4) | (sdls_resp_pkt.hdr.shdr << 3) | ((sdls_resp_pkt.hdr.appID & 0x700 >> 8)); + reply[count++] = (sdls_resp_pkt.hdr.appID & 0x00FF); reply[count++] = (sdls_resp_pkt.hdr.seq << 6) | ((sdls_resp_pkt.hdr.pktid & 0x3F00) >> 8); reply[count++] = (sdls_resp_pkt.hdr.pktid & 0x00FF); @@ -678,21 +677,6 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) break; } -printf("Status: %d\nCount: %d\n", status, *count_ptr); - -// #ifdef CCSDS_DEBUG -// int x; -// if ((status == 0) && (*count_ptr > 0) && (ingest != NULL)) -// { -// printf(KMAG "CCSDS message put on software bus: 0x" RESET); -// for (x = 0; x < *count_ptr; x++) -// { -// printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); -// } -// printf("\n"); -// } -// #endif - return status; } diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 27136e3f..22e1806c 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -393,20 +393,11 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) // length = pdu_len + HDR + PUS - 1 (per CCSDS Convention) if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { - printf("HAS PUS! :)\n"); - sdls_resp_pkt.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_resp_pkt.pdu.hdr.pdu_len/8) - 1; - printf("TOTAL LENGTH IS: %d\n", sdls_resp_pkt.hdr.pkt_length); - printf("PUS LENGTH IS %ld\n", CCSDS_PUS_SIZE); - printf("CCSDS_HDR_SIZE IS %ld\n", CCSDS_HDR_SIZE); - printf("TLV_HDR_SIZE IS %ld\n", SDLS_TLV_HDR_SIZE); - printf("PDU length: Bits %d, bytes: %d\n", sdls_resp_pkt.pdu.hdr.pdu_len, (sdls_resp_pkt.pdu.hdr.pdu_len/8)); - + sdls_resp_pkt.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_resp_pkt.pdu.hdr.pdu_len/8) - 1 ; } else { - printf("NO HAS PUS :(\n"); sdls_resp_pkt.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_resp_pkt.pdu.hdr.pdu_len/8) - 1; - printf("PDU length: Bits %d, bytes: %d\n", sdls_resp_pkt.pdu.hdr.pdu_len, (sdls_resp_pkt.pdu.hdr.pdu_len/8)); } *count = Crypto_Prep_Reply(sdls_ep_reply, 128); @@ -519,14 +510,4 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) #endif return status; -} - - -// 1010EB406500927F0B00415C00 < 13 bytes. for why? - -// 415C00 < wrong PDU header - -// 1010EB406500927F0B00 - -// Data length = 92 (0x5C) -// 0084000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF548E2885008600000000000000000000000275C47F30CA26E64AF30C19EBFFE0B314849133E138AC65BC2806E520A90C96A8 +} \ No newline at end of file From 59acff87a48d6d4503d312353b2eb8145f40dfb7 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 3 Oct 2024 15:41:51 +0000 Subject: [PATCH 101/241] [nasa/cryptolib#331] Fix setting of SPI in SA_EP functions --- include/crypto.h | 1 + src/core/crypto_mc.c | 4 +-- .../internal/sa_interface_inmemory.template.c | 32 ++++++------------- 3 files changed, 13 insertions(+), 24 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index c9126ef2..2e4ad08a 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -252,6 +252,7 @@ extern char* crypto_deep_copy_string(char* src_string); */ // Data stores used in multiple components extern CCSDS_t sdls_resp_pkt; +extern CCSDS_t sdls_frame; extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; extern uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; // extern TM_t tm_frame; diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 99644e47..0817df9e 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -209,7 +209,7 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) int x; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; // Prepare for Reply sdls_resp_pkt.pdu.hdr.pdu_len = 2 + IV_SIZE; @@ -253,7 +253,7 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) #ifdef PDU_DEBUG printf("spi = %d \n", spi); printf("ARSN_LEN: %d\n", sa_ptr->arsn_len); - if (sa_ptr->shivf_len > 0) // Not sure why shivf_len is being used + if (sa_ptr->arsn_len > 0) // Not sure why shivf_len is being used { printf("ARSN = 0x"); for (x = 0; x < sa_ptr->arsn_len; x++) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 423bfe65..3d326893 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -978,7 +978,7 @@ static int32_t sa_start(TC_t* tc_frame) int i; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) @@ -1111,13 +1111,9 @@ static int32_t sa_stop(void) int x; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); - // Overwrite last PID - sa[spi].lpid = - (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; - // Check SPI exists and in 'Active' state if (spi < NUM_SA) { @@ -1181,13 +1177,9 @@ static int32_t sa_rekey(void) int x = 0; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[count] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[count + 1]; + spi = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; count = count + 2; - // Overwrite last PID - sa[spi].lpid = - (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; - // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) { @@ -1202,7 +1194,7 @@ static int32_t sa_rekey(void) if (sa[spi].sa_state == SA_UNKEYED) { // Encryption Key - sa[spi].ekid = ((uint8_t)sdls_resp_pkt.pdu.data[count] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[count + 1]; + sa[spi].ekid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; count = count + 2; // Authentication Key @@ -1268,13 +1260,9 @@ static int32_t sa_expire(void) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); - // Overwrite last PID - sa[spi].lpid = - (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; - // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) { @@ -1319,7 +1307,7 @@ static int32_t sa_create(void) int x; // Read sdls_resp_pkt.pdu.data - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; #ifdef DEBUG printf("spi = %d \n", spi); #endif @@ -1404,7 +1392,7 @@ static int32_t sa_delete(void) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; #ifdef DEBUG printf("spi = %d \n", spi); #endif @@ -1454,7 +1442,7 @@ static int32_t sa_setARSN(void) int x; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); // TODO: Check SA type (authenticated, encrypted, both) and set appropriately @@ -1513,7 +1501,7 @@ static int32_t sa_setARSNW(void) int x; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); // Check SPI exists @@ -1564,7 +1552,7 @@ static int32_t sa_status(uint8_t* ingest) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); // Check SPI exists From c8a86015b8334ec92b1c69b73e23df49dbb84dc0 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 7 Oct 2024 20:19:49 +0000 Subject: [PATCH 102/241] [nasa/cryptolib#331] Fix MC EP Replies --- src/core/crypto.c | 54 ++++++++-------- src/core/crypto_mc.c | 107 +++++++++++++++++++++---------- test/CMakeLists.txt | 4 -- test/unit/ut_crypto_mc.c | 134 --------------------------------------- 4 files changed, 102 insertions(+), 197 deletions(-) delete mode 100644 test/unit/ut_crypto_mc.c diff --git a/src/core/crypto.c b/src/core/crypto.c index a2a1af62..d9d64558 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -256,35 +256,36 @@ uint8_t Crypto_Prep_Reply(uint8_t* reply, uint8_t appID) return count; // Prepare CCSDS for reply - sdls_resp_pkt.hdr.pvn = 0; - sdls_resp_pkt.hdr.type = 0; - sdls_resp_pkt.hdr.shdr = 1; - sdls_resp_pkt.hdr.appID = appID; + sdls_frame.hdr.pvn = 0; + sdls_frame.hdr.type = 0; + sdls_frame.hdr.shdr = 1; + sdls_frame.hdr.appID = appID; - // Fill reply with reply header - reply[count++] = (sdls_resp_pkt.hdr.pvn << 5) | (sdls_resp_pkt.hdr.type << 4) | (sdls_resp_pkt.hdr.shdr << 3) | - ((sdls_resp_pkt.hdr.appID & 0x700 >> 8)); + sdls_frame.pdu.hdr.type = 1; - reply[count++] = (sdls_resp_pkt.hdr.appID & 0x00FF); - reply[count++] = (sdls_resp_pkt.hdr.seq << 6) | ((sdls_resp_pkt.hdr.pktid & 0x3F00) >> 8); - reply[count++] = (sdls_resp_pkt.hdr.pktid & 0x00FF); - reply[count++] = (sdls_resp_pkt.hdr.pkt_length & 0xFF00) >> 8; - reply[count++] = (sdls_resp_pkt.hdr.pkt_length & 0x00FF); + // Fill reply with reply header + reply[count++] = (sdls_frame.hdr.pvn << 5) | (sdls_frame.hdr.type << 4) | (sdls_frame.hdr.shdr << 3) | + ((sdls_frame.hdr.appID & 0x700 >> 8)); + reply[count++] = (sdls_frame.hdr.appID & 0x00FF); + reply[count++] = (sdls_frame.hdr.seq << 6) | ((sdls_frame.hdr.pktid & 0x3F00) >> 8); + reply[count++] = (sdls_frame.hdr.pktid & 0x00FF); + reply[count++] = (sdls_frame.hdr.pkt_length & 0xFF00) >> 8; + reply[count++] = (sdls_frame.hdr.pkt_length & 0x00FF); if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { // Fill reply with PUS - reply[count++] = (sdls_resp_pkt.pus.shf << 7) | (sdls_resp_pkt.pus.pusv << 4) | (sdls_resp_pkt.pus.ack); - reply[count++] = (sdls_resp_pkt.pus.st); - reply[count++] = (sdls_resp_pkt.pus.sst); - reply[count++] = (sdls_resp_pkt.pus.sid << 4) | (sdls_resp_pkt.pus.spare); + reply[count++] = (sdls_frame.pus.shf << 7) | (sdls_frame.pus.pusv << 4) | (sdls_frame.pus.ack); + reply[count++] = (sdls_frame.pus.st); + reply[count++] = (sdls_frame.pus.sst); + reply[count++] = (sdls_frame.pus.sid << 4) | (sdls_frame.pus.spare); } // Fill reply with Tag and Length reply[count++] = - (sdls_resp_pkt.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | (sdls_resp_pkt.pdu.hdr.pid); - reply[count++] = (sdls_resp_pkt.pdu.hdr.pdu_len & 0xFF00) >> 8; - reply[count++] = (sdls_resp_pkt.pdu.hdr.pdu_len & 0x00FF); + (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | (sdls_frame.pdu.hdr.pid); + reply[count++] = (sdls_frame.pdu.hdr.pdu_len & 0xFF00) >> 8; + reply[count++] = (sdls_frame.pdu.hdr.pdu_len & 0x00FF); return count; } @@ -423,7 +424,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) #ifdef CCSDS_DEBUG int x; - if ((*count_ptr > 0) && (ingest != NULL)) + if ((*count_ptr > 0)) { printf(KMAG "CCSDS message put on software bus: 0x" RESET); for (x = 0; x < *count_ptr; x++) @@ -800,7 +801,6 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin } #ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_resp_pkt); Crypto_ccsdsPrint(&sdls_frame); #endif @@ -815,16 +815,16 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU - sdls_resp_pkt.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; - sdls_resp_pkt.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; - sdls_resp_pkt.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; - sdls_resp_pkt.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); - sdls_resp_pkt.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; for (x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) { // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely // fails. Must consider Uplink Sessions (sequence numbers). - sdls_resp_pkt.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; + sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; } #ifdef CCSDS_DEBUG diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 0817df9e..04739fc7 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -34,8 +34,8 @@ int32_t Crypto_MC_ping(uint8_t* ingest, int* count_ptr) *count_ptr = 0; // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = 0; - sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; + sdls_frame.pdu.hdr.pdu_len = 0; + sdls_frame.hdr.pkt_length = sdls_frame.pdu.hdr.pdu_len + 9; *count_ptr = Crypto_Prep_Reply(ingest, 128); return CRYPTO_LIB_SUCCESS; @@ -54,17 +54,27 @@ int32_t Crypto_MC_status(uint8_t* ingest, int* count_ptr) // TODO: Update log_summary.rs; // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; // 4 - sdls_resp_pkt.hdr.pkt_length = (sdls_resp_pkt.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(ingest, 128); + sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; + *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU - // ingest[count++] = (log_summary.num_se & 0xFF00) >> 8; - ingest[*count_ptr += 1] = (log_summary.num_se & 0x00FF); - // ingest[count++] = (log_summary.rs & 0xFF00) >> 8; - ingest[*count_ptr += 1] = (log_summary.rs & 0x00FF); + sdls_ep_reply[*count_ptr] = (log_summary.num_se & 0xFF00) >> 8; + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (log_summary.num_se & 0x00FF); + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (log_summary.rs & 0xFF00) >> 8; + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (log_summary.rs & 0x00FF); + *count_ptr += 1; #ifdef PDU_DEBUG + printf("MC Status Reply: 0x"); + for (int x = 0; x < *count_ptr; x++) + { + printf("%02x", sdls_ep_reply[x]); + } + printf("\n"); printf("log_summary.num_se = 0x%02x \n", log_summary.num_se); printf("log_summary.rs = 0x%02x \n", log_summary.rs); #endif @@ -86,20 +96,22 @@ int32_t Crypto_MC_dump(uint8_t* ingest, int* count_ptr) int y; // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = SDLS_MC_DUMP_RPLY_SIZE * log_count * 8; // SDLS_MC_DUMP_RPLY_SIZE - //sdls_resp_pkt.pdu.pdu_len = SDLS_MC_DUMP_BLK_RPLY_SIZE; - sdls_resp_pkt.hdr.pkt_length = (sdls_resp_pkt.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(ingest, 128); - + sdls_frame.pdu.hdr.pdu_len = SDLS_MC_DUMP_RPLY_SIZE * log_count * 8; // SDLS_MC_DUMP_RPLY_SIZE + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; + *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU for (x = 0; x < log_count; x++) { - ingest[*count_ptr += 1] = mc_log.blk[x].emt; - ingest[*count_ptr += 1] = (mc_log.blk[x].em_len & 0xFF00) >> 8; - ingest[*count_ptr += 1] = (mc_log.blk[x].em_len & 0x00FF); + sdls_ep_reply[*count_ptr] = mc_log.blk[x].emt; + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (mc_log.blk[x].em_len & 0xFF00) >> 8; + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (mc_log.blk[x].em_len & 0x00FF); + *count_ptr += 1; for (y = 0; y < EMV_SIZE; y++) { - ingest[*count_ptr += 1] = mc_log.blk[x].emv[y]; + sdls_ep_reply[*count_ptr] = mc_log.blk[x].emv[y]; + *count_ptr += 1; } #ifdef PDU_DEBUG printf("Log %d emt: 0x%02x\n", x, mc_log.blk[x].emt); @@ -117,6 +129,12 @@ int32_t Crypto_MC_dump(uint8_t* ingest, int* count_ptr) printf("log_count = %d \n", log_count); printf("log_summary.num_se = 0x%02x \n", log_summary.num_se); printf("log_summary.rs = 0x%02x \n", log_summary.rs); + printf("MC Dump Reply: 0x"); + for (int x = 0; x < *count_ptr; x++) + { + printf("%02x", sdls_ep_reply[x]); + } + printf("\n"); #endif return CRYPTO_LIB_SUCCESS; @@ -151,15 +169,30 @@ int32_t Crypto_MC_erase(uint8_t* ingest, int* count_ptr) log_summary.rs = LOG_SIZE; // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; // 4 - sdls_resp_pkt.hdr.pkt_length = (sdls_resp_pkt.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(ingest, 128); - + sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; // 4 + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; + *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU - // ingest[count++] = (log_summary.num_se & 0xFF00) >> 8; - ingest[*count_ptr += 1] = (log_summary.num_se & 0x00FF); - // ingest[count++] = (log_summary.rs & 0xFF00) >> 8; - ingest[*count_ptr += 1] = (log_summary.rs & 0x00FF); + sdls_ep_reply[*count_ptr] = (log_summary.num_se & 0xFF00) >> 8; + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (log_summary.num_se & 0x00FF); + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (log_summary.rs & 0xFF00) >> 8; + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (log_summary.rs & 0x00FF); + *count_ptr += 1; + +#ifdef PDU_DEBUG + printf("log_count = %d \n", log_count); + printf("log_summary.num_se = 0x%02x \n", log_summary.num_se); + printf("log_summary.rs = 0x%02x \n", log_summary.rs); + printf("MC Erase Reply: 0x"); + for (int x = 0; x < *count_ptr; x++) + { + printf("%02x", sdls_ep_reply[x]); + } + printf("\n"); +#endif return CRYPTO_LIB_SUCCESS; } @@ -178,11 +211,21 @@ int32_t Crypto_MC_selftest(uint8_t* ingest, int* count_ptr) // TODO: Perform test // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = SDLS_MC_ST_RPLY_SIZE * 8; - sdls_resp_pkt.hdr.pkt_length = (sdls_resp_pkt.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(ingest, 128); + sdls_frame.pdu.hdr.pdu_len = SDLS_MC_ST_RPLY_SIZE * 8; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; + *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); - ingest[*count_ptr += 1] = result; + ingest[*count_ptr] = result; + *count_ptr += 1; + +#ifdef PDU_DEBUG + printf("MC SelfTest Reply: 0x"); + for (int x = 0; x < *count_ptr; x++) + { + printf("%02x", sdls_ep_reply[x]); + } + printf("\n"); +#endif return CRYPTO_LIB_SUCCESS; } @@ -212,8 +255,8 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = 2 + IV_SIZE; - sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; + sdls_resp_pkt.pdu.hdr.pdu_len = (2 + IV_SIZE) * 8; + sdls_resp_pkt.hdr.pkt_length = (sdls_resp_pkt.pdu.hdr.pdu_len / 8) + 9; *count_ptr = Crypto_Prep_Reply(ingest, 128); // Write SPI to reply diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index e27e6bfe..06cce0e9 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -45,10 +45,6 @@ add_test(NAME UT_AOS_PROCESS COMMAND ${PROJECT_BINARY_DIR}/bin/ut_aos_process WORKING_DIRECTORY ${PROJECT_TEST_DIR}) -add_test(NAME UT_CRYPTO_MC - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_crypto_mc - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - add_test(NAME UT_TM_APPLY COMMAND ${PROJECT_BINARY_DIR}/bin/ut_tm_apply WORKING_DIRECTORY ${PROJECT_TEST_DIR}) diff --git a/test/unit/ut_crypto_mc.c b/test/unit/ut_crypto_mc.c deleted file mode 100644 index f9d1c77b..00000000 --- a/test/unit/ut_crypto_mc.c +++ /dev/null @@ -1,134 +0,0 @@ -/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. - All Foreign Rights are Reserved to the U.S. Government. - - This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, - including, but not limited to, any warranty that the software will conform to specifications, any implied warranties - of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the - documentation will conform to the program, or any warranty that the software will be error free. - - In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or - consequential damages, arising out of, resulting from, or in any way connected with the software or its - documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained - from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. - - ITC Team - NASA IV&V - jstar-development-team@mail.nasa.gov -*/ - -/** - * Unit Tests that macke use of CRYPTO_MC functionality on the data. - **/ -#include "ut_crypto_mc.h" -#include "crypto.h" -#include "crypto_error.h" -#include "sa_interface.h" -#include "utest.h" - - -/** - * @brief Unit Test: Crypto MC Status test - **/ -UTEST(CRYPTO_MC, STATUS) -{ - remove("sa_save_file.bin"); - int status = CRYPTO_LIB_SUCCESS; - int count = 0; - uint8_t ingest[1024] = {0}; - - status = Crypto_MC_status(ingest, &count); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -/** - * @brief Unit Test: Crypto MC Dump test - **/ -UTEST(CRYPTO_MC, DUMP) -{ - remove("sa_save_file.bin"); - int status = CRYPTO_LIB_SUCCESS; - int count = 0; - uint8_t ingest[1024] = {0}; - - status = Crypto_MC_dump(ingest, &count); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -/** - * @brief Unit Test: Crypto MC Erase Test - **/ -UTEST(CRYPTO_MC, ERASE) -{ - remove("sa_save_file.bin"); - int status = CRYPTO_LIB_SUCCESS; - int count = 0; - uint8_t ingest[1024] = {0}; - - status = Crypto_MC_erase(ingest, &count); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -/** - * @brief Unit Test: Crypto MC SelfTest Test - **/ -UTEST(CRYPTO_MC, SELFTEST) -{ - remove("sa_save_file.bin"); - int status = CRYPTO_LIB_SUCCESS; - int count = 0; - uint8_t ingest[1024] = {0}; - - status = Crypto_MC_selftest(ingest, &count); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -/** - * @brief Unit Test: Crypto MC ReadARSN Test - **/ -UTEST(CRYPTO_MC, READARSN) -{ - remove("sa_save_file.bin"); - int count = 0; - int* temp_count = &count; - int32_t status = CRYPTO_LIB_ERROR; - uint8_t ingest[1024] = {0}; - Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - - sa_if->sa_get_from_spi(1, &test_association); - status = Crypto_SA_readARSN(ingest, temp_count); - sa_if = sa_if; - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -/** - * @brief Unit Test: Crypto MC Process Security Test - **/ -UTEST(CRYPTO_MC, PROCESS) -{ - remove("sa_save_file.bin"); - uint8_t ingest[1024] = {0}; - uint16_t len_ingest = 1024; - int32_t status = CRYPTO_LIB_ERROR; - uint8_t* tm_sdls_processed_frame = NULL; - uint16_t dec_frame_length; - - status = Crypto_TM_ProcessSecurity((uint8_t *)&ingest, len_ingest, &tm_sdls_processed_frame, &dec_frame_length); - ASSERT_EQ(103, status); -} - -/** - * @brief Unit Test: Crypto Get TM Length Test - **/ -UTEST(CRYPTO_MC, TMLENGTH) -{ - remove("sa_save_file.bin"); - int length = 0; - - length = Crypto_Get_tmLength(length); - ASSERT_EQ(1145, length); -} - -UTEST_MAIN(); \ No newline at end of file From 632b66ad2ef4ce6e7c0916d5b4376bd48b3559f8 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 7 Oct 2024 20:22:46 +0000 Subject: [PATCH 103/241] [nasa/cryptolib#331] Remove leftover debug prints --- src/core/crypto_tm.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 03b2c1dd..45de215c 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1658,17 +1658,10 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ crypto_key_t* ekp = NULL; crypto_key_t* akp = NULL; - printf("p_ingest[0] = %d\n", p_ingest[0]); - printf("TFVN = %d\n", (p_ingest[0] & 0xC0) >> 6); - printf("p_ingest[1] = %d\n", p_ingest[1]); // Bit math to give concise access to values in the ingest tm_frame_pri_hdr.tfvn = ((uint8_t)p_ingest[0] & 0xC0) >> 6; //tm_frame_pri_hdr.scid = (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4); - printf("Lower: %02x\n", (((uint16_t)p_ingest[0] & 0x3f) << 4)); - printf("upper: %02x\n", (((uint16_t)p_ingest[1] & 0xf0) >> 4)); - printf("Combined %02x\n", (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4)); tm_frame_pri_hdr.scid = (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4); - printf("SCID: %02x\n", tm_frame_pri_hdr.scid); //tm_frame_pri_hdr.scid = 0x002c; tm_frame_pri_hdr.vcid = ((uint8_t)p_ingest[1] & 0x0E) >> 1; From a7014401838cd447cff872526216b1b48eb52957 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 7 Oct 2024 20:24:54 +0000 Subject: [PATCH 104/241] [nasa/cryptolib#331] Add key inventory reply structs --- include/crypto_structs.h | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/include/crypto_structs.h b/include/crypto_structs.h index c953786e..015ee1a5 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -155,8 +155,21 @@ typedef struct { uint16_t kid_first : 16; // First Key ID uint16_t kid_last : 16; // Last Key ID +} SDLS_KEY_INVENTORY_CMD_t; +#define SDLS_KEY_INVENTORY_CMD_SIZE (sizeof(SDLS_KEY_INVENTORY_CMD_t)) + +typedef struct +{ + uint16_t kid : 16; // Key ID + uint16_t key_state : 8; // Key state } SDLS_KEY_INVENTORY_t; -#define SDLS_KEY_INVENTORY_SIZE (sizeof(SDLS_KEY_INVENTORY_t)) +#define SDLS_KEY_INVENTORY_RPLY_SIZE (sizeof(SDLS_KEY_INVENTORY_t)) + +typedef struct +{ + SDLS_KEY_INVENTORY_t blk[NUM_KEYS]; // Key Verification Command Block +} SDLS_KEY_INVENTORY_RPLY_t; +#define SDLS_KEY_INVENTORY_BLK_RPLY_SIZE (sizeof(SDLS_KEY_INVENTORY_t)) typedef struct { From b0487f79802c819ef0df584c727ddd28a8a4dfa3 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 8 Oct 2024 13:48:59 +0000 Subject: [PATCH 105/241] [nasa/cryptolib#331] Rework SA EP Replies --- include/crypto_structs.h | 9 +- src/core/crypto_mc.c | 41 +++++--- .../internal/sa_interface_inmemory.template.c | 96 ++++++++++--------- test/unit/ut_ep_sa_mgmt.c | 3 + 4 files changed, 93 insertions(+), 56 deletions(-) diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 015ee1a5..b37277f2 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -220,10 +220,17 @@ typedef struct typedef struct { uint16_t spi : 16; // Security Parameter Index - uint8_t lpid : 8; // Procedure ID from Last State Transition + uint8_t lpid : 8; // Procedure ID from Last State Transition or Current State } SDLS_SA_STATUS_RPLY_t; #define SDLS_SA_STATUS_RPLY_SIZE (sizeof(SDLS_SA_STATUS_RPLY_t)) +typedef struct +{ + uint16_t spi : 16; // Security Parameter Index + uint8_t arsn[ARSN_SIZE]; // Anti-Replay Sequence Number +} SDLS_SA_READ_ARSN_RPLY_t; +#define SDLS_SA_READ_ARSN_RPLY_SIZE (sizeof(SDLS_SA_READ_ARSN_RPLY_t)) + typedef struct { uint16_t num_se; // Number of Security Events diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 04739fc7..ef439401 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -254,15 +254,6 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; - // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = (2 + IV_SIZE) * 8; - sdls_resp_pkt.hdr.pkt_length = (sdls_resp_pkt.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(ingest, 128); - - // Write SPI to reply - ingest[*count_ptr += 1] = (spi & 0xFF00) >> 8; - ingest[*count_ptr += 1] = (spi & 0x00FF); - if (sa_if->sa_get_from_spi(spi, &sa_ptr) != CRYPTO_LIB_SUCCESS) { // TODO - Error handling @@ -271,21 +262,41 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) if (status == CRYPTO_LIB_SUCCESS) { + // Prepare for Reply + sdls_frame.pdu.hdr.pdu_len = (SPI_LEN + sa_ptr->arsn_len) * 8; // bits + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; + *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); + + // Write SPI to reply + sdls_ep_reply[*count_ptr] = (spi & 0xFF00) >> 8; + *count_ptr += 1; + sdls_ep_reply[*count_ptr] = (spi & 0x00FF); + *count_ptr += 1; + + for (x = 0; x < sa_ptr->arsn_len; x++) + { + sdls_ep_reply[*count_ptr] = *(sa_ptr->arsn + x); + *count_ptr += 1; + } + if (sa_ptr->shivf_len > 0 && sa_ptr->ecs == 1 && sa_ptr->acs == 1) { // Set IV - authenticated encryption for (x = 0; x < sa_ptr->shivf_len - 1; x++) { - ingest[*count_ptr += 1] = *(sa_ptr->iv + x); + sdls_ep_reply[*count_ptr] = *(sa_ptr->iv + x); + *count_ptr += 1; } // TODO: Do we need this? if (*(sa_ptr->iv + sa_ptr->shivf_len - 1) > 0) { // Adjust to report last received, not expected - ingest[*count_ptr += 1] = *(sa_ptr->iv + sa_ptr->shivf_len - 1) - 1; + sdls_ep_reply[*count_ptr] = *(sa_ptr->iv + sa_ptr->shivf_len - 1) - 1; + *count_ptr += 1; } else { - ingest[*count_ptr += 1] = *(sa_ptr->iv + sa_ptr->shivf_len - 1); + sdls_ep_reply[*count_ptr] = *(sa_ptr->iv + sa_ptr->shivf_len - 1); + *count_ptr += 1; } } else @@ -305,6 +316,12 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) } printf("\n"); } + printf("SA Read ARSN Reply: 0x"); + for (int x = 0; x < *count_ptr; x++) + { + printf("%02x", sdls_ep_reply[x]); + } + printf("\n"); #endif } } diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 3d326893..848e7bb1 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -990,21 +990,21 @@ static int32_t sa_start(TC_t* tc_frame) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = - (sdls_resp_pkt.pdu.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; + (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_KEYED) { count = 2; - for (x = 0; x <= ((sdls_resp_pkt.pdu.hdr.pdu_len - 2) / 4); x++) + for (x = 0; x <= ((sdls_frame.pdu.hdr.pdu_len - 2) / 4); x++) { // Read in GVCID - gvcid.tfvn = (sdls_resp_pkt.pdu.data[count] >> 4); - gvcid.scid = (sdls_resp_pkt.pdu.data[count] << 12) | (sdls_resp_pkt.pdu.data[count + 1] << 4) | - (sdls_resp_pkt.pdu.data[count + 2] >> 4); - gvcid.vcid = (sdls_resp_pkt.pdu.data[count + 2] << 4) | (sdls_resp_pkt.pdu.data[count + 3] && 0x3F); + gvcid.tfvn = (sdls_frame.pdu.data[count] >> 4); + gvcid.scid = (sdls_frame.pdu.data[count] << 12) | (sdls_frame.pdu.data[count + 1] << 4) | + (sdls_frame.pdu.data[count + 2] >> 4); + gvcid.vcid = (sdls_frame.pdu.data[count + 2] << 4) | (sdls_frame.pdu.data[count + 3] && 0x3F); if (current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) { - gvcid.mapid = (sdls_resp_pkt.pdu.data[count + 3]); + gvcid.mapid = (sdls_frame.pdu.data[count + 3]); } else { @@ -1124,7 +1124,7 @@ static int32_t sa_stop(void) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = - (sdls_resp_pkt.pdu.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; + (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_OPERATIONAL) { @@ -1190,7 +1190,7 @@ static int32_t sa_rekey(void) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = - (sdls_resp_pkt.pdu.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; + (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_UNKEYED) { // Encryption Key @@ -1211,9 +1211,9 @@ static int32_t sa_rekey(void) { // TODO: Uncomment once fixed in ESA implementation // TODO: Assuming this was fixed... - *(sa[spi].iv + x - count) = (uint8_t)sdls_resp_pkt.pdu.data[x]; + *(sa[spi].iv + x - count) = (uint8_t)sdls_frame.pdu.data[x]; #ifdef PDU_DEBUG - printf("%02x", sdls_resp_pkt.pdu.data[x]); + printf("%02x", sdls_frame.pdu.data[x]); #endif } } @@ -1273,7 +1273,7 @@ static int32_t sa_expire(void) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = - (sdls_resp_pkt.pdu.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; + (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_KEYED) { // Change to 'Unkeyed' state @@ -1306,7 +1306,7 @@ static int32_t sa_create(void) uint16_t spi = 0x0000; int x; - // Read sdls_resp_pkt.pdu.data + // Read sdls_frame.pdu.data spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; #ifdef DEBUG printf("spi = %d \n", spi); @@ -1322,45 +1322,45 @@ static int32_t sa_create(void) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = - (sdls_resp_pkt.pdu.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; + (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; // Write SA Configuration - sa[spi].est = ((uint8_t)sdls_resp_pkt.pdu.data[2] & 0x80) >> 7; - sa[spi].ast = ((uint8_t)sdls_resp_pkt.pdu.data[2] & 0x40) >> 6; - sa[spi].shivf_len = ((uint8_t)sdls_resp_pkt.pdu.data[2] & 0x3F); - sa[spi].shsnf_len = ((uint8_t)sdls_resp_pkt.pdu.data[3] & 0xFC) >> 2; - sa[spi].shplf_len = ((uint8_t)sdls_resp_pkt.pdu.data[3] & 0x03); - sa[spi].stmacf_len = ((uint8_t)sdls_resp_pkt.pdu.data[4]); - sa[spi].ecs_len = ((uint8_t)sdls_resp_pkt.pdu.data[5]); + sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; + sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; + sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); + sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; + sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); + sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); + sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); for (x = 0; x < sa[spi].ecs_len; x++) { - sa[spi].ecs = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].shivf_len = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]); for (x = 0; x < sa[spi].shivf_len; x++) { - sa[spi].iv[x] = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].acs_len = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]); for (x = 0; x < sa[spi].acs_len; x++) { - sa[spi].acs = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].abm_len = (uint8_t)((sdls_resp_pkt.pdu.data[count] << 8) | (sdls_resp_pkt.pdu.data[count + 1])); + sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1])); count = count + 2; for (x = 0; x < sa[spi].abm_len; x++) { - sa[spi].abm[x] = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].arsn_len = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]); for (x = 0; x < sa[spi].arsn_len; x++) { - *(sa[spi].arsn + x) = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].arsnw_len = ((uint8_t)sdls_resp_pkt.pdu.data[count++]); + sa[spi].arsnw_len = ((uint8_t)sdls_frame.pdu.data[count++]); for (x = 0; x < sa[spi].arsnw_len; x++) { - sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_resp_pkt.pdu.data[count++]) << (sa[spi].arsnw_len - x)); + sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_frame.pdu.data[count++]) << (sa[spi].arsnw_len - x)); } // TODO: Checks for valid data @@ -1407,7 +1407,7 @@ static int32_t sa_delete(void) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) sa[spi].lpid = - (sdls_resp_pkt.pdu.hdr.type << 7) | (sdls_resp_pkt.pdu.hdr.uf << 6) | (sdls_resp_pkt.pdu.hdr.sg << 4) | sdls_resp_pkt.pdu.hdr.pid; + (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_UNKEYED) { // Change to 'None' state @@ -1458,7 +1458,7 @@ static int32_t sa_setARSN(void) #endif for (x = 0; x < IV_SIZE; x++) { - *(sa[spi].iv + x) = (uint8_t)sdls_resp_pkt.pdu.data[x + 2]; + *(sa[spi].iv + x) = (uint8_t)sdls_frame.pdu.data[x + 2]; #ifdef PDU_DEBUG printf("%02x", *(sa[spi].iv + x)); #endif @@ -1472,7 +1472,7 @@ static int32_t sa_setARSN(void) #endif for (x = 0; x < sa[spi].arsn_len; x++) { - *(sa[spi].arsn + x) = (uint8_t)sdls_resp_pkt.pdu.data[x + 2]; + *(sa[spi].arsn + x) = (uint8_t)sdls_frame.pdu.data[x + 2]; #ifdef PDU_DEBUG printf("%02x", *(sa[spi].arsn + x)); #endif @@ -1507,7 +1507,7 @@ static int32_t sa_setARSNW(void) // Check SPI exists if (spi < NUM_SA) { - sa[spi].arsnw_len = (uint8_t)sdls_resp_pkt.pdu.data[2]; + sa[spi].arsnw_len = (uint8_t)sdls_frame.pdu.data[2]; // Check for out of bounds if (sa[spi].arsnw_len > (ARSN_SIZE)) @@ -1517,7 +1517,7 @@ static int32_t sa_setARSNW(void) for (x = 0; x < sa[spi].arsnw_len; x++) { - sa[spi].arsnw = (((uint8_t)sdls_resp_pkt.pdu.data[x + 2]) << (sa[spi].arsnw_len - 1 - x)); + sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 2]) << (sa[spi].arsnw_len - 1 - x)); } #ifdef PDU_DEBUG printf("ARSN set to: %d\n", sa[spi].arsnw); @@ -1559,21 +1559,31 @@ static int32_t sa_status(uint8_t* ingest) if (spi < NUM_SA) { // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = 3; - sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; - count = Crypto_Prep_Reply(ingest, 128); + sdls_frame.pdu.hdr.pdu_len = SDLS_SA_STATUS_RPLY_SIZE * 8; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU - ingest[count++] = (spi & 0xFF00) >> 8; - ingest[count++] = (spi & 0x00FF); - ingest[count++] = sa[spi].lpid; + sdls_ep_reply[count++] = (spi & 0xFF00) >> 8; + sdls_ep_reply[count++] = (spi & 0x00FF); + sdls_ep_reply[count++] = sa[spi].lpid; } else { printf("sa_status ERROR: SPI %d does not exist.\n", spi); + status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; } #ifdef SA_DEBUG Crypto_saPrint(&sa[spi]); + if (status == CRYPTO_LIB_SUCCESS) + { + printf("SA Status Reply: 0x"); + for (int x = 0; x < count; x++) + { + printf("%02x", sdls_ep_reply[x]); + } + printf("\n"); + } #endif } diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 9e2bca37..00d06371 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -175,6 +175,9 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) // Modify SA 1 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; + test_association->shivf_len = 0; + test_association->iv_len = 0; + test_association->ecs = 0; test_association->arsn_len = 4; test_association->arsn[0] = 0xDE; test_association->arsn[1] = 0xAD; From d9811a6191762b37119e12583cf508302441cc24 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 8 Oct 2024 16:03:39 +0000 Subject: [PATCH 106/241] [nasa/cryptolib#331] Incorporate work from nasa/cryptolib#147 --- include/crypto.h | 7 +- src/core/crypto.c | 32 +++ src/core/crypto_key_mgmt.c | 76 ++++--- src/core/crypto_print.c | 32 +++ test/unit/ut_ep_key_validation.c | 367 +++++++++---------------------- 5 files changed, 225 insertions(+), 289 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 2e4ad08a..c2f45bc6 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -176,8 +176,6 @@ void Crypto_TM_Calc_PDU_MAC(uint16_t* pdu_len, uint16_t byte_idx, SecurityAssoci int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint8_t ecs_is_aead_algorithm, uint16_t byte_idx, uint8_t* p_new_dec_frame, uint16_t pdu_len, uint8_t* p_ingest, crypto_key_t* ekp, crypto_key_t* akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length); void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); - -extern uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID); extern int32_t Crypto_increment(uint8_t* num, int length); int32_t Crypto_Get_tmLength(int len); uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id); @@ -200,6 +198,11 @@ int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t* sa_ptr, int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* arsn, int8_t* arsn_valid); int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, int8_t* iv_valid); +// SDLS Related Functions +extern uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID); +extern void Crypto_Print_Sdls_Ep_Reply(void); +extern int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t* buffer, uint16_t* length); + // Key Management Functions int32_t Crypto_Key_OTAR(void); int32_t Crypto_Key_update(uint8_t state); diff --git a/src/core/crypto.c b/src/core/crypto.c index d9d64558..b0337a29 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -290,6 +290,38 @@ uint8_t Crypto_Prep_Reply(uint8_t* reply, uint8_t appID) return count; } + +int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t* buffer, uint16_t* length) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + // Length to be pulled from packet header + uint16_t pkt_length = 0; + + // Check for NULL Inputs + if (buffer == NULL || length == NULL) + { + status = CRYPTO_LIB_ERR_NULL_BUFFER; + return status; + } + + pkt_length = sdls_frame.hdr.pkt_length; + + // Sanity Check on length + if (pkt_length > TC_MAX_FRAME_SIZE) + { + status = CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_SPEC_LIMIT; + return status; + } + + // Copy our length, which will fit in the buffer + memcpy(buffer, sdls_ep_reply, (size_t)pkt_length); + + // Update length externally + *length = pkt_length; + + return status; +} + /** * @brief Function Crypto_Calc_FECF * Calculate the Frame Error Control Field (FECF), also known as a cyclic redundancy check (CRC) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 22e1806c..91bf8cf7 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -45,12 +45,12 @@ int32_t Crypto_Key_OTAR(void) int y; int32_t status = CRYPTO_LIB_SUCCESS; // uint16_t pdu_len = (uint16_t) sdls_resp_pkt.pdu.hdr.pdu_len[1] << 8 | sdls_resp_pkt.pdu.hdr.pdu_len[0]; - int pdu_keys = (sdls_resp_pkt.pdu.hdr.pdu_len - 30) / (2 + 32); + int pdu_keys = (sdls_frame.pdu.hdr.pdu_len - 30) / (2 + 32); int w; crypto_key_t* ekp = NULL; printf("# PDU Keys: %d\n", pdu_keys); // Master Key ID - packet.mkid = (sdls_resp_pkt.pdu.data[0] << 8) | (sdls_resp_pkt.pdu.data[1]); + packet.mkid = (sdls_frame.pdu.data[0] << 8) | (sdls_frame.pdu.data[1]); printf("MKID: %d\n", packet.mkid); if (packet.mkid >= 128) { @@ -73,15 +73,15 @@ int32_t Crypto_Key_OTAR(void) for (count = 2; count < (2 + 12); count++) { // Initialization Vector - packet.iv[count - 2] = sdls_resp_pkt.pdu.data[count]; - //printf("packet.iv[%d] = 0x%02x\n", count-2, packet.iv[count-2]); + packet.iv[count - 2] = sdls_frame.pdu.data[count]; + printf("packet.iv[%d] = 0x%02x\n", count-2, packet.iv[count-2]); } - count = sdls_resp_pkt.pdu.hdr.pdu_len - MAC_SIZE; + count = sdls_frame.pdu.hdr.pdu_len - MAC_SIZE; for (w = 0; w < 16; w++) { // MAC - packet.mac[w] = sdls_resp_pkt.pdu.data[count + w]; - //printf("packet.mac[%d] = 0x%02x\n", w, packet.mac[w]); + packet.mac[w] = sdls_frame.pdu.data[count + w]; + printf("packet.mac[%d] = 0x%02x\n", w, packet.mac[w]); } ekp = key_if->get_key(packet.mkid); @@ -91,7 +91,7 @@ int32_t Crypto_Key_OTAR(void) } uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; - status = cryptography_if->cryptography_aead_decrypt(&(sdls_resp_pkt.pdu.data[14]), // plaintext output + status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output (size_t)(pdu_keys * (2 + 32)), // length of data NULL, // in place decryption 0, // in data length @@ -115,7 +115,7 @@ int32_t Crypto_Key_OTAR(void) // Read in Decrypted Data for (count = 14; x < pdu_keys; x++) { // Encrypted Key Blocks - packet.EKB[x].ekid = (sdls_resp_pkt.pdu.data[count] << 8) | (sdls_resp_pkt.pdu.data[count + 1]); + packet.EKB[x].ekid = (sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]); if (packet.EKB[x].ekid < 128) { report.af = 1; @@ -146,12 +146,12 @@ int32_t Crypto_Key_OTAR(void) for (y = count; y < (32 + count); y++) { // Encrypted Key - packet.EKB[x].ek[y - count] = sdls_resp_pkt.pdu.data[y]; + packet.EKB[x].ek[y - count] = sdls_frame.pdu.data[y]; #ifdef SA_DEBUG printf("\t packet.EKB[%d].ek[%d] = 0x%02x\n", x, y - count, packet.EKB[x].ek[y - count]); #endif // Setup Key Ring - ekp->value[y - count] = sdls_resp_pkt.pdu.data[y]; + ekp->value[y - count] = sdls_frame.pdu.data[y]; } count = count + 32; @@ -300,7 +300,7 @@ int32_t Crypto_Key_update(uint8_t state) int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) { // Local variables - SDLS_KEY_INVENTORY_t packet; + SDLS_KEY_INVENTORY_CMD_t packet; uint16_t range = 0; int32_t status = CRYPTO_LIB_SUCCESS; crypto_key_t* ekp = NULL; @@ -313,22 +313,31 @@ int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) } // Read in PDU - packet.kid_first = ((uint8_t)sdls_resp_pkt.pdu.data[*count] << 8) | ((uint8_t)sdls_resp_pkt.pdu.data[*count + 1]); + packet.kid_first = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); *count = *count + 2; - packet.kid_last = ((uint8_t)sdls_resp_pkt.pdu.data[*count] << 8) | ((uint8_t)sdls_resp_pkt.pdu.data[*count + 1]); + packet.kid_last = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); *count = *count + 2; // Prepare for Reply - range = packet.kid_last - packet.kid_first; - sdls_resp_pkt.pdu.hdr.pdu_len = 2 + (range * (2 + 1)); - sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; - *count = Crypto_Prep_Reply(ingest, 128); + range = packet.kid_last - packet.kid_first + 1; + sdls_resp_pkt.pdu.hdr.pdu_len = (sizeof(sdls_resp_pkt.pdu.hdr) + (SDLS_KEY_INVENTORY_RPLY_SIZE * (range))) * 8; + sdls_resp_pkt.hdr.pkt_length = (sdls_resp_pkt.pdu.hdr.pdu_len / 8) + 9; + *count = Crypto_Prep_Reply(sdls_ep_reply, 128); + printf("RESP_LEN: %d\n", *count); + sdls_resp_pkt.pdu.data[*count] = ((range & 0xFF00) >> 8); + sdls_ep_reply[*count] = ((range & 0xFF00) >> 8); ingest[*count += 1] = (range & 0xFF00) >> 8; + sdls_resp_pkt.pdu.data[*count] = (range & 0x00FF); + sdls_ep_reply[*count] = (range & 0x00FF); ingest[*count += 1] = (range & 0x00FF); - for (x = packet.kid_first; x < packet.kid_last; x++) + for (x = packet.kid_first; x <= packet.kid_last; x++) { // Key ID + sdls_resp_pkt.pdu.data[*count] = ((x & 0xFF00) >> 8); + sdls_ep_reply[*count] = ((x & 0xFF00) >> 8); ingest[*count += 1] = (x & 0xFF00) >> 8; + sdls_resp_pkt.pdu.data[*count] = (x & 0x00FF); + sdls_ep_reply[*count] = (x & 0x00FF); ingest[*count += 1] = (x & 0x00FF); // Get Key ekp = key_if->get_key(x); @@ -337,8 +346,18 @@ int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) return CRYPTO_LIB_ERR_KEY_ID_ERROR; } // Key State + sdls_resp_pkt.pdu.data[*count] = ekp->key_state; + sdls_ep_reply[*count] = ekp->key_state; ingest[*count += 1] = ekp->key_state; } +#ifdef DEBUG + printf("Key Inventory Reply: 0x"); + for (x = 0; x < sdls_resp_pkt.hdr.pkt_length; x++) + { + printf("%02x", sdls_ep_reply[x]); + } + printf("\n"); +#endif return status; } @@ -351,11 +370,12 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) { // Local variables SDLS_KEYV_CMD_t packet; - int pdu_keys = sdls_resp_pkt.pdu.hdr.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; + int pdu_keys = sdls_frame.pdu.hdr.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; int x; int y; int32_t status = CRYPTO_LIB_SUCCESS; crypto_key_t* ekp = NULL; + tc_frame = tc_frame; if (key_if == NULL) { @@ -371,7 +391,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) for (x = 0; x < pdu_keys; x++) { // Key ID - packet.blk[x].kid = ((uint8_t)sdls_resp_pkt.pdu.data[*count] << 8) | ((uint8_t)sdls_resp_pkt.pdu.data[*count + 1]); + packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); *count += 2; #ifdef PDU_DEBUG printf("\tCrypto_Key_verify: Block %d Key ID is %d ", x, packet.blk[x].kid); @@ -379,7 +399,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) // Key Challenge for (y = 0; y < CHALLENGE_SIZE; y++) { - packet.blk[x].challenge[y] = sdls_resp_pkt.pdu.data[*count]; + packet.blk[x].challenge[y] = sdls_frame.pdu.data[*count]; *count += 1; } #ifdef PDU_DEBUG @@ -388,16 +408,16 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) } // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_KEYV_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * 8; + sdls_frame.pdu.hdr.pdu_len = pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_KEYV_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * 8; // length = pdu_len + HDR + PUS - 1 (per CCSDS Convention) if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { - sdls_resp_pkt.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_resp_pkt.pdu.hdr.pdu_len/8) - 1 ; + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len/8) - 1 ; } else { - sdls_resp_pkt.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_resp_pkt.pdu.hdr.pdu_len/8) - 1; + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len/8) - 1; } *count = Crypto_Prep_Reply(sdls_ep_reply, 128); @@ -427,9 +447,9 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) // Initialization Vector for (y = 0; y < SDLS_KEYV_IV_LEN; y++) { - sdls_resp_pkt.pdu.data[pdu_data_idx] = *(tc_frame->tc_sec_header.iv + y); - sdls_ep_keyv_reply.blk[x].iv[y] = *(tc_frame->tc_sec_header.iv + y); - sdls_ep_reply[pdu_data_idx] = *(tc_frame->tc_sec_header.iv + y); + sdls_resp_pkt.pdu.data[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); + sdls_ep_keyv_reply.blk[x].iv[y] =0x00; //= *(tc_frame->tc_sec_header.iv + y); + sdls_ep_reply[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); pdu_data_idx += 1; *count += 1; } diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index 71d36018..db68e6a2 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -98,6 +98,38 @@ void Crypto_tmPrint(TM_t* tm_frame) printf("\n"); } +void Crypto_Print_Sdls_Ep_Reply(void) +{ + // Length to be pulled from packet header + uint16_t pkt_length = 0; + + // Check for Null Inputs + if (sdls_ep_reply == NULL) + { + printf(KRED "The sdls_ep_reply buffer is null... this isn't good as it should be static in memory!\n" RESET); + return; + } + + pkt_length = (sdls_ep_reply[4] << 8) | sdls_ep_reply[5]; + + // Sanity check on length + if (pkt_length > TC_MAX_FRAME_SIZE) + { + printf(KRED "Unable to print SDLS Reply... invalid length of %d\n" RESET, pkt_length); + return; + } + + // Do the print + printf("SDLS Reply Global: 0x"); + for (int i =0; i < pkt_length; i++) + { + printf("%02X", sdls_ep_reply[i]); + } + printf("\n\n"); + + return; +} + /** * @brief Function: Crypto_clcwPrint * Prints the current CLCW in memory. diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_validation.c index 48a5e995..aa8db82d 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_validation.c @@ -23,13 +23,13 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + // crypto_key_t* ekp = NULL; int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_OTAR_h = "2003009e00ff000000001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; + //char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char* buffer_OTAR_h = "2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; // |2003009e00| = Primary Header // |ff| = Ext. Procs // |0000| = SPI @@ -52,8 +52,8 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) // |10a47209c923b641d19a39001f9e9861| = MAC // |66f5ffd95555| = Trailer or Padding??? - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_OTAR_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_OTAR_len = 0; + uint8_t *buffer_nist_key_b, *buffer_OTAR_b = NULL; + int buffer_nist_key_len, buffer_OTAR_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; @@ -61,12 +61,8 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) // Expose/setup SAs for testing SecurityAssociation_t* test_association; - // Deactivate SA 1 + // Activate SA 1 sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - - // Activate SA 0 - sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; @@ -75,17 +71,18 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; - test_association->iv_len = 12; + test_association->iv_len = 0; + test_association->shivf_len = 0; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + // ekp = key_if->get_key(test_association->ekid); + // memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed hex_conversion(buffer_OTAR_h, (char**) &buffer_OTAR_b, &buffer_OTAR_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + //hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + //memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); @@ -94,7 +91,7 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) printf("\n"); Crypto_Shutdown(); - free(buffer_nist_iv_b); + //free(buffer_nist_iv_b); free(buffer_nist_key_b); free(buffer_OTAR_b); } @@ -277,94 +274,7 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) free(buffer_DEACTIVATE_b); } -// UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) -// { -// remove("sa_save_file.bin"); -// // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, -// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, -// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, -// TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; -// Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - -// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// //GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; -// //Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - -// int status = CRYPTO_LIB_SUCCESS; -// status = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// SaInterface sa_if = get_sa_interface_inmemory(); -// crypto_key_t* ekp = NULL; - - -// // NOTE: Added Transfer Frame header to the plaintext -// char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; -// char* buffer_nist_iv_h = "000000000000000000000000"; // The last valid IV that was seen by the SA -// char* buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; -// // |2003001c00| = Primary Header -// // |ff| = SPI -// // |00000000| = security Header -// // |1880| = CryptoLib App ID -// // |d03b| = seq, packet id -// // |000a| = Packet Length -// // |197f| = pusv, ack, st -// // |0b| = sst -// // |0007| = PDU Tag -// // |0004| = PDU Length -// // |0084| = Key ID (132) -// // |0086| = Key ID (134) -// // |1f6d82ebe4fc55555555| = Trailer??? - -// uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; -// int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; - -// // Setup Processed Frame For Decryption -// TC_t tc_nist_processed_frame; - -// // Expose/setup SAs for testing -// SecurityAssociation_t* test_association; - -// // Deactivate SA 1 -// sa_if->sa_get_from_spi(1, &test_association); -// test_association->sa_state = SA_NONE; - -// // Activate SA 9 -// sa_if->sa_get_from_spi(0, &test_association); -// test_association->sa_state = SA_OPERATIONAL; -// test_association->ecs_len = 1; -// test_association->ecs = CRYPTO_CIPHER_NONE; -// test_association->est = 0; -// test_association->ast = 0; -// test_association->shsnf_len = 2; -// test_association->arsn_len = 2; -// test_association->arsnw = 5; -// test_association->iv_len = 12; - -// // Insert key into keyring of SA 9 -// hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); -// ekp = key_if->get_key(test_association->ekid); -// memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); -// // Convert frames that will be processed -// hex_conversion(buffer_INVENTORY_h, (char**) &buffer_INVENTORY_b, &buffer_INVENTORY_len); -// // Convert/Set input IV -// hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); -// memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); -// // Expect success on next valid IV && ARSN -// printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); -// status = Crypto_TC_ProcessSecurity(buffer_INVENTORY_b, &buffer_INVENTORY_len, &tc_nist_processed_frame); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// printf("\n"); -// Crypto_Shutdown(); -// free(buffer_nist_iv_b); -// free(buffer_nist_key_b); -// ASSERT_EQ(0,0); -// } - -UTEST(EP_KEY_VALIDATION, VERIFY_132_134) +UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib @@ -377,37 +287,36 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + //GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + //Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); int status = CRYPTO_LIB_SUCCESS; status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); SaInterface sa_if = get_sa_interface_inmemory(); crypto_key_t* ekp = NULL; - + // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - // Truth PDU 0880D03A006584005C0000000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF548E28857E00000000000000000000000002 - char* buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; - // |2003003e00| = Primary Header - // |ff| = SPI - // |00000000| = Security header - // |1880| = CryptoLib App ID - // |d03a| = seq, packet id - // |002c| = Packet Length - // |197f| = pusv, ack, st - // |0b| = sst - // |0004| = PDU Tag - // |0024| = PDU Length - // |0084| = Key ID (132) - // |71fc3ad5b1c36ad56bd5a5432315cdab| = Challenge - // |0086| = Key ID (134) - // |75c06302465bc6d5091a29957eebed35| = Challenge - // |c00a6ed8| = Trailer - uint8_t *buffer_nist_key_b, *buffer_VERIFY_b = NULL; - int buffer_nist_key_len, buffer_VERIFY_len = 0; + char* buffer_nist_iv_h = "000000000000000000000000"; // The last valid IV that was seen by the SA + char* buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; + // |2003001c00| = Primary Header + // |ff| = SPI + // |00000000| = security Header + // |1880| = CryptoLib App ID + // |d03b| = seq, packet id + // |000a| = Packet Length + // |197f| = pusv, ack, st + // |0b| = sst + // |0007| = PDU Tag + // |0004| = PDU Length + // |0084| = Key ID (132) + // |0086| = Key ID (134) + // |1f6d82ebe4fc55555555| = Trailer??? + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; @@ -422,35 +331,37 @@ UTEST(EP_KEY_VALIDATION, VERIFY_132_134) // Activate SA 9 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 0; + test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; test_association->est = 0; test_association->ast = 0; test_association->shsnf_len = 2; test_association->arsn_len = 2; - test_association->arsnw_len = 1; test_association->arsnw = 5; + test_association->iv_len = 12; + // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - // Convert frames that will be processed - hex_conversion(buffer_VERIFY_h, (char**) &buffer_VERIFY_b, &buffer_VERIFY_len); - + hex_conversion(buffer_INVENTORY_h, (char**) &buffer_INVENTORY_b, &buffer_INVENTORY_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect success on next valid IV && ARSN - printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_VERIFY_b, &buffer_VERIFY_len, &tc_nist_processed_frame); + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_INVENTORY_b, &buffer_INVENTORY_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); + free(buffer_nist_iv_b); free(buffer_nist_key_b); - free(buffer_VERIFY_b); - + ASSERT_EQ(0,0); } -UTEST(EP_KEY_VALIDATION, VERIFY_APPLY_132_134) +UTEST(EP_KEY_VALIDATION, VERIFY_132_134) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib @@ -461,25 +372,47 @@ UTEST(EP_KEY_VALIDATION, VERIFY_APPLY_132_134) // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - + int status = CRYPTO_LIB_SUCCESS; status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); SaInterface sa_if = get_sa_interface_inmemory(); crypto_key_t* ekp = NULL; - // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "000000000000000000000001"; // The last valid IV that was seen by the SA - char* buffer_RESPONSE_h = "0880d03a006584005c0000000000000000000000000001d8eaa795affaa0e951bb6cf0116192e16b1977d6723e92e01123ccef548e28857e0000000000000000000000000275c47f30b4ee759ffa9607237db92121d65d3ed1fe943fcf04535efd0e0fc793"; + char* buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; + // |2003003e00| = Primary Header + // |ff| = SPI + // |00000000| = Security header + // |1880| = CryptoLib App ID + // |d03a| = seq, packet id + // |002c| = Packet Length + // |197f| = pusv, ack, st + // |0b| = sst + // |0004| = PDU Tag + // |0024| = PDU Length + // |0084| = Key ID (132) + // |71fc3ad5b1c36ad56bd5a5432315cdab| = Challenge + // |0086| = Key ID (134) + // |75c06302465bc6d5091a29957eebed35| = Challenge + // |c00a6ed8| = Trailer + // TRUTH PDU + char* buffer_TRUTH_RESPONSE_h = "0880D03A0068197F0B008402E00084000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF548E2885008600000000000000000000000275C47F30CA26E64AF30C19EBFFE0B314849133E138AC65BC2806E520A90C96A8"; + // 0880D03A0068 = Primary Header + // 197F0B00 = PUS Header + // 0402E0 = PDU Tag & Length + // 0084 000000000000000000000001 D8EAA795AFFAA0E951BB6CF0116192E1 6B1977D6723E92E01123CCEF548E2885 = #1: KID, IV, CHALLENGE, MAC + // 0086 000000000000000000000002 75C47F30CA26E64AF30C19EBFFE0B314 849133E138AC65BC2806E520A90C96A8 = #2: KID, IV, CHALLENGE, MAC + uint8_t *buffer_nist_key_b, *buffer_VERIFY_b, *buffer_TRUTH_RESPONSE_b = NULL; + int buffer_nist_key_len, buffer_VERIFY_len, buffer_TRUTH_RESPONSE_len = 0; - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_RESPONSE_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_RESPONSE_len = 0; + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame = {0}; // Expose/setup SAs for testing SecurityAssociation_t* test_association; @@ -488,146 +421,62 @@ UTEST(EP_KEY_VALIDATION, VERIFY_APPLY_132_134) sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; - // Activate SA 9 + // Activate SA 0 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 0; test_association->ecs = CRYPTO_CIPHER_NONE; test_association->est = 0; test_association->ast = 0; - test_association->iv_len = 12; - //test_association->shivf_len = 12; - test_association->stmacf_len = 16; test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw_len = 1; test_association->arsnw = 5; + // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - hex_conversion(buffer_RESPONSE_h, (char**) &buffer_RESPONSE_b, &buffer_RESPONSE_len); - - // Expect success on next valid IV && ARSN - printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + hex_conversion(buffer_VERIFY_h, (char**) &buffer_VERIFY_b, &buffer_VERIFY_len); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - status = Crypto_TC_ApplySecurity((uint8_t*)buffer_RESPONSE_b, buffer_RESPONSE_len, &ptr_enc_frame, &enc_frame_len); + hex_conversion(buffer_TRUTH_RESPONSE_h, (char**) &buffer_TRUTH_RESPONSE_b, &buffer_TRUTH_RESPONSE_len); + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_VERIFY_b, &buffer_VERIFY_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); - Crypto_Shutdown(); - free(buffer_nist_iv_b); - free(buffer_nist_key_b); - free(buffer_RESPONSE_b); -} - - /* - - - Swap to TM - - - */ - - - - - - - - -UTEST(EP_KEY_VALIDATION, VERIFY_RESPONSE_132_134) -{ - remove("sa_save_file.bin"); - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TM_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TM_0_Managed_Parameters = {0, 0x0003, 0, TM_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1024, TM_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TM_0_Managed_Parameters); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TM_1_Managed_Parameters = {0, 0x0003, 1, TM_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1024, TM_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TM_1_Managed_Parameters); - - int status = CRYPTO_LIB_SUCCESS; - printf("Fail Before INIT\n"); - status = Crypto_Init(); - printf("Fail After INIT\n"); + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "000000000000000000000001"; // The last valid IV that was seen by the SA - char* buffer_RESPONSE_h = "0031020218000000001a0080ffff006084005c0084000000000000000000000001d8eaa795affaa0e951bb6cf0116192e16b1977d6723e92e01123ccef548e2885008600000000000000000000000275c47f30ca26e64af30c19ebffe0b314849133e138ac65bc2806e520a90c96a8216607ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff0000003900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000f844"; - //char* buffer_RESPONSE_h = "02C0000018000880d03a006584005c0000000000000000000000000001d8eaa795affaa0e951bb6cf0116192e16b1977d6723e92e01123ccef548e28857e0000000000000000000000000275c47f30b4ee759ffa9607237db92121d65d3ed1fe943fcf04535efd0e0fc793"; - // |02C000001801| = Pri Header - // |0880d03a| = Sec Header - // |0065| = Entire Pkt Length - // |84| = PDU Tag - // |005c| = PDU length - // |0000| = kid ??? - // |000000000000000000000001| = IV - // |d8eaa795affaa0e951bb6cf0116192e1| = Enc Chall - // |6b1977d6723e92e01123ccef548e2885| = Chall MAC - // |7e00| = kid ??? - // |000000000000000000000002| = IV - // |75c47f30b4ee759ffa9607237db92121| = ENC Chall - // |d65d3ed1fe943fcf04535efd0e0fc793| = Chall MAC - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_RESPONSE_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_RESPONSE_len = 0; - - uint8_t* tm_nist_processed_frame; - SecurityAssociation_t* test_association; - - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. All three should match + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(buffer_TRUTH_RESPONSE_b[i], sdls_ep_reply_local[i]); + ASSERT_EQ(buffer_TRUTH_RESPONSE_b[i], sdls_ep_reply[i]); + } - // Activate SA 0 - sa_if->sa_get_from_spi(0, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 0; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->est = 0; - test_association->ast = 0; - test_association->iv_len = 12; - //test_association->shivf_len = 12; - test_association->stmacf_len = 16; - test_association->shsnf_len = 2; - test_association->arsn_len = 2; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert frames that will be processed - hex_conversion(buffer_RESPONSE_h, (char**) &buffer_RESPONSE_b, &buffer_RESPONSE_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - - uint16_t length; - - status = Crypto_TM_ProcessSecurity((uint8_t*)buffer_RESPONSE_b, buffer_RESPONSE_len, &tm_nist_processed_frame, &length); - - printf("\n"); Crypto_Shutdown(); - free(buffer_nist_iv_b); free(buffer_nist_key_b); - free(buffer_RESPONSE_b); + free(buffer_VERIFY_b); + } + UTEST_MAIN(); \ No newline at end of file From 69cd7cb461aec8ae1c66f7cb13d7c3c9e77841f9 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 15:03:03 +0000 Subject: [PATCH 107/241] [nasa/cryptolib#331] Additional unit test asserts, changed sdls reply handling, renamed key EP UT file name, structure packing updates --- include/crypto.h | 22 +-- include/crypto_structs.h | 6 +- src/core/crypto.c | 45 ++--- src/core/crypto_key_mgmt.c | 72 ++++---- src/core/crypto_mc.c | 169 ++++++++++-------- src/core/crypto_print.c | 2 +- src/core/crypto_user.c | 18 +- .../internal/sa_interface_inmemory.template.c | 9 +- test/CMakeLists.txt | 4 +- ...t_ep_key_validation.h => ut_ep_key_mgmt.h} | 6 +- ...t_ep_key_validation.c => ut_ep_key_mgmt.c} | 35 +++- test/unit/ut_ep_mc.c | 120 +++++++++++++ test/unit/ut_ep_sa_mgmt.c | 46 +++++ 13 files changed, 366 insertions(+), 188 deletions(-) rename test/include/{ut_ep_key_validation.h => ut_ep_key_mgmt.h} (65%) rename test/unit/{ut_ep_key_validation.c => ut_ep_key_mgmt.c} (96%) diff --git a/include/crypto.h b/include/crypto.h index c2f45bc6..fb92438c 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -206,16 +206,16 @@ extern int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t* buffer, uint16_t* length); // Key Management Functions int32_t Crypto_Key_OTAR(void); int32_t Crypto_Key_update(uint8_t state); -int32_t Crypto_Key_inventory(uint8_t* , int*); -int32_t Crypto_Key_verify(TC_t* tc_frame, int*); +int32_t Crypto_Key_inventory(uint8_t*); +int32_t Crypto_Key_verify(TC_t* tc_frame); // Security Monitoring & Control Procedure -int32_t Crypto_MC_ping(uint8_t* ingest, int* count_ptr); -int32_t Crypto_MC_status(uint8_t* ingest, int* count_ptr); -int32_t Crypto_MC_dump(uint8_t* ingest, int* count_ptr); -int32_t Crypto_MC_erase(uint8_t* ingest, int* count_ptr); -int32_t Crypto_MC_selftest(uint8_t* ingest, int* count_ptr); -int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr); +int32_t Crypto_MC_ping(uint8_t* ingest); +int32_t Crypto_MC_status(uint8_t* ingest); +int32_t Crypto_MC_dump(uint8_t* ingest); +int32_t Crypto_MC_erase(uint8_t* ingest); +int32_t Crypto_MC_selftest(uint8_t* ingest); +int32_t Crypto_SA_readARSN(uint8_t* ingest); int32_t Crypto_MC_resetalarm(void); // User Functions @@ -238,9 +238,9 @@ void clean_akref(SecurityAssociation_t* sa); // Determine Payload Data Unit int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uint8_t* ingest); int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame); -int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr); -int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr); -int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest, int* count_ptr); +int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame); +int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame); +int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest); int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest); // Managed Parameter Functions diff --git a/include/crypto_structs.h b/include/crypto_structs.h index b37277f2..b8c70496 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -162,12 +162,12 @@ typedef struct { uint16_t kid : 16; // Key ID uint16_t key_state : 8; // Key state -} SDLS_KEY_INVENTORY_t; +} __attribute__ ((packed)) SDLS_KEY_INVENTORY_t; #define SDLS_KEY_INVENTORY_RPLY_SIZE (sizeof(SDLS_KEY_INVENTORY_t)) typedef struct { - SDLS_KEY_INVENTORY_t blk[NUM_KEYS]; // Key Verification Command Block + SDLS_KEY_INVENTORY_t blk[NUM_KEYS]; // Key Verification Command Block // TODO: Is NUM_KEYS size right? } SDLS_KEY_INVENTORY_RPLY_t; #define SDLS_KEY_INVENTORY_BLK_RPLY_SIZE (sizeof(SDLS_KEY_INVENTORY_t)) @@ -221,7 +221,7 @@ typedef struct { uint16_t spi : 16; // Security Parameter Index uint8_t lpid : 8; // Procedure ID from Last State Transition or Current State -} SDLS_SA_STATUS_RPLY_t; +} __attribute__ ((packed)) SDLS_SA_STATUS_RPLY_t; #define SDLS_SA_STATUS_RPLY_SIZE (sizeof(SDLS_SA_STATUS_RPLY_t)) typedef struct diff --git a/src/core/crypto.c b/src/core/crypto.c index b0337a29..91520466 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -304,7 +304,7 @@ int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t* buffer, uint16_t* length) return status; } - pkt_length = sdls_frame.hdr.pkt_length; + pkt_length = sdls_frame.hdr.pkt_length + 1; // TODO: Confirm `+1` is ok here // Sanity Check on length if (pkt_length > TC_MAX_FRAME_SIZE) @@ -400,8 +400,6 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) { int32_t status = CRYPTO_LIB_SUCCESS; - int count = 0; - int* count_ptr = &count; // Check null pointer if (tc_frame == NULL) @@ -420,13 +418,13 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) switch (sdls_frame.pdu.hdr.sg) { case SG_KEY_MGMT: // Key Management Procedure - status = Crypto_SG_KEY_MGMT(ingest, tc_frame, count_ptr); + status = Crypto_SG_KEY_MGMT(ingest, tc_frame); break; case SG_SA_MGMT: // Security Association Management Procedure - status = Crypto_SG_SA_MGMT(ingest, tc_frame, count_ptr); + status = Crypto_SG_SA_MGMT(ingest, tc_frame); break; case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure - status = Crypto_SEC_MON_CTRL(ingest, count_ptr); + status = Crypto_SEC_MON_CTRL(ingest); break; default: // ERROR #ifdef PDU_DEBUG @@ -453,19 +451,6 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) #endif break; } - -#ifdef CCSDS_DEBUG - int x; - if ((*count_ptr > 0)) - { - printf(KMAG "CCSDS message put on software bus: 0x" RESET); - for (x = 0; x < *count_ptr; x++) - { - printf(KMAG "%02x" RESET, (uint8_t)ingest[x]); - } - printf("\n"); - } -#endif } return status; } @@ -477,7 +462,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) * @param tc_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr) +int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.hdr.pid) @@ -504,7 +489,7 @@ int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr) #ifdef PDU_DEBUG printf(KGRN "Key Verify\n" RESET); #endif - status = Crypto_Key_verify(tc_frame, count_ptr); + status = Crypto_Key_verify(tc_frame); break; case PID_KEY_DESTRUCTION: #ifdef PDU_DEBUG @@ -516,7 +501,7 @@ int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr) #ifdef PDU_DEBUG printf(KGRN "Key Inventory\n" RESET); #endif - status = Crypto_Key_inventory(ingest, count_ptr); + status = Crypto_Key_inventory(ingest); break; default: #ifdef PDU_DEBUG @@ -534,7 +519,7 @@ int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr) * @param tc_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr) +int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.hdr.pid) @@ -591,7 +576,7 @@ int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr) #ifdef PDU_DEBUG printf(KGRN "SA readARSN\n" RESET); #endif - status = Crypto_SA_readARSN(ingest, count_ptr); + status = Crypto_SA_readARSN(ingest); break; case PID_SA_STATUS: #ifdef PDU_DEBUG @@ -614,7 +599,7 @@ int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame, int* count_ptr) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest, int* count_ptr) +int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.hdr.pid) @@ -623,31 +608,31 @@ int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest, int* count_ptr) #ifdef PDU_DEBUG printf(KGRN "MC Ping\n" RESET); #endif - status = Crypto_MC_ping(ingest, count_ptr); + status = Crypto_MC_ping(ingest); break; case PID_LOG_STATUS: #ifdef PDU_DEBUG printf(KGRN "MC Status\n" RESET); #endif - status = Crypto_MC_status(ingest, count_ptr); + status = Crypto_MC_status(ingest); break; case PID_DUMP_LOG: #ifdef PDU_DEBUG printf(KGRN "MC Dump\n" RESET); #endif - status = Crypto_MC_dump(ingest, count_ptr); + status = Crypto_MC_dump(ingest); break; case PID_ERASE_LOG: #ifdef PDU_DEBUG printf(KGRN "MC Erase\n" RESET); #endif - status = Crypto_MC_erase(ingest, count_ptr); + status = Crypto_MC_erase(ingest); break; case PID_SELF_TEST: #ifdef PDU_DEBUG printf(KGRN "MC Selftest\n" RESET); #endif - status = Crypto_MC_selftest(ingest, count_ptr); + status = Crypto_MC_selftest(ingest); break; case PID_ALARM_FLAG: #ifdef PDU_DEBUG diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 91bf8cf7..808766c9 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -297,11 +297,12 @@ int32_t Crypto_Key_update(uint8_t state) * @param ingest: uint8_t* * @return int32: count **/ -int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) +int32_t Crypto_Key_inventory(uint8_t* ingest) { // Local variables SDLS_KEY_INVENTORY_CMD_t packet; uint16_t range = 0; + uint8_t count = 0; int32_t status = CRYPTO_LIB_SUCCESS; crypto_key_t* ekp = NULL; uint16_t x; @@ -313,32 +314,24 @@ int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) } // Read in PDU - packet.kid_first = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); - *count = *count + 2; - packet.kid_last = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); - *count = *count + 2; + packet.kid_first = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); + count = count + 2; + packet.kid_last = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); + count = count + 2; // Prepare for Reply range = packet.kid_last - packet.kid_first + 1; - sdls_resp_pkt.pdu.hdr.pdu_len = (sizeof(sdls_resp_pkt.pdu.hdr) + (SDLS_KEY_INVENTORY_RPLY_SIZE * (range))) * 8; - sdls_resp_pkt.hdr.pkt_length = (sdls_resp_pkt.pdu.hdr.pdu_len / 8) + 9; - *count = Crypto_Prep_Reply(sdls_ep_reply, 128); - printf("RESP_LEN: %d\n", *count); - sdls_resp_pkt.pdu.data[*count] = ((range & 0xFF00) >> 8); - sdls_ep_reply[*count] = ((range & 0xFF00) >> 8); - ingest[*count += 1] = (range & 0xFF00) >> 8; - sdls_resp_pkt.pdu.data[*count] = (range & 0x00FF); - sdls_ep_reply[*count] = (range & 0x00FF); - ingest[*count += 1] = (range & 0x00FF); + sdls_frame.pdu.hdr.pdu_len = (SDLS_KEY_INVENTORY_RPLY_SIZE * (range)) * 8; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 2 + 9; // 2 = Num Keys Returned Field (2 Bytes) + count = Crypto_Prep_Reply(sdls_ep_reply, 128); + + sdls_ep_reply[count++] = ((range & 0xFF00) >> 8); + sdls_ep_reply[count++] = (range & 0x00FF); for (x = packet.kid_first; x <= packet.kid_last; x++) { // Key ID - sdls_resp_pkt.pdu.data[*count] = ((x & 0xFF00) >> 8); - sdls_ep_reply[*count] = ((x & 0xFF00) >> 8); - ingest[*count += 1] = (x & 0xFF00) >> 8; - sdls_resp_pkt.pdu.data[*count] = (x & 0x00FF); - sdls_ep_reply[*count] = (x & 0x00FF); - ingest[*count += 1] = (x & 0x00FF); + sdls_ep_reply[count++] = ((x & 0xFF00) >> 8); + sdls_ep_reply[count++] = (x & 0x00FF); // Get Key ekp = key_if->get_key(x); if (ekp == NULL) @@ -346,17 +339,15 @@ int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) return CRYPTO_LIB_ERR_KEY_ID_ERROR; } // Key State - sdls_resp_pkt.pdu.data[*count] = ekp->key_state; - sdls_ep_reply[*count] = ekp->key_state; - ingest[*count += 1] = ekp->key_state; + sdls_ep_reply[count++] = ekp->key_state; } #ifdef DEBUG - printf("Key Inventory Reply: 0x"); - for (x = 0; x < sdls_resp_pkt.hdr.pkt_length; x++) + printf("Key Inv. Reply: 0x"); + for (x = 0; x < count; x++) { - printf("%02x", sdls_ep_reply[x]); + printf("%02X", sdls_ep_reply[x]); } - printf("\n"); + printf("\n\n"); #endif return status; } @@ -366,13 +357,14 @@ int32_t Crypto_Key_inventory(uint8_t* ingest, int* count) * @param tc_frame: TC_t* * @return int32: count **/ -int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) +int32_t Crypto_Key_verify(TC_t* tc_frame) { // Local variables SDLS_KEYV_CMD_t packet; int pdu_keys = sdls_frame.pdu.hdr.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; int x; int y; + uint8_t count = 0; int32_t status = CRYPTO_LIB_SUCCESS; crypto_key_t* ekp = NULL; tc_frame = tc_frame; @@ -391,16 +383,16 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) for (x = 0; x < pdu_keys; x++) { // Key ID - packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[*count] << 8) | ((uint8_t)sdls_frame.pdu.data[*count + 1]); - *count += 2; + packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); + count += 2; #ifdef PDU_DEBUG printf("\tCrypto_Key_verify: Block %d Key ID is %d ", x, packet.blk[x].kid); #endif // Key Challenge for (y = 0; y < CHALLENGE_SIZE; y++) { - packet.blk[x].challenge[y] = sdls_frame.pdu.data[*count]; - *count += 1; + packet.blk[x].challenge[y] = sdls_frame.pdu.data[count]; + count += 1; } #ifdef PDU_DEBUG printf("\n"); @@ -420,8 +412,8 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len/8) - 1; } - *count = Crypto_Prep_Reply(sdls_ep_reply, 128); - uint16_t pdu_data_idx = *count; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); + uint16_t pdu_data_idx = count; for (x = 0; x < pdu_keys; x++) { @@ -435,7 +427,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) sdls_resp_pkt.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); pdu_data_idx += 1; - *count += 2; + count += 2; // Get Key ekp = key_if->get_key(sdls_ep_keyv_reply.blk[x].kid); @@ -451,7 +443,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) sdls_ep_keyv_reply.blk[x].iv[y] =0x00; //= *(tc_frame->tc_sec_header.iv + y); sdls_ep_reply[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); pdu_data_idx += 1; - *count += 1; + count += 1; } // ***** This increments the lowest bytes of the IVs so they aren't identical sdls_resp_pkt.pdu.data[pdu_data_idx-1] = sdls_resp_pkt.pdu.data[pdu_data_idx-1] + x + 1; @@ -490,7 +482,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) memcpy(&sdls_ep_reply[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].mac[0]), CHALLENGE_MAC_SIZE); pdu_data_idx += CHALLENGE_MAC_SIZE; - *count += CHALLENGE_SIZE + CHALLENGE_MAC_SIZE; // Don't forget to increment count! + count += CHALLENGE_SIZE + CHALLENGE_MAC_SIZE; // Don't forget to increment count! } #ifdef PDU_DEBUG @@ -517,10 +509,10 @@ int32_t Crypto_Key_verify(TC_t* tc_frame, int* count) } } - printf("\n\nCrypto_Key_Verify: Response is %d bytes \n", *count); + printf("\n\nCrypto_Key_Verify: Response is %d bytes \n", count); printf("\nPrinting NEW SDLS response packet:\n\t"); - for (uint16_t idx = 0; idx < *count; idx++) + for (uint16_t idx = 0; idx < count; idx++) { printf("%02X", sdls_ep_reply[idx]); } diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index ef439401..eccd6c81 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -29,14 +29,24 @@ * @param ingest: uint8_t* * return int32: count **/ -int32_t Crypto_MC_ping(uint8_t* ingest, int* count_ptr) +int32_t Crypto_MC_ping(uint8_t* ingest) { - *count_ptr = 0; + uint8_t count = 0; + ingest = ingest; // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = 0; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.hdr.pdu_len + 9; - *count_ptr = Crypto_Prep_Reply(ingest, 128); + sdls_frame.hdr.pkt_length = sdls_frame.pdu.hdr.pdu_len + SDLS_TLV_HDR_SIZE + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); + +#ifdef PDU_DEBUG + printf("MC Ping Reply: \t 0x"); + for (int x = 0; x < count; x++) + { + printf("%02X", sdls_ep_reply[x]); + } + printf("\n\n"); +#endif return CRYPTO_LIB_SUCCESS; } @@ -46,33 +56,32 @@ int32_t Crypto_MC_ping(uint8_t* ingest, int* count_ptr) * @param ingest: uint8_t* * @return int32: count **/ -int32_t Crypto_MC_status(uint8_t* ingest, int* count_ptr) +int32_t Crypto_MC_status(uint8_t* ingest) { if(ingest == NULL) return CRYPTO_LIB_ERROR; - *count_ptr = 0; + uint8_t count = 0; // TODO: Update log_summary.rs; // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; - - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU - sdls_ep_reply[*count_ptr] = (log_summary.num_se & 0xFF00) >> 8; - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (log_summary.num_se & 0x00FF); - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (log_summary.rs & 0xFF00) >> 8; - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (log_summary.rs & 0x00FF); - *count_ptr += 1; + sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> 8; + count += 1; + sdls_ep_reply[count] = (log_summary.num_se & 0x00FF); + count += 1; + sdls_ep_reply[count] = (log_summary.rs & 0xFF00) >> 8; + count += 1; + sdls_ep_reply[count] = (log_summary.rs & 0x00FF); + count += 1; #ifdef PDU_DEBUG - printf("MC Status Reply: 0x"); - for (int x = 0; x < *count_ptr; x++) + printf("MC Status Reply: 0x"); + for (int x = 0; x < count; x++) { - printf("%02x", sdls_ep_reply[x]); + printf("%02X", sdls_ep_reply[x]); } printf("\n"); printf("log_summary.num_se = 0x%02x \n", log_summary.num_se); @@ -87,31 +96,31 @@ int32_t Crypto_MC_status(uint8_t* ingest, int* count_ptr) * @param ingest: uint8_t* * @return int32: Count **/ -int32_t Crypto_MC_dump(uint8_t* ingest, int* count_ptr) +int32_t Crypto_MC_dump(uint8_t* ingest) { // TODO: Fix Reply Size, same as key verification if(ingest == NULL) return CRYPTO_LIB_ERROR; - *count_ptr = 0; + uint8_t count = 0; int x; int y; // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_DUMP_RPLY_SIZE * log_count * 8; // SDLS_MC_DUMP_RPLY_SIZE - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 1 + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU for (x = 0; x < log_count; x++) { - sdls_ep_reply[*count_ptr] = mc_log.blk[x].emt; - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (mc_log.blk[x].em_len & 0xFF00) >> 8; - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (mc_log.blk[x].em_len & 0x00FF); - *count_ptr += 1; + sdls_ep_reply[count] = mc_log.blk[x].emt; + count += 1; + sdls_ep_reply[count] = (mc_log.blk[x].em_len & 0xFF00) >> 8; + count += 1; + sdls_ep_reply[count] = (mc_log.blk[x].em_len & 0x00FF); + count += 1; for (y = 0; y < EMV_SIZE; y++) { - sdls_ep_reply[*count_ptr] = mc_log.blk[x].emv[y]; - *count_ptr += 1; + sdls_ep_reply[count] = mc_log.blk[x].emv[y]; + count += 1; } #ifdef PDU_DEBUG printf("Log %d emt: 0x%02x\n", x, mc_log.blk[x].emt); @@ -119,7 +128,7 @@ int32_t Crypto_MC_dump(uint8_t* ingest, int* count_ptr) printf("Log %d emv: 0x", x); for (y = 0; y < EMV_SIZE; y++) { - printf("%02x", mc_log.blk[x].emv[y]); + printf("%02X", mc_log.blk[x].emv[y]); } printf("\n\n"); #endif @@ -128,11 +137,11 @@ int32_t Crypto_MC_dump(uint8_t* ingest, int* count_ptr) #ifdef PDU_DEBUG printf("log_count = %d \n", log_count); printf("log_summary.num_se = 0x%02x \n", log_summary.num_se); - printf("log_summary.rs = 0x%02x \n", log_summary.rs); - printf("MC Dump Reply: 0x"); - for (int x = 0; x < *count_ptr; x++) + printf("log_summary.rs = 0x%02x \n\n", log_summary.rs); + printf("MC Dump Reply: 0x"); + for (int x = 0; x < count; x++) { - printf("%02x", sdls_ep_reply[x]); + printf("%02X", sdls_ep_reply[x]); } printf("\n"); #endif @@ -145,10 +154,10 @@ int32_t Crypto_MC_dump(uint8_t* ingest, int* count_ptr) * @param ingest: uint8_t* * @return int32: count **/ -int32_t Crypto_MC_erase(uint8_t* ingest, int* count_ptr) +int32_t Crypto_MC_erase(uint8_t* ingest) { if(ingest == NULL) return CRYPTO_LIB_ERROR; - *count_ptr = 0; + uint8_t count = 0; int x; int y; @@ -170,26 +179,27 @@ int32_t Crypto_MC_erase(uint8_t* ingest, int* count_ptr) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; // 4 - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU - sdls_ep_reply[*count_ptr] = (log_summary.num_se & 0xFF00) >> 8; - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (log_summary.num_se & 0x00FF); - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (log_summary.rs & 0xFF00) >> 8; - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (log_summary.rs & 0x00FF); - *count_ptr += 1; + sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> 8; + count += 1; + sdls_ep_reply[count] = (log_summary.num_se & 0x00FF); + count += 1; + sdls_ep_reply[count] = (log_summary.rs & 0xFF00) >> 8; + count += 1; + sdls_ep_reply[count] = (log_summary.rs & 0x00FF); + count += 1; + // 0880d2c7000d197f0b00b4002000000032 0880d2c70010197f0b00b4002000000032 #ifdef PDU_DEBUG printf("log_count = %d \n", log_count); printf("log_summary.num_se = 0x%02x \n", log_summary.num_se); printf("log_summary.rs = 0x%02x \n", log_summary.rs); - printf("MC Erase Reply: 0x"); - for (int x = 0; x < *count_ptr; x++) + printf("MC Erase Reply: 0x"); + for (int x = 0; x < count; x++) { - printf("%02x", sdls_ep_reply[x]); + printf("%02X", sdls_ep_reply[x]); } printf("\n"); #endif @@ -202,27 +212,28 @@ int32_t Crypto_MC_erase(uint8_t* ingest, int* count_ptr) * @param ingest: uint8_t* * @return int32: Count **/ -int32_t Crypto_MC_selftest(uint8_t* ingest, int* count_ptr) +int32_t Crypto_MC_selftest(uint8_t* ingest) { if(ingest == NULL) return CRYPTO_LIB_ERROR; - *count_ptr = 0; + uint8_t count = 0; uint8_t result = ST_OK; // TODO: Perform test // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = SDLS_MC_ST_RPLY_SIZE * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_ST_RPLY_SIZE) * 8; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + (SDLS_TLV_HDR_SIZE) + 9; // TODO: Why is the `+SDLS_TLV_HDR_SIZE` needed to get the correct size? + sdls_frame.pdu.data[0] = result; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); - ingest[*count_ptr] = result; - *count_ptr += 1; + sdls_ep_reply[count] = result; + count += 1; #ifdef PDU_DEBUG printf("MC SelfTest Reply: 0x"); - for (int x = 0; x < *count_ptr; x++) + for (int x = 0; x < count; x++) { - printf("%02x", sdls_ep_reply[x]); + printf("%02X", sdls_ep_reply[x]); } printf("\n"); #endif @@ -235,7 +246,7 @@ int32_t Crypto_MC_selftest(uint8_t* ingest, int* count_ptr) * @param ingest: uint8_t* * @return int32: Count **/ -int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) +int32_t Crypto_SA_readARSN(uint8_t* ingest) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -264,39 +275,39 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) { // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = (SPI_LEN + sa_ptr->arsn_len) * 8; // bits - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; - *count_ptr = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + uint8_t count = Crypto_Prep_Reply(sdls_ep_reply, 128); // Write SPI to reply - sdls_ep_reply[*count_ptr] = (spi & 0xFF00) >> 8; - *count_ptr += 1; - sdls_ep_reply[*count_ptr] = (spi & 0x00FF); - *count_ptr += 1; + sdls_ep_reply[count] = (spi & 0xFF00) >> 8; + count += 1; + sdls_ep_reply[count] = (spi & 0x00FF); + count += 1; for (x = 0; x < sa_ptr->arsn_len; x++) { - sdls_ep_reply[*count_ptr] = *(sa_ptr->arsn + x); - *count_ptr += 1; + sdls_ep_reply[count] = *(sa_ptr->arsn + x); + count += 1; } if (sa_ptr->shivf_len > 0 && sa_ptr->ecs == 1 && sa_ptr->acs == 1) { // Set IV - authenticated encryption for (x = 0; x < sa_ptr->shivf_len - 1; x++) { - sdls_ep_reply[*count_ptr] = *(sa_ptr->iv + x); - *count_ptr += 1; + sdls_ep_reply[count] = *(sa_ptr->iv + x); + count += 1; } // TODO: Do we need this? if (*(sa_ptr->iv + sa_ptr->shivf_len - 1) > 0) { // Adjust to report last received, not expected - sdls_ep_reply[*count_ptr] = *(sa_ptr->iv + sa_ptr->shivf_len - 1) - 1; - *count_ptr += 1; + sdls_ep_reply[count] = *(sa_ptr->iv + sa_ptr->shivf_len - 1) - 1; + count += 1; } else { - sdls_ep_reply[*count_ptr] = *(sa_ptr->iv + sa_ptr->shivf_len - 1); - *count_ptr += 1; + sdls_ep_reply[count] = *(sa_ptr->iv + sa_ptr->shivf_len - 1); + count += 1; } } else @@ -316,10 +327,10 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest, int* count_ptr) } printf("\n"); } - printf("SA Read ARSN Reply: 0x"); - for (int x = 0; x < *count_ptr; x++) + printf("Read ARSN Reply: 0x"); + for (int x = 0; x < count; x++) { - printf("%02x", sdls_ep_reply[x]); + printf("%02X", sdls_ep_reply[x]); } printf("\n"); #endif diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index db68e6a2..b5d9df00 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -110,7 +110,7 @@ void Crypto_Print_Sdls_Ep_Reply(void) return; } - pkt_length = (sdls_ep_reply[4] << 8) | sdls_ep_reply[5]; + pkt_length = ((sdls_ep_reply[4] << 8) | sdls_ep_reply[5]) + 1; // Sanity check on length if (pkt_length > TC_MAX_FRAME_SIZE) diff --git a/src/core/crypto_user.c b/src/core/crypto_user.c index 816fe63f..316a14c4 100644 --- a/src/core/crypto_user.c +++ b/src/core/crypto_user.c @@ -31,8 +31,8 @@ int32_t Crypto_User_IdleTrigger(uint8_t* ingest) uint8_t count = 0; // Prepare for Reply - sdls_resp_pkt.pdu.hdr.pdu_len = 0; - sdls_resp_pkt.hdr.pkt_length = sdls_resp_pkt.pdu.hdr.pdu_len + 9; + sdls_frame.pdu.hdr.pdu_len = 0; + sdls_frame.hdr.pkt_length = sdls_frame.pdu.hdr.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 144); return count; @@ -121,8 +121,8 @@ int32_t Crypto_User_BadFECF(void) int32_t Crypto_User_ModifyKey(void) { // Local variables - uint16_t kid = ((uint8_t)sdls_resp_pkt.pdu.data[0] << 8) | ((uint8_t)sdls_resp_pkt.pdu.data[1]); - uint8_t mod = (uint8_t)sdls_resp_pkt.pdu.data[2]; + uint16_t kid = ((uint8_t)sdls_frame.pdu.data[0] << 8) | ((uint8_t)sdls_frame.pdu.data[1]); + uint8_t mod = (uint8_t)sdls_frame.pdu.data[2]; crypto_key_t* ekp = NULL; @@ -139,7 +139,7 @@ int32_t Crypto_User_ModifyKey(void) printf("Key %d value invalidated! \n", kid); break; case 2: // Modify key state - ekp->key_state = (uint8_t)sdls_resp_pkt.pdu.data[3] & 0x0F; + ekp->key_state = (uint8_t)sdls_frame.pdu.data[3] & 0x0F; printf("Key %d state changed to %d! \n", kid, mod); break; default: @@ -152,13 +152,13 @@ int32_t Crypto_User_ModifyKey(void) /** * @brief Function: Crypto_User_ModifyActiveTM - * Modifies tm_sec_header.spi based on sdls_resp_pkt.pdu.data[0] + * Modifies tm_sec_header.spi based on sdls_frame.pdu.data[0] * @return int32: Success/Failure **/ int32_t Crypto_User_ModifyActiveTM(void) { // TODO Check this - tm_frame_sec_hdr.spi = (uint8_t)sdls_resp_pkt.pdu.data[0]; + tm_frame_sec_hdr.spi = (uint8_t)sdls_frame.pdu.data[0]; return CRYPTO_LIB_SUCCESS; } @@ -168,9 +168,9 @@ int32_t Crypto_User_ModifyActiveTM(void) **/ int32_t Crypto_User_ModifyVCID(void) { - // tm_frame.tm_header.vcid = (uint8_t)sdls_resp_pkt.pdu.data[0]; + // tm_frame.tm_header.vcid = (uint8_t)sdls_frame.pdu.data[0]; // Check this - tm_frame_pri_hdr.vcid = (uint8_t)sdls_resp_pkt.pdu.data[0]; + tm_frame_pri_hdr.vcid = (uint8_t)sdls_frame.pdu.data[0]; SecurityAssociation_t* sa_ptr; int i; int j; diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 848e7bb1..4e1b9ce6 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1558,9 +1558,10 @@ static int32_t sa_status(uint8_t* ingest) // Check SPI exists if (spi < NUM_SA) { + printf("SIZE: %ld\n", SDLS_SA_STATUS_RPLY_SIZE); // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_SA_STATUS_RPLY_SIZE * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 9; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; // TODO: Why +2? count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU sdls_ep_reply[count++] = (spi & 0xFF00) >> 8; @@ -1577,12 +1578,12 @@ static int32_t sa_status(uint8_t* ingest) Crypto_saPrint(&sa[spi]); if (status == CRYPTO_LIB_SUCCESS) { - printf("SA Status Reply: 0x"); + printf("SA Status Reply: 0x"); for (int x = 0; x < count; x++) { - printf("%02x", sdls_ep_reply[x]); + printf("%02X", sdls_ep_reply[x]); } - printf("\n"); + printf("\n\n"); } #endif } diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 06cce0e9..9a8e16bb 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -61,8 +61,8 @@ add_test(NAME UT_EP_SA_MGMT COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_sa_mgmt WORKING_DIRECTORY ${PROJECT_TEST_DIR}) -add_test(NAME UT_EP_KEY_VALIDATION - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_key_validation +add_test(NAME UT_EP_KEY_MGMT + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_key_mgmt WORKING_DIRECTORY ${PROJECT_TEST_DIR}) if(NOT ${CRYPTO_WOLFSSL}) diff --git a/test/include/ut_ep_key_validation.h b/test/include/ut_ep_key_mgmt.h similarity index 65% rename from test/include/ut_ep_key_validation.h rename to test/include/ut_ep_key_mgmt.h index eebc4f30..201b3e89 100644 --- a/test/include/ut_ep_key_validation.h +++ b/test/include/ut_ep_key_mgmt.h @@ -1,5 +1,5 @@ -#ifndef CRYPTOLIB_UT_EP_KEY_VALIDATION_H -#define CRYPTOLIB_UT_EP_KEY_VALIDATION_H +#ifndef CRYPTOLIB_UT_EP_KEY_MGMT_H +#define CRYPTOLIB_UT_EP_KEY_MGMT_H #ifdef __cplusplus extern "C" @@ -15,4 +15,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_EP_KEY_VALIDATION_H \ No newline at end of file +#endif //CRYPTOLIB_UT_EP_KEY_MGMT_H \ No newline at end of file diff --git a/test/unit/ut_ep_key_validation.c b/test/unit/ut_ep_key_mgmt.c similarity index 96% rename from test/unit/ut_ep_key_validation.c rename to test/unit/ut_ep_key_mgmt.c index aa8db82d..d1fa5e81 100644 --- a/test/unit/ut_ep_key_validation.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -1,10 +1,10 @@ -#include "ut_ep_key_validation.h" +#include "ut_ep_key_mgmt.h" #include "crypto.h" #include "crypto_error.h" #include "sa_interface.h" #include "utest.h" -UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) +UTEST(EP_KEY_MGMT, OTAR_0_140_142) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib @@ -96,7 +96,7 @@ UTEST(EP_KEY_VALIDATION, OTAR_0_140_142) free(buffer_OTAR_b); } -UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) +UTEST(EP_KEY_MGMT, ACTIVATE_141_142) { remove("sa_save_file.bin"); uint8_t* ptr_enc_frame = NULL; @@ -184,7 +184,7 @@ UTEST(EP_KEY_VALIDATION, ACTIVATE_141_142) free(buffer_ACTIVATE_b); } -UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) +UTEST(EP_KEY_MGMT, DEACTIVATE_142) { remove("sa_save_file.bin"); uint8_t* ptr_enc_frame = NULL; @@ -274,7 +274,7 @@ UTEST(EP_KEY_VALIDATION, DEACTIVATE_142) free(buffer_DEACTIVATE_b); } -UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) +UTEST(EP_KEY_MGMT, INVENTORY_132_134) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib @@ -354,6 +354,29 @@ UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) status = Crypto_TC_ProcessSecurity(buffer_INVENTORY_b, &buffer_INVENTORY_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(sdls_ep_reply[i], sdls_ep_reply_local[i]); + } + printf("\n"); Crypto_Shutdown(); free(buffer_nist_iv_b); @@ -361,7 +384,7 @@ UTEST(EP_KEY_VALIDATION, INVENTORY_132_134) ASSERT_EQ(0,0); } -UTEST(EP_KEY_VALIDATION, VERIFY_132_134) +UTEST(EP_KEY_MGMT, VERIFY_132_134) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib diff --git a/test/unit/ut_ep_mc.c b/test/unit/ut_ep_mc.c index c2233e01..a6baa023 100644 --- a/test/unit/ut_ep_mc.c +++ b/test/unit/ut_ep_mc.c @@ -63,6 +63,30 @@ UTEST(EP_MC, MC_REGULAR_PING) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); + + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(sdls_ep_reply[i], sdls_ep_reply_local[i]); + } + Crypto_Shutdown(); free(buffer_PING_b); @@ -127,6 +151,30 @@ UTEST(EP_MC, MC_STATUS) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); + + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(sdls_ep_reply[i], sdls_ep_reply_local[i]); + } + Crypto_Shutdown(); free(buffer_STATUS_b); @@ -192,6 +240,30 @@ UTEST(EP_MC, MC_DUMP) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); + + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(sdls_ep_reply[i], sdls_ep_reply_local[i]); + } + Crypto_Shutdown(); free(buffer_DUMP_b); @@ -256,6 +328,30 @@ UTEST(EP_MC, MC_ERASE) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); + + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(sdls_ep_reply[i], sdls_ep_reply_local[i]); + } + Crypto_Shutdown(); free(buffer_ERASE_b); @@ -320,6 +416,30 @@ UTEST(EP_MC, MC_SELF_TEST) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); + + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(sdls_ep_reply[i], sdls_ep_reply_local[i]); + } + Crypto_Shutdown(); free(buffer_SELF_b); diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 00d06371..1cbdfddd 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -190,6 +190,29 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) status = Crypto_TC_ProcessSecurity(buffer_READ_b, &buffer_READ_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(sdls_ep_reply[i], sdls_ep_reply_local[i]); + } + printf("\n"); Crypto_Shutdown(); @@ -383,6 +406,29 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) status = Crypto_TC_ProcessSecurity(buffer_STATUS_b, &buffer_STATUS_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // Check reply values + uint16_t reply_length = 0; + uint8_t sdls_ep_reply_local[1024]; + status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); + // Expect success + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Print local copy + printf("SDLS Reply LOCAL: 0x"); + for (int i =0; i < reply_length; i++) + { + printf("%02X", sdls_ep_reply_local[i]); + } + printf("\n\n"); + // Print Global copy for sanity check + Crypto_Print_Sdls_Ep_Reply(); + + // Let's compare everything. + for (int i = 0; i < reply_length; i++) + { + ASSERT_EQ(sdls_ep_reply[i], sdls_ep_reply_local[i]); + } + printf("\n"); Crypto_Shutdown(); From a7389e857c1d0cbebc6fbfdc8922e29320d21b9c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 15:17:08 +0000 Subject: [PATCH 108/241] [nasa/cryptolib#331] Fix MC_DUMP and SA_STATUS header packet lengths --- include/crypto_structs.h | 2 +- src/core/crypto_mc.c | 2 +- src/sa/internal/sa_interface_inmemory.template.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/crypto_structs.h b/include/crypto_structs.h index b8c70496..1c859c54 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -243,7 +243,7 @@ typedef struct uint8_t emt : 8; // Event Message Tag uint16_t em_len : 16; // Event Message Length uint8_t emv[EMV_SIZE]; // Event Message Value -} SDLS_MC_DUMP_RPLY_t; +} __attribute__ ((packed)) SDLS_MC_DUMP_RPLY_t; #define SDLS_MC_DUMP_RPLY_SIZE (sizeof(SDLS_MC_DUMP_RPLY_t)) typedef struct diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index eccd6c81..904e0a72 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -106,7 +106,7 @@ int32_t Crypto_MC_dump(uint8_t* ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_DUMP_RPLY_SIZE * log_count * 8; // SDLS_MC_DUMP_RPLY_SIZE - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + 1 + 9; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU for (x = 0; x < log_count; x++) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 4e1b9ce6..5224b118 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1561,7 +1561,7 @@ static int32_t sa_status(uint8_t* ingest) printf("SIZE: %ld\n", SDLS_SA_STATUS_RPLY_SIZE); // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_SA_STATUS_RPLY_SIZE * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; // TODO: Why +2? + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU sdls_ep_reply[count++] = (spi & 0xFF00) >> 8; From 6f7868e77b8e868193fc31c9b3b3990a913c4dc4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 17:26:43 +0000 Subject: [PATCH 109/241] [nasa/cryptolib#331] Added error returns to Crypto_Key_update --- include/crypto_error.h | 1 + src/core/crypto_error.c | 2 ++ src/core/crypto_key_mgmt.c | 3 ++- 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 6bdde1ac..e84cf5e4 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -129,6 +129,7 @@ #define CRYPTO_LIB_ERR_SPI_INDEX_OOB (-56) #define CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL (-57) #define CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH (-58) +#define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 6ffe8dc3..b8366e97 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -81,6 +81,8 @@ char *crypto_enum_errlist_core[] = (char*) "CRYPTO_LIB_ERR_KEY_VALIDATION", (char*) "CRYPTO_LIB_ERR_SPI_INDEX_OOB", (char*) "CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL", + (char*) "CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH", + (char*) "CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR" }; char *crypto_enum_errlist_config[] = diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 808766c9..d9c25d95 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -257,7 +257,7 @@ int32_t Crypto_Key_update(uint8_t state) mc_log.blk[log_count++].em_len = 4; } printf(KRED "Error: MKID state cannot be changed! \n" RESET); - // TODO: Exit + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } ekp = key_if->get_key(packet.kblk[x].kid); @@ -287,6 +287,7 @@ int32_t Crypto_Key_update(uint8_t state) mc_log.blk[log_count++].em_len = 4; } printf(KRED "Error: Key %d cannot transition to desired state! \n" RESET, packet.kblk[x].kid); + return CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR; } } return CRYPTO_LIB_SUCCESS; From fe0894168cb2c5a880ffef8c995c8a2a4b778a6d Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 18:26:21 +0000 Subject: [PATCH 110/241] [nasa/cryptolib#331] Revert sdls_resp_pkt to sdls_frame (except for key verify) --- src/core/crypto.c | 2 +- src/core/crypto_print.c | 48 +++++----- .../internal/sa_interface_inmemory.template.c | 2 +- test/unit/ut_crypto.c | 88 +++++++++---------- 4 files changed, 70 insertions(+), 70 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 91520466..09942b55 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -845,7 +845,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin } #ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_resp_pkt); + Crypto_ccsdsPrint(&sdls_frame); #endif // Determine type of PDU diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index b5d9df00..43fe5a93 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -177,36 +177,36 @@ void Crypto_fsrPrint(SDLS_FSR_t* report) /** * @brief Function: Crypto_ccsdsPrint * Prints the current CCSDS in memory. - * @param sdls_resp_pkt: CCSDS_t* + * @param sdls_frame: CCSDS_t* **/ -void Crypto_ccsdsPrint(CCSDS_t* sdls_resp_pkt) +void Crypto_ccsdsPrint(CCSDS_t* sdls_frame) { printf("Current CCSDS in memory is: \n"); printf("\t Primary Header\n"); - printf("\t\t pvn = 0x%01x \n", sdls_resp_pkt->hdr.pvn); - printf("\t\t type = 0x%01x \n", sdls_resp_pkt->hdr.type); - printf("\t\t shdr = 0x%01x \n", sdls_resp_pkt->hdr.shdr); - printf("\t\t appID = 0x%03x \n", sdls_resp_pkt->hdr.appID); - printf("\t\t seq = 0x%01x \n", sdls_resp_pkt->hdr.seq); - printf("\t\t pktid = 0x%04x \n", sdls_resp_pkt->hdr.pktid); - printf("\t\t pkt_length = 0x%04x \n", sdls_resp_pkt->hdr.pkt_length); + printf("\t\t pvn = 0x%01x \n", sdls_frame->hdr.pvn); + printf("\t\t type = 0x%01x \n", sdls_frame->hdr.type); + printf("\t\t shdr = 0x%01x \n", sdls_frame->hdr.shdr); + printf("\t\t appID = 0x%03x \n", sdls_frame->hdr.appID); + printf("\t\t seq = 0x%01x \n", sdls_frame->hdr.seq); + printf("\t\t pktid = 0x%04x \n", sdls_frame->hdr.pktid); + printf("\t\t pkt_length = 0x%04x \n", sdls_frame->hdr.pkt_length); printf("\t PUS Header\n"); - printf("\t\t shf = 0x%01x \n", sdls_resp_pkt->pus.shf); - printf("\t\t pusv = 0x%01x \n", sdls_resp_pkt->pus.pusv); - printf("\t\t ack = 0x%01x \n", sdls_resp_pkt->pus.ack); - printf("\t\t st = 0x%02x \n", sdls_resp_pkt->pus.st); - printf("\t\t sst = 0x%02x \n", sdls_resp_pkt->pus.sst); - printf("\t\t sid = 0x%01x \n", sdls_resp_pkt->pus.sid); - printf("\t\t spare = 0x%01x \n", sdls_resp_pkt->pus.spare); + printf("\t\t shf = 0x%01x \n", sdls_frame->pus.shf); + printf("\t\t pusv = 0x%01x \n", sdls_frame->pus.pusv); + printf("\t\t ack = 0x%01x \n", sdls_frame->pus.ack); + printf("\t\t st = 0x%02x \n", sdls_frame->pus.st); + printf("\t\t sst = 0x%02x \n", sdls_frame->pus.sst); + printf("\t\t sid = 0x%01x \n", sdls_frame->pus.sid); + printf("\t\t spare = 0x%01x \n", sdls_frame->pus.spare); printf("\t PDU \n"); - printf("\t\t type = 0x%01x \n", sdls_resp_pkt->pdu.hdr.type); - printf("\t\t uf = 0x%01x \n", sdls_resp_pkt->pdu.hdr.uf); - printf("\t\t sg = 0x%01x \n", sdls_resp_pkt->pdu.hdr.sg); - printf("\t\t pid = 0x%01x \n", sdls_resp_pkt->pdu.hdr.pid); - printf("\t\t pdu_len = 0x%04x \n", sdls_resp_pkt->pdu.hdr.pdu_len); - printf("\t\t data[0] = 0x%02x \n", sdls_resp_pkt->pdu.data[0]); - printf("\t\t data[1] = 0x%02x \n", sdls_resp_pkt->pdu.data[1]); - printf("\t\t data[2] = 0x%02x \n", sdls_resp_pkt->pdu.data[2]); + printf("\t\t type = 0x%01x \n", sdls_frame->pdu.hdr.type); + printf("\t\t uf = 0x%01x \n", sdls_frame->pdu.hdr.uf); + printf("\t\t sg = 0x%01x \n", sdls_frame->pdu.hdr.sg); + printf("\t\t pid = 0x%01x \n", sdls_frame->pdu.hdr.pid); + printf("\t\t pdu_len = 0x%04x \n", sdls_frame->pdu.hdr.pdu_len); + printf("\t\t data[0] = 0x%02x \n", sdls_frame->pdu.data[0]); + printf("\t\t data[1] = 0x%02x \n", sdls_frame->pdu.data[1]); + printf("\t\t data[2] = 0x%02x \n", sdls_frame->pdu.data[2]); printf("\n"); } diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 5224b118..71172ea2 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1198,7 +1198,7 @@ static int32_t sa_rekey(void) count = count + 2; // Authentication Key - // sa[spi].akid = ((uint8_t)sdls_resp_pkt.pdu.data[count] << 8) | (uint8_t)sdls_resp_pkt.pdu.data[count+1]; + // sa[spi].akid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count+1]; // count = count + 2; // Anti-Replay Seq Num diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index c3335791..1506a79c 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -108,162 +108,162 @@ UTEST(CRYPTO_C, PDU_SWITCH) Crypto_Init(); - sdls_resp_pkt.hdr.type = 0; - sdls_resp_pkt.pdu.hdr.uf = 0; + sdls_frame.hdr.type = 0; + sdls_frame.pdu.hdr.uf = 0; printf("SG_KEY_MGMT\n"); - sdls_resp_pkt.pdu.hdr.sg = SG_KEY_MGMT; - sdls_resp_pkt.pdu.hdr.pid = PID_OTAR; + sdls_frame.pdu.hdr.sg = SG_KEY_MGMT; + sdls_frame.pdu.hdr.pid = PID_OTAR; uint8_t* ingest = NULL; TC_t tc_frame; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_KEY_ACTIVATION; + sdls_frame.pdu.hdr.pid = PID_KEY_ACTIVATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_KEY_DEACTIVATION; + sdls_frame.pdu.hdr.pid = PID_KEY_DEACTIVATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pdu_len = 0; - sdls_resp_pkt.pdu.hdr.pid = PID_KEY_VERIFICATION; + sdls_frame.pdu.hdr.pdu_len = 0; + sdls_frame.pdu.hdr.pid = PID_KEY_VERIFICATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_KEY_DESTRUCTION; + sdls_frame.pdu.hdr.pid = PID_KEY_DESTRUCTION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_KEY_INVENTORY; + sdls_frame.pdu.hdr.pid = PID_KEY_INVENTORY; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = SG_KEY_MGMT; + sdls_frame.pdu.hdr.pid = SG_KEY_MGMT; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("SG_SA_MGMT\n"); - sdls_resp_pkt.pdu.hdr.sg = SG_SA_MGMT; - sdls_resp_pkt.pdu.hdr.pid = PID_CREATE_SA; + sdls_frame.pdu.hdr.sg = SG_SA_MGMT; + sdls_frame.pdu.hdr.pid = PID_CREATE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_DELETE_SA; + sdls_frame.pdu.hdr.pid = PID_DELETE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_SET_ARSNW; + sdls_frame.pdu.hdr.pid = PID_SET_ARSNW; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_REKEY_SA; + sdls_frame.pdu.hdr.pid = PID_REKEY_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_EXPIRE_SA; + sdls_frame.pdu.hdr.pid = PID_EXPIRE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_SET_ARSN; + sdls_frame.pdu.hdr.pid = PID_SET_ARSN; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_START_SA; + sdls_frame.pdu.hdr.pid = PID_START_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_STOP_SA; + sdls_frame.pdu.hdr.pid = PID_STOP_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_READ_ARSN; + sdls_frame.pdu.hdr.pid = PID_READ_ARSN; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_SA_STATUS; + sdls_frame.pdu.hdr.pid = PID_SA_STATUS; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 0b111; + sdls_frame.pdu.hdr.pid = 0b111; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("SG_SEC_MON_CTRL\n"); - sdls_resp_pkt.pdu.hdr.sg = SG_SEC_MON_CTRL; - sdls_resp_pkt.pdu.hdr.pid = PID_LOG_STATUS; + sdls_frame.pdu.hdr.sg = SG_SEC_MON_CTRL; + sdls_frame.pdu.hdr.pid = PID_LOG_STATUS; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_DUMP_LOG; + sdls_frame.pdu.hdr.pid = PID_DUMP_LOG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_ERASE_LOG; + sdls_frame.pdu.hdr.pid = PID_ERASE_LOG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_SELF_TEST; + sdls_frame.pdu.hdr.pid = PID_SELF_TEST; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = PID_ALARM_FLAG; + sdls_frame.pdu.hdr.pid = PID_ALARM_FLAG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 0b1111; + sdls_frame.pdu.hdr.pid = 0b1111; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("PID_LOG_STATUS\n"); - sdls_resp_pkt.pdu.hdr.sg = PID_LOG_STATUS; - sdls_resp_pkt.pdu.hdr.pid = PID_LOG_STATUS; + sdls_frame.pdu.hdr.sg = PID_LOG_STATUS; + sdls_frame.pdu.hdr.pid = PID_LOG_STATUS; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("UF_TRUE\n"); - sdls_resp_pkt.pdu.hdr.uf = 1; - sdls_resp_pkt.pdu.hdr.pid = 0; + sdls_frame.pdu.hdr.uf = 1; + sdls_frame.pdu.hdr.pid = 0; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 1; + sdls_frame.pdu.hdr.pid = 1; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 2; + sdls_frame.pdu.hdr.pid = 2; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 3; + sdls_frame.pdu.hdr.pid = 3; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 4; + sdls_frame.pdu.hdr.pid = 4; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 5; + sdls_frame.pdu.hdr.pid = 5; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 6; + sdls_frame.pdu.hdr.pid = 6; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); // TODO: (RB) Disabled for now. Key Inventory needs to be re-worked. - Not currently using EP - // sdls_resp_pkt.pdu.hdr.pid = 7; + // sdls_frame.pdu.hdr.pid = 7; // status = Crypto_PDU(ingest, &tc_frame); // ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.pdu.hdr.pid = 8; + sdls_frame.pdu.hdr.pid = 8; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_resp_pkt.hdr.type = 1; - sdls_resp_pkt.pdu.hdr.pid = 8; + sdls_frame.hdr.type = 1; + sdls_frame.pdu.hdr.pid = 8; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } From cdc0fa5d18dd39ff8aec992815eb13c52fb52e10 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 18:29:14 +0000 Subject: [PATCH 111/241] [nasa/cryptolib#331] Convert sdls_resp_pkt to sdls_frame in key verify --- include/crypto.h | 1 - src/core/crypto.c | 1 - src/core/crypto_key_mgmt.c | 18 +++++++++--------- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index fb92438c..8faa850a 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -254,7 +254,6 @@ extern char* crypto_deep_copy_string(char* src_string); ** Extern Global Variables */ // Data stores used in multiple components -extern CCSDS_t sdls_resp_pkt; extern CCSDS_t sdls_frame; extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; extern uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; diff --git a/src/core/crypto.c b/src/core/crypto.c index 09942b55..e29744cb 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -33,7 +33,6 @@ CFS_MODULE_DECLARE_LIB(crypto); ** Global Variables */ // crypto_key_t ak_ring[NUM_KEYS]; -CCSDS_t sdls_resp_pkt; // SDLS Replies SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // Reply block for challenged keys uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index d9c25d95..c6a7b496 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -44,7 +44,7 @@ int32_t Crypto_Key_OTAR(void) int x = 0; int y; int32_t status = CRYPTO_LIB_SUCCESS; - // uint16_t pdu_len = (uint16_t) sdls_resp_pkt.pdu.hdr.pdu_len[1] << 8 | sdls_resp_pkt.pdu.hdr.pdu_len[0]; + // uint16_t pdu_len = (uint16_t) sdls_frame.pdu.hdr.pdu_len[1] << 8 | sdls_frame.pdu.hdr.pdu_len[0]; int pdu_keys = (sdls_frame.pdu.hdr.pdu_len - 30) / (2 + 32); int w; crypto_key_t* ekp = NULL; @@ -185,7 +185,7 @@ int32_t Crypto_Key_update(uint8_t state) { // Local variables SDLS_KEY_BLK_t packet; int count = 0; - int pdu_keys = sdls_resp_pkt.pdu.hdr.pdu_len / 2; + int pdu_keys = sdls_frame.pdu.hdr.pdu_len / 2; int32_t status; crypto_key_t* ekp = NULL; int x; @@ -202,7 +202,7 @@ int32_t Crypto_Key_update(uint8_t state) // Read in PDU for (x = 0; x < pdu_keys; x++) { - packet.kblk[x].kid = (sdls_resp_pkt.pdu.data[count] << 8) | (sdls_resp_pkt.pdu.data[count + 1]); + packet.kblk[x].kid = (sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]); count = count + 2; #ifdef PDU_DEBUG if (x != (pdu_keys - 1)) @@ -421,11 +421,11 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) // Key ID sdls_ep_keyv_reply.blk[x].kid = packet.blk[x].kid; - sdls_resp_pkt.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; + sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; pdu_data_idx += 1; - sdls_resp_pkt.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); + sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); pdu_data_idx += 1; count += 2; @@ -440,14 +440,14 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) // Initialization Vector for (y = 0; y < SDLS_KEYV_IV_LEN; y++) { - sdls_resp_pkt.pdu.data[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); + sdls_frame.pdu.data[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); sdls_ep_keyv_reply.blk[x].iv[y] =0x00; //= *(tc_frame->tc_sec_header.iv + y); sdls_ep_reply[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); pdu_data_idx += 1; count += 1; } // ***** This increments the lowest bytes of the IVs so they aren't identical - sdls_resp_pkt.pdu.data[pdu_data_idx-1] = sdls_resp_pkt.pdu.data[pdu_data_idx-1] + x + 1; + sdls_frame.pdu.data[pdu_data_idx-1] = sdls_frame.pdu.data[pdu_data_idx-1] + x + 1; sdls_ep_keyv_reply.blk[x].iv[11] = sdls_ep_keyv_reply.blk[x].iv[SDLS_KEYV_IV_LEN-1] + x + 1; sdls_ep_reply[pdu_data_idx-1] = sdls_ep_reply[pdu_data_idx-1] + x + 1; @@ -475,11 +475,11 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) ); // Copy from the KEYV Blocks into the output PDU - memcpy(&sdls_resp_pkt.pdu.data[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].challenged[0]), CHALLENGE_SIZE); + memcpy(&sdls_frame.pdu.data[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].challenged[0]), CHALLENGE_SIZE); memcpy(&sdls_ep_reply[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].challenged[0]), CHALLENGE_SIZE); pdu_data_idx += CHALLENGE_SIZE; - memcpy(&sdls_resp_pkt.pdu.data[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].mac[0]), CHALLENGE_MAC_SIZE); + memcpy(&sdls_frame.pdu.data[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].mac[0]), CHALLENGE_MAC_SIZE); memcpy(&sdls_ep_reply[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].mac[0]), CHALLENGE_MAC_SIZE); pdu_data_idx += CHALLENGE_MAC_SIZE; From ab45d2b558a43d1eea8ff9c75f566a4d85700104 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 18:39:08 +0000 Subject: [PATCH 112/241] [nasa/cryptolib#331] Rename key inventory reply struct --- include/crypto_structs.h | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 1c859c54..f0d13050 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -162,14 +162,8 @@ typedef struct { uint16_t kid : 16; // Key ID uint16_t key_state : 8; // Key state -} __attribute__ ((packed)) SDLS_KEY_INVENTORY_t; -#define SDLS_KEY_INVENTORY_RPLY_SIZE (sizeof(SDLS_KEY_INVENTORY_t)) - -typedef struct -{ - SDLS_KEY_INVENTORY_t blk[NUM_KEYS]; // Key Verification Command Block // TODO: Is NUM_KEYS size right? -} SDLS_KEY_INVENTORY_RPLY_t; -#define SDLS_KEY_INVENTORY_BLK_RPLY_SIZE (sizeof(SDLS_KEY_INVENTORY_t)) +} __attribute__ ((packed)) SDLS_KEY_INVENTORY_RPLY_t; +#define SDLS_KEY_INVENTORY_RPLY_SIZE (sizeof(SDLS_KEY_INVENTORY_RPLY_t)) typedef struct { From cb762be2a3fd5cf0a7df0d66c608e15e664dd688 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 20:05:48 +0000 Subject: [PATCH 113/241] [nasa/cryptolib#331] Change pycryptodome installation --- .github/workflows/build.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6a622c6a..af398893 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -18,7 +18,7 @@ jobs: - name: Install Dependencies run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - name: Install Python Libraries - run: sudo pip install pycryptodome + run: sudo apt install python3-pycryptodome - name: Install Libgcrypt run: > curl @@ -55,7 +55,7 @@ jobs: - name: Install Dependencies run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - name: Install Python Libraries - run: sudo pip install pycryptodome + run: sudo apt install python3-pycryptodome - name: Install Libgcrypt run: > curl @@ -153,7 +153,7 @@ jobs: - name: Install Dependencies run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool - name: Install Python Libraries - run: sudo pip install pycryptodome + run: sudo apt install python3-pycryptodome - name: Install Libgcrypt run: > curl From 2154cba4e794029bf745896f6ef023abfaa76b98 Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Thu, 10 Oct 2024 16:08:48 -0400 Subject: [PATCH 114/241] [nasa/#331] Update CI to use PIPX --- .github/workflows/build.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index af398893..108b04b9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,9 +16,11 @@ jobs: - name: Update run: sudo apt-get update - name: Install Dependencies - run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 + run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 pipx + - name: Verify PipX + run: pipx ensurepath - name: Install Python Libraries - run: sudo apt install python3-pycryptodome + run: pipx install pycryptodome - name: Install Libgcrypt run: > curl @@ -262,4 +264,4 @@ jobs: CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a with: files: 'coverage/*.c.gcov' - verbose: true \ No newline at end of file + verbose: true From b3808b390e8302c10696e4d515afd7ea03449b9e Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Thu, 10 Oct 2024 16:11:27 -0400 Subject: [PATCH 115/241] [nasa/#331] Revert PIPX, use override --break-system-packages --- .github/workflows/build.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 108b04b9..ae12a32d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,11 +16,9 @@ jobs: - name: Update run: sudo apt-get update - name: Install Dependencies - run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 pipx - - name: Verify PipX - run: pipx ensurepath + run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - name: Install Python Libraries - run: pipx install pycryptodome + run: pipx install pycryptodome --break-system-packages - name: Install Libgcrypt run: > curl From 279d8aebbc6485f79019ddc62a3982a91023ba4a Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Thu, 10 Oct 2024 16:13:09 -0400 Subject: [PATCH 116/241] [nasa/#331] Revert PIPX, use override --break-system-packages --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ae12a32d..8e865f1b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -18,7 +18,7 @@ jobs: - name: Install Dependencies run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - name: Install Python Libraries - run: pipx install pycryptodome --break-system-packages + run: pip install pycryptodome --break-system-packages - name: Install Libgcrypt run: > curl From 63b920ced668c5540ed91500a5b6f54089f95540 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 20:15:54 +0000 Subject: [PATCH 117/241] [nasa/cryptolib#331] Fix unused variable error --- src/core/crypto_mc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 904e0a72..155ece9f 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -32,6 +32,7 @@ int32_t Crypto_MC_ping(uint8_t* ingest) { uint8_t count = 0; + count = count; ingest = ingest; // Prepare for Reply From 0e28372ba7cd9ed0212ed4d6ce8d2a71fff81e7f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 20:32:56 +0000 Subject: [PATCH 118/241] [nasa/cryptolib#331] Remove problematic null check and set specific cryptolib container --- .github/workflows/build.yml | 4 +++- src/core/crypto_print.c | 10 +++++----- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8e865f1b..e8c8bdf9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,6 +11,8 @@ jobs: minimal_build: # Container Setup runs-on: ubuntu-latest + container: + image: ivvitc/cryptolib:20240814 steps: - uses: actions/checkout@v4 - name: Update @@ -18,7 +20,7 @@ jobs: - name: Install Dependencies run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - name: Install Python Libraries - run: pip install pycryptodome --break-system-packages + run: pip install pycryptodome - name: Install Libgcrypt run: > curl diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index 43fe5a93..a9ce4c30 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -104,11 +104,11 @@ void Crypto_Print_Sdls_Ep_Reply(void) uint16_t pkt_length = 0; // Check for Null Inputs - if (sdls_ep_reply == NULL) - { - printf(KRED "The sdls_ep_reply buffer is null... this isn't good as it should be static in memory!\n" RESET); - return; - } + // if (sdls_ep_reply == NULL) + // { + // printf(KRED "The sdls_ep_reply buffer is null... this isn't good as it should be static in memory!\n" RESET); + // return; + // } pkt_length = ((sdls_ep_reply[4] << 8) | sdls_ep_reply[5]) + 1; From 5a5fb17e1d0c6a4c1fdeea309b79af1d9dbe1d9f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 20:34:43 +0000 Subject: [PATCH 119/241] [nasa/cryptolib#331] Remove sudo calls --- .github/workflows/build.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e8c8bdf9..c5e5fd12 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,9 +16,9 @@ jobs: steps: - uses: actions/checkout@v4 - name: Update - run: sudo apt-get update + run: apt-get update - name: Install Dependencies - run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 + run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - name: Install Python Libraries run: pip install pycryptodome - name: Install Libgcrypt @@ -28,16 +28,16 @@ jobs: -o /tmp/libgpg-error-1.50.tar.bz2 && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ && cd /tmp/libgpg-error-1.50 - && sudo ./configure - && sudo make install + && ./configure + && make install && curl -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 -o /tmp/libgcrypt-1.11.0.tar.bz2 && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ && cd /tmp/libgcrypt-1.11.0 - && sudo ./configure - && sudo make install - && sudo ldconfig + && ./configure + && make install + && ldconfig # End Container Setup - name: Minimal Build Script From 28612bd5b2bc6d89c2ef178c6e0643440911c36b Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 20:38:50 +0000 Subject: [PATCH 120/241] [nasa/cryptolib#331] Remove sudo calls, use cryptolib container --- .github/workflows/build.yml | 40 ++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c5e5fd12..9e26e3fb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -50,14 +50,16 @@ jobs: internal_build: # Container Setup runs-on: ubuntu-latest + container: + image: ivvitc/cryptolib:20240814 steps: - uses: actions/checkout@v4 - name: Update - run: sudo apt-get update + run: apt-get update - name: Install Dependencies - run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 + run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - name: Install Python Libraries - run: sudo apt install python3-pycryptodome + run: apt install python3-pycryptodome - name: Install Libgcrypt run: > curl @@ -65,16 +67,16 @@ jobs: -o /tmp/libgpg-error-1.50.tar.bz2 && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ && cd /tmp/libgpg-error-1.50 - && sudo ./configure - && sudo make install + && ./configure + && make install && curl -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 -o /tmp/libgcrypt-1.11.0.tar.bz2 && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ && cd /tmp/libgcrypt-1.11.0 - && sudo ./configure - && sudo make install - && sudo ldconfig + && ./configure + && make install + && ldconfig # End Container Setup - name: Internal Build Script @@ -148,14 +150,16 @@ jobs: wolf_build: # Container Setup runs-on: ubuntu-latest + container: + image: ivvitc/cryptolib:20240814 steps: - uses: actions/checkout@v4 - name: Update - run: sudo apt-get update + run: apt-get update - name: Install Dependencies - run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool + run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool - name: Install Python Libraries - run: sudo apt install python3-pycryptodome + run: apt install python3-pycryptodome - name: Install Libgcrypt run: > curl @@ -163,16 +167,16 @@ jobs: -o /tmp/libgpg-error-1.50.tar.bz2 && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ && cd /tmp/libgpg-error-1.50 - && sudo ./configure - && sudo make install + && ./configure + && make install && curl -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 -o /tmp/libgcrypt-1.11.0.tar.bz2 && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ && cd /tmp/libgcrypt-1.11.0 - && sudo ./configure - && sudo make install - && sudo ldconfig + && ./configure + && make install + && ldconfig - name: Clone WolfSSL run: git clone --depth 1 --branch v5.6.0-stable https://github.com/wolfSSL/wolfssl.git /tmp/wolfssl @@ -190,8 +194,8 @@ jobs: cd /tmp/wolfssl/build; cmake -DWOLFSSL_AESCCM=yes -DWOLFSSL_AESSIV=yes -DWOLFSSL_CMAC=yes ..; cmake --build .; - sudo make install; - sudo ldconfig; + make install; + ldconfig; # End Container Setup - name: Wolf Build Script From ab789c01d0875d16151ec3f208771d3337f08811 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 20:40:32 +0000 Subject: [PATCH 121/241] [nasa/cryptolib#331] install pycryptodome with pip --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9e26e3fb..5c6ecf9e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -59,7 +59,7 @@ jobs: - name: Install Dependencies run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - name: Install Python Libraries - run: apt install python3-pycryptodome + run: pip install pycryptodome - name: Install Libgcrypt run: > curl @@ -159,7 +159,7 @@ jobs: - name: Install Dependencies run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool - name: Install Python Libraries - run: apt install python3-pycryptodome + run: pip install pycryptodome - name: Install Libgcrypt run: > curl From efc0d18efbfd896f61a59fc950d38fffa1de49e9 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 10 Oct 2024 20:50:39 +0000 Subject: [PATCH 122/241] [nasa/cryptolib#331] use cryptolib container --- .github/workflows/codeql.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bc9e3b35..20c0c376 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -21,6 +21,8 @@ jobs: build_internal: name: Analyze Build_Internal runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + container: + image: ivvitc/cryptolib:20240814 permissions: # required for all workflows security-events: write @@ -71,6 +73,8 @@ jobs: build_minimal: name: Analyze Build_Minimal runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + container: + image: ivvitc/cryptolib:20240814 permissions: # required for all workflows security-events: write @@ -121,6 +125,8 @@ jobs: build_wolf: name: Analyze Build_Wolf runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + container: + image: ivvitc/cryptolib:20240814 permissions: # required for all workflows security-events: write @@ -200,6 +206,8 @@ jobs: build_rhel: name: Analyze Build_RHEL runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + container: + image: ivvitc/cryptolib:20240814 permissions: # required for all workflows security-events: write From ce325d1b3273a49758f98e2e3c89a629e9dd4c37 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 06:56:57 +0000 Subject: [PATCH 123/241] [nasa/cryptolib#331] remove sudo from wolf build --- .github/workflows/codeql.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 20c0c376..df2778f9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -159,29 +159,29 @@ jobs: cd /tmp/wolfssl/build; cmake -DWOLFSSL_AESCCM=yes -DWOLFSSL_AESSIV=yes -DWOLFSSL_CMAC=yes ..; cmake --build .; - sudo make install; - sudo ldconfig; + make install; + ldconfig; - name: Install Dependencies run: | - sudo apt-get update - sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool + apt-get update + apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool - name: Install Python Libraries - run: sudo pip install pycryptodome + run: pip install pycryptodome - name: Update Dependencies run: > curl -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 -o /tmp/libgpg-error-1.50.tar.bz2 && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ && cd /tmp/libgpg-error-1.50 - && sudo ./configure - && sudo make install + && ./configure + && make install && curl -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 -o /tmp/libgcrypt-1.11.0.tar.bz2 && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ && cd /tmp/libgcrypt-1.11.0 - && sudo ./configure - && sudo make install - && sudo ldconfig + && ./configure + && make install + && ldconfig - name: Checkout repository uses: actions/checkout@v4 From 1d1b9fe0ce9adf914b2f3a529f4b48a4e66411b7 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 06:58:33 +0000 Subject: [PATCH 124/241] [nasa/cryptolib#331] remove sudo from update_env.sh --- support/scripts/update_env.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/support/scripts/update_env.sh b/support/scripts/update_env.sh index ba0e2de5..28bde248 100644 --- a/support/scripts/update_env.sh +++ b/support/scripts/update_env.sh @@ -4,8 +4,8 @@ # Will update Libgpg and LibGCrypt # -sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 -sudo pip install pycryptodome +apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 +pip install pycryptodome curl -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 -o /tmp/libgpg-error-1.50.tar.bz2 tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ && cd /tmp/libgpg-error-1.50 && sudo ./configure && sudo make install curl -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 -o /tmp/libgcrypt-1.11.0.tar.bz2 From 5b9923ab4827a2be42136e3de4b9031ca8f18775 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 07:00:23 +0000 Subject: [PATCH 125/241] [nasa/cryptolib#331] remove sudo from update_env.sh --- support/scripts/update_env.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/support/scripts/update_env.sh b/support/scripts/update_env.sh index 28bde248..59da58de 100644 --- a/support/scripts/update_env.sh +++ b/support/scripts/update_env.sh @@ -7,6 +7,6 @@ apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 pip install pycryptodome curl -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 -o /tmp/libgpg-error-1.50.tar.bz2 -tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ && cd /tmp/libgpg-error-1.50 && sudo ./configure && sudo make install +tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ && cd /tmp/libgpg-error-1.50 && ./configure && make install curl -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 -o /tmp/libgcrypt-1.11.0.tar.bz2 -tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ && cd /tmp/libgcrypt-1.11.0 && sudo ./configure && sudo make install && sudo ldconfig +tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ && cd /tmp/libgcrypt-1.11.0 && ./configure && make install && ldconfig From a974b13a646c19fb47ce5d75f4916e7d0a30200c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 08:33:55 +0000 Subject: [PATCH 126/241] [nasa/cryptolib#331] Fix in place decryption in wolfssl --- .../wolfssl/cryptography_interface_wolfssl.template.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/crypto/wolfssl/cryptography_interface_wolfssl.template.c b/src/crypto/wolfssl/cryptography_interface_wolfssl.template.c index 66c4cc8f..e2734cdf 100644 --- a/src/crypto/wolfssl/cryptography_interface_wolfssl.template.c +++ b/src/crypto/wolfssl/cryptography_interface_wolfssl.template.c @@ -632,7 +632,15 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, // Added for now while assessing unit tests and requirements if (mac_size > 0) { - status = wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, mac_size, aad, aad_len); + if (len_data_in == 0) + { + // in place decryption + status = wc_AesGcmDecrypt(&dec, data_out, data_out, len_data_out, iv, iv_len, mac, mac_size, aad, aad_len); + } + else + { + status = wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, mac_size, aad, aad_len); + } } else { From b87a51706c99c1ff278e3e2e351a1eedb9d00a50 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 11:49:44 +0000 Subject: [PATCH 127/241] [nasa/cryptolib#331] Code/Comment Cleanup, fix sa_setARSNW --- include/crypto_config.h | 3 +- src/core/crypto.c | 2 +- src/core/crypto_key_mgmt.c | 48 ++++++++------ src/core/crypto_mc.c | 63 +++++++++---------- src/core/crypto_print.c | 9 +-- src/core/crypto_tm.c | 2 - .../internal/sa_interface_inmemory.template.c | 14 +++-- test/unit/ut_ep_sa_mgmt.c | 1 + 8 files changed, 74 insertions(+), 68 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 7a11ff91..e370fa7e 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -207,8 +207,9 @@ // SDLS Behavior Defines #define SDLS_KEYV_MAX_KEYS 21 /* keys */ -#define SDLS_KEYV_IV_LEN 12 /* bytes */ +#define SDLS_IV_LEN 12 /* bytes */ #define SDLS_KEYV_KEY_ID_LEN 2 /* bytes */ +#define SDLS_KEY_LEN 32 /* bytes */ // TC Behavior Defines #define TC_SDLS_EP_VCID \ diff --git a/src/core/crypto.c b/src/core/crypto.c index e29744cb..eb8a7cd9 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -303,7 +303,7 @@ int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t* buffer, uint16_t* length) return status; } - pkt_length = sdls_frame.hdr.pkt_length + 1; // TODO: Confirm `+1` is ok here + pkt_length = sdls_frame.hdr.pkt_length + 1; // Sanity Check on length if (pkt_length > TC_MAX_FRAME_SIZE) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index c6a7b496..c0b8bdc4 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -48,10 +48,13 @@ int32_t Crypto_Key_OTAR(void) int pdu_keys = (sdls_frame.pdu.hdr.pdu_len - 30) / (2 + 32); int w; crypto_key_t* ekp = NULL; - printf("# PDU Keys: %d\n", pdu_keys); + // Master Key ID packet.mkid = (sdls_frame.pdu.data[0] << 8) | (sdls_frame.pdu.data[1]); - printf("MKID: %d\n", packet.mkid); +#ifdef DEBUG + printf("# PDU Keys: %d\n", pdu_keys); + printf("MKID: %d\n", packet.mkid); +#endif if (packet.mkid >= 128) { report.af = 1; @@ -66,7 +69,9 @@ int32_t Crypto_Key_OTAR(void) mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; } +#ifdef DEBUG printf(KRED "Error: MKID is not valid! \n" RESET); +#endif status = CRYPTO_LIB_ERROR; return status; } @@ -74,14 +79,18 @@ int32_t Crypto_Key_OTAR(void) for (count = 2; count < (2 + 12); count++) { // Initialization Vector packet.iv[count - 2] = sdls_frame.pdu.data[count]; +#ifdef DEBUG printf("packet.iv[%d] = 0x%02x\n", count-2, packet.iv[count-2]); +#endif } count = sdls_frame.pdu.hdr.pdu_len - MAC_SIZE; for (w = 0; w < 16; w++) { // MAC packet.mac[w] = sdls_frame.pdu.data[count + w]; +#ifdef DEBUG printf("packet.mac[%d] = 0x%02x\n", w, packet.mac[w]); +#endif } ekp = key_if->get_key(packet.mkid); @@ -92,14 +101,14 @@ int32_t Crypto_Key_OTAR(void) uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output - (size_t)(pdu_keys * (2 + 32)), // length of data + (size_t)(pdu_keys * (2 + SDLS_KEY_LEN)), // length of data NULL, // in place decryption 0, // in data length &(ekp->value[0]), //key ekp->key_len, //key length NULL, //SA reference &(packet.iv[0]), //IV - 12, //IV length + SDLS_IV_LEN, //IV length &(packet.mac[0]), // tag input MAC_SIZE, // tag size NULL, // AAD @@ -130,7 +139,9 @@ int32_t Crypto_Key_OTAR(void) mc_log.blk[log_count].emv[3] = 0x41; // A mc_log.blk[log_count++].em_len = 4; } +#ifdef DEBUG printf(KRED "Error: Cannot OTAR master key! \n" RESET); +#endif status = CRYPTO_LIB_ERROR; return status; } @@ -143,7 +154,7 @@ int32_t Crypto_Key_OTAR(void) } count = count + 2; - for (y = count; y < (32 + count); y++) + for (y = count; y < (SDLS_KEY_LEN + count); y++) { // Encrypted Key packet.EKB[x].ek[y - count] = sdls_frame.pdu.data[y]; @@ -153,7 +164,7 @@ int32_t Crypto_Key_OTAR(void) // Setup Key Ring ekp->value[y - count] = sdls_frame.pdu.data[y]; } - count = count + 32; + count = count + SDLS_KEY_LEN; // Set state to PREACTIVE ekp->key_state = KEY_PREACTIVE; @@ -165,7 +176,7 @@ int32_t Crypto_Key_OTAR(void) for (x = 0; x < pdu_keys; x++) { printf("%d) Key ID = %d, 0x", x + 1, packet.EKB[x].ekid); - for (y = 0; y < 32; y++) + for (y = 0; y < SDLS_KEY_LEN; y++) { printf("%02x", packet.EKB[x].ek[y]); } @@ -256,7 +267,9 @@ int32_t Crypto_Key_update(uint8_t state) mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; } +#ifdef PDU_DEBUG printf(KRED "Error: MKID state cannot be changed! \n" RESET); +#endif return CRYPTO_LIB_ERR_KEY_ID_ERROR; } @@ -269,9 +282,6 @@ int32_t Crypto_Key_update(uint8_t state) if (ekp->key_state == (state - 1)) { ekp->key_state = state; -#ifdef PDU_DEBUG - // printf("Key ID %d state changed to ", packet.kblk[x].kid); -#endif } else { @@ -286,7 +296,9 @@ int32_t Crypto_Key_update(uint8_t state) mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; } +#ifdef PDU_DEBUG printf(KRED "Error: Key %d cannot transition to desired state! \n" RESET, packet.kblk[x].kid); +#endif return CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR; } } @@ -296,7 +308,7 @@ int32_t Crypto_Key_update(uint8_t state) /** * @brief Function: Crypto_Key_inventory * @param ingest: uint8_t* - * @return int32: count + * @return int32: Success/Failure **/ int32_t Crypto_Key_inventory(uint8_t* ingest) { @@ -356,7 +368,7 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) /** * @brief Function: Crypto_Key_verify * @param tc_frame: TC_t* - * @return int32: count + * @return int32: Success/Failure **/ int32_t Crypto_Key_verify(TC_t* tc_frame) { @@ -401,7 +413,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) } // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_KEYV_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * 8; + sdls_frame.pdu.hdr.pdu_len = pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * 8; // length = pdu_len + HDR + PUS - 1 (per CCSDS Convention) if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) @@ -438,7 +450,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) } // Initialization Vector - for (y = 0; y < SDLS_KEYV_IV_LEN; y++) + for (y = 0; y < SDLS_IV_LEN; y++) { sdls_frame.pdu.data[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); sdls_ep_keyv_reply.blk[x].iv[y] =0x00; //= *(tc_frame->tc_sec_header.iv + y); @@ -448,7 +460,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) } // ***** This increments the lowest bytes of the IVs so they aren't identical sdls_frame.pdu.data[pdu_data_idx-1] = sdls_frame.pdu.data[pdu_data_idx-1] + x + 1; - sdls_ep_keyv_reply.blk[x].iv[11] = sdls_ep_keyv_reply.blk[x].iv[SDLS_KEYV_IV_LEN-1] + x + 1; + sdls_ep_keyv_reply.blk[x].iv[11] = sdls_ep_keyv_reply.blk[x].iv[SDLS_IV_LEN-1] + x + 1; sdls_ep_reply[pdu_data_idx-1] = sdls_ep_reply[pdu_data_idx-1] + x + 1; // Encrypt challenge @@ -458,10 +470,10 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) &(packet.blk[x].challenge[0]), // plaintext input (size_t)CHALLENGE_SIZE, // in data length &(ekp->value[0]), // Key Index - 32, // Key Length + SDLS_KEY_LEN, // Key Length NULL, // SA Reference for key &(sdls_ep_keyv_reply.blk[x].iv[0]), // IV - SDLS_KEYV_IV_LEN, // IV Length + SDLS_IV_LEN, // IV Length &(sdls_ep_keyv_reply.blk[x].mac[0]), // MAC CHALLENGE_MAC_SIZE, // MAC Size NULL, @@ -494,7 +506,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) printf("\nKey Index %d Verification results:", i); printf("\n\tKID: %04X", sdls_ep_keyv_reply.blk[i].kid); printf("\n\tIV: "); - for (int j = 0; j < SDLS_KEYV_IV_LEN; j ++) + for (int j = 0; j < SDLS_KEY_LEN; j ++) { printf("%02X", sdls_ep_keyv_reply.blk[i].iv[j]); } diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 155ece9f..e562d6ff 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -27,7 +27,7 @@ /** * @brief Function: Crypto_MC_ping * @param ingest: uint8_t* - * return int32: count + * @return int32: Success/Failure **/ int32_t Crypto_MC_ping(uint8_t* ingest) { @@ -37,7 +37,7 @@ int32_t Crypto_MC_ping(uint8_t* ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = 0; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.hdr.pdu_len + SDLS_TLV_HDR_SIZE + 9; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; count = Crypto_Prep_Reply(sdls_ep_reply, 128); #ifdef PDU_DEBUG @@ -55,28 +55,26 @@ int32_t Crypto_MC_ping(uint8_t* ingest) /** * @brief Function: Crypto_MC_status * @param ingest: uint8_t* - * @return int32: count + * @return int32: Success/Failure **/ int32_t Crypto_MC_status(uint8_t* ingest) { if(ingest == NULL) return CRYPTO_LIB_ERROR; uint8_t count = 0; - // TODO: Update log_summary.rs; - // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> 8; - count += 1; + count++; sdls_ep_reply[count] = (log_summary.num_se & 0x00FF); - count += 1; + count++; sdls_ep_reply[count] = (log_summary.rs & 0xFF00) >> 8; - count += 1; + count++; sdls_ep_reply[count] = (log_summary.rs & 0x00FF); - count += 1; + count++; #ifdef PDU_DEBUG printf("MC Status Reply: 0x"); @@ -95,33 +93,32 @@ int32_t Crypto_MC_status(uint8_t* ingest) /** * @brief Function: Crypto_MC_dump * @param ingest: uint8_t* - * @return int32: Count + * @return int32: Success/Failure **/ int32_t Crypto_MC_dump(uint8_t* ingest) { - // TODO: Fix Reply Size, same as key verification if(ingest == NULL) return CRYPTO_LIB_ERROR; uint8_t count = 0; int x; int y; // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = SDLS_MC_DUMP_RPLY_SIZE * log_count * 8; // SDLS_MC_DUMP_RPLY_SIZE + sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_DUMP_RPLY_SIZE * log_count) * 8; sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU for (x = 0; x < log_count; x++) { sdls_ep_reply[count] = mc_log.blk[x].emt; - count += 1; + count++; sdls_ep_reply[count] = (mc_log.blk[x].em_len & 0xFF00) >> 8; - count += 1; + count++; sdls_ep_reply[count] = (mc_log.blk[x].em_len & 0x00FF); - count += 1; + count++; for (y = 0; y < EMV_SIZE; y++) { sdls_ep_reply[count] = mc_log.blk[x].emv[y]; - count += 1; + count++; } #ifdef PDU_DEBUG printf("Log %d emt: 0x%02x\n", x, mc_log.blk[x].emt); @@ -153,7 +150,7 @@ int32_t Crypto_MC_dump(uint8_t* ingest) /** * @brief Function: Crypto_MC_erase * @param ingest: uint8_t* - * @return int32: count + * @return int32: Success/Failure **/ int32_t Crypto_MC_erase(uint8_t* ingest) { @@ -184,14 +181,13 @@ int32_t Crypto_MC_erase(uint8_t* ingest) count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> 8; - count += 1; + count++; sdls_ep_reply[count] = (log_summary.num_se & 0x00FF); - count += 1; + count++; sdls_ep_reply[count] = (log_summary.rs & 0xFF00) >> 8; - count += 1; + count++; sdls_ep_reply[count] = (log_summary.rs & 0x00FF); - count += 1; - // 0880d2c7000d197f0b00b4002000000032 0880d2c70010197f0b00b4002000000032 + count++; #ifdef PDU_DEBUG printf("log_count = %d \n", log_count); @@ -211,7 +207,7 @@ int32_t Crypto_MC_erase(uint8_t* ingest) /** * @brief Function: Crypto_MC_selftest * @param ingest: uint8_t* - * @return int32: Count + * @return int32: Success/Failure **/ int32_t Crypto_MC_selftest(uint8_t* ingest) { @@ -223,12 +219,12 @@ int32_t Crypto_MC_selftest(uint8_t* ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_ST_RPLY_SIZE) * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + (SDLS_TLV_HDR_SIZE) + 9; // TODO: Why is the `+SDLS_TLV_HDR_SIZE` needed to get the correct size? + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + (SDLS_TLV_HDR_SIZE) + 9; sdls_frame.pdu.data[0] = result; count = Crypto_Prep_Reply(sdls_ep_reply, 128); sdls_ep_reply[count] = result; - count += 1; + count++; #ifdef PDU_DEBUG printf("MC SelfTest Reply: 0x"); @@ -245,7 +241,7 @@ int32_t Crypto_MC_selftest(uint8_t* ingest) /** * @brief Function: Crypto_SA_readASRN * @param ingest: uint8_t* - * @return int32: Count + * @return int32: Success/Failure **/ int32_t Crypto_SA_readARSN(uint8_t* ingest) { @@ -281,14 +277,14 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest) // Write SPI to reply sdls_ep_reply[count] = (spi & 0xFF00) >> 8; - count += 1; + count++; sdls_ep_reply[count] = (spi & 0x00FF); - count += 1; + count++; for (x = 0; x < sa_ptr->arsn_len; x++) { sdls_ep_reply[count] = *(sa_ptr->arsn + x); - count += 1; + count++; } if (sa_ptr->shivf_len > 0 && sa_ptr->ecs == 1 && sa_ptr->acs == 1) @@ -296,30 +292,29 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest) for (x = 0; x < sa_ptr->shivf_len - 1; x++) { sdls_ep_reply[count] = *(sa_ptr->iv + x); - count += 1; + count++; } // TODO: Do we need this? if (*(sa_ptr->iv + sa_ptr->shivf_len - 1) > 0) { // Adjust to report last received, not expected sdls_ep_reply[count] = *(sa_ptr->iv + sa_ptr->shivf_len - 1) - 1; - count += 1; + count++; } else { sdls_ep_reply[count] = *(sa_ptr->iv + sa_ptr->shivf_len - 1); - count += 1; + count++; } } else { // TODO - // Also, count not being returned correctly since not Auth Enc } #ifdef PDU_DEBUG printf("spi = %d \n", spi); printf("ARSN_LEN: %d\n", sa_ptr->arsn_len); - if (sa_ptr->arsn_len > 0) // Not sure why shivf_len is being used + if (sa_ptr->arsn_len > 0) { printf("ARSN = 0x"); for (x = 0; x < sa_ptr->arsn_len; x++) diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index a9ce4c30..26c68dad 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -103,13 +103,6 @@ void Crypto_Print_Sdls_Ep_Reply(void) // Length to be pulled from packet header uint16_t pkt_length = 0; - // Check for Null Inputs - // if (sdls_ep_reply == NULL) - // { - // printf(KRED "The sdls_ep_reply buffer is null... this isn't good as it should be static in memory!\n" RESET); - // return; - // } - pkt_length = ((sdls_ep_reply[4] << 8) | sdls_ep_reply[5]) + 1; // Sanity check on length @@ -121,7 +114,7 @@ void Crypto_Print_Sdls_Ep_Reply(void) // Do the print printf("SDLS Reply Global: 0x"); - for (int i =0; i < pkt_length; i++) + for (int i = 0; i < pkt_length; i++) { printf("%02X", sdls_ep_reply[i]); } diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 45de215c..16244110 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1660,9 +1660,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ // Bit math to give concise access to values in the ingest tm_frame_pri_hdr.tfvn = ((uint8_t)p_ingest[0] & 0xC0) >> 6; - //tm_frame_pri_hdr.scid = (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4); tm_frame_pri_hdr.scid = (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4); - //tm_frame_pri_hdr.scid = 0x002c; tm_frame_pri_hdr.vcid = ((uint8_t)p_ingest[1] & 0x0E) >> 1; status = Crypto_TM_Process_Setup(len_ingest, &byte_idx, p_ingest, &secondary_hdr_len); diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 71172ea2..ac7daf98 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1233,15 +1233,19 @@ static int32_t sa_rekey(void) } else { +#ifdef PDU_DEBUG printf(KRED "ERROR: SPI %d is not in the UNKEYED state.\n" RESET, spi); +#endif } } else { +#ifdef PDU_DEBUG printf(KRED "ERROR: SPI %d does not exist.\n" RESET, spi); +#endif } -#ifdef DEBUG +#ifdef PDU_DEBUG printf("\t spi = %d \n", spi); printf("\t ekid = %d \n", sa[spi].ekid); // printf("\t akid = %d \n", sa[spi].akid); @@ -1502,13 +1506,13 @@ static int32_t sa_setARSNW(void) // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; +#ifdef PDU_DEBUG printf("spi = %d \n", spi); +#endif // Check SPI exists if (spi < NUM_SA) { - sa[spi].arsnw_len = (uint8_t)sdls_frame.pdu.data[2]; - // Check for out of bounds if (sa[spi].arsnw_len > (ARSN_SIZE)) { @@ -1517,7 +1521,7 @@ static int32_t sa_setARSNW(void) for (x = 0; x < sa[spi].arsnw_len; x++) { - sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 2]) << (sa[spi].arsnw_len - 1 - x)); + sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 2])); } #ifdef PDU_DEBUG printf("ARSN set to: %d\n", sa[spi].arsnw); @@ -1525,7 +1529,9 @@ static int32_t sa_setARSNW(void) } else { +#ifdef PDU_DEBUG printf("sa_setARSNW ERROR: SPI %d does not exist.\n", spi); +#endif } return CRYPTO_LIB_SUCCESS; diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 1cbdfddd..41b6bcf3 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -265,6 +265,7 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->shivf_len = 0; + test_association->arsnw_len = 1; // Modify SA 1 sa_if->sa_get_from_spi(6, &test_association); From e22f1165e76ee641f862167441b31a0cd7d411ee Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 13:37:10 +0000 Subject: [PATCH 128/241] [nasa/cryptolib#331] Increment number of core error codes --- include/crypto_error.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index e84cf5e4..06251aa6 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -150,7 +150,7 @@ #define CONFIGURATION_ERROR_CODES 100 #define CONFIGURATION_ERROR_CODES_MAX 103 -#define CRYPTO_CORE_ERROR_CODES_MAX -58 +#define CRYPTO_CORE_ERROR_CODES_MAX -59 extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; From 117e7205a479af940bce43ed59374719a1e78022 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 14:34:29 +0000 Subject: [PATCH 129/241] [nasa/cryptolib#331] Trim .gitignore --- .gitignore | 676 +---------------------------------------------------- 1 file changed, 5 insertions(+), 671 deletions(-) diff --git a/.gitignore b/.gitignore index 6d23cf9f..ca2c700e 100644 --- a/.gitignore +++ b/.gitignore @@ -16,683 +16,17 @@ venv vgcore* core.* log.txt -Makefile cmake_install.cmake CMakeCache.txt CTestTestfile.cmake DartConfiguration.tcl sa_save_file.bin -bin/et_dt_validation -bin/ut_aes_gcm_siv -bin/ut_aos_apply -bin/ut_aos_process -bin/ut_crypto -bin/ut_crypto_config -bin/ut_crypto_mc -bin/ut_ep_key_validation -bin/ut_mysql_m_tls_connection -bin/ut_mysql_tls_connection -bin/ut_sa_save -bin/ut_sadb_err_cases_kmc_crypto -bin/ut_tc_apply -bin/ut_tc_process -bin/ut_tm_apply -bin/ut_tm_process -CMakeFiles/cmake.check_cache -CMakeFiles/CMakeDirectoryInformation.cmake -CMakeFiles/CMakeOutput.log -CMakeFiles/CMakeRuleHashes.txt -CMakeFiles/Makefile.cmake -CMakeFiles/Makefile2 -CMakeFiles/progress.marks -CMakeFiles/TargetDirectories.txt -CMakeFiles/3.22.1/CMakeCCompiler.cmake -CMakeFiles/3.22.1/CMakeDetermineCompilerABI_C.bin -CMakeFiles/3.22.1/CMakeSystem.cmake -CMakeFiles/3.22.1/CompilerIdC/a.out -CMakeFiles/3.22.1/CompilerIdC/CMakeCCompilerId.c -CMakeFiles/Continuous.dir/build.make -CMakeFiles/Continuous.dir/cmake_clean.cmake -CMakeFiles/Continuous.dir/compiler_depend.make -CMakeFiles/Continuous.dir/compiler_depend.ts -CMakeFiles/Continuous.dir/DependInfo.cmake -CMakeFiles/Continuous.dir/progress.make -CMakeFiles/ContinuousBuild.dir/build.make -CMakeFiles/ContinuousBuild.dir/cmake_clean.cmake -CMakeFiles/ContinuousBuild.dir/compiler_depend.make -CMakeFiles/ContinuousBuild.dir/compiler_depend.ts -CMakeFiles/ContinuousBuild.dir/DependInfo.cmake -CMakeFiles/ContinuousBuild.dir/progress.make -CMakeFiles/ContinuousBuild.dir/progress.make.tmp38559 -CMakeFiles/ContinuousConfigure.dir/build.make -CMakeFiles/ContinuousConfigure.dir/cmake_clean.cmake -CMakeFiles/ContinuousConfigure.dir/compiler_depend.make -CMakeFiles/ContinuousConfigure.dir/compiler_depend.ts -CMakeFiles/ContinuousConfigure.dir/DependInfo.cmake -CMakeFiles/ContinuousConfigure.dir/progress.make -CMakeFiles/ContinuousCoverage.dir/build.make -CMakeFiles/ContinuousCoverage.dir/cmake_clean.cmake -CMakeFiles/ContinuousCoverage.dir/compiler_depend.make -CMakeFiles/ContinuousCoverage.dir/compiler_depend.ts -CMakeFiles/ContinuousCoverage.dir/DependInfo.cmake -CMakeFiles/ContinuousCoverage.dir/progress.make -CMakeFiles/ContinuousMemCheck.dir/build.make -CMakeFiles/ContinuousMemCheck.dir/cmake_clean.cmake -CMakeFiles/ContinuousMemCheck.dir/compiler_depend.make -CMakeFiles/ContinuousMemCheck.dir/compiler_depend.ts -CMakeFiles/ContinuousMemCheck.dir/DependInfo.cmake -CMakeFiles/ContinuousMemCheck.dir/progress.make -CMakeFiles/ContinuousStart.dir/build.make -CMakeFiles/ContinuousStart.dir/cmake_clean.cmake -CMakeFiles/ContinuousStart.dir/compiler_depend.make -CMakeFiles/ContinuousStart.dir/compiler_depend.ts -CMakeFiles/ContinuousStart.dir/DependInfo.cmake -CMakeFiles/ContinuousStart.dir/progress.make -CMakeFiles/ContinuousSubmit.dir/build.make -CMakeFiles/ContinuousSubmit.dir/cmake_clean.cmake -CMakeFiles/ContinuousSubmit.dir/compiler_depend.make -CMakeFiles/ContinuousSubmit.dir/compiler_depend.ts -CMakeFiles/ContinuousSubmit.dir/DependInfo.cmake -CMakeFiles/ContinuousSubmit.dir/progress.make -CMakeFiles/ContinuousTest.dir/build.make -CMakeFiles/ContinuousTest.dir/cmake_clean.cmake -CMakeFiles/ContinuousTest.dir/compiler_depend.make -CMakeFiles/ContinuousTest.dir/compiler_depend.ts -CMakeFiles/ContinuousTest.dir/DependInfo.cmake -CMakeFiles/ContinuousTest.dir/progress.make -CMakeFiles/ContinuousUpdate.dir/build.make -CMakeFiles/ContinuousUpdate.dir/cmake_clean.cmake -CMakeFiles/ContinuousUpdate.dir/compiler_depend.make -CMakeFiles/ContinuousUpdate.dir/compiler_depend.ts -CMakeFiles/ContinuousUpdate.dir/DependInfo.cmake -CMakeFiles/ContinuousUpdate.dir/progress.make -CMakeFiles/Experimental.dir/build.make -CMakeFiles/Experimental.dir/cmake_clean.cmake -CMakeFiles/Experimental.dir/compiler_depend.make -CMakeFiles/Experimental.dir/compiler_depend.ts -CMakeFiles/Experimental.dir/DependInfo.cmake -CMakeFiles/Experimental.dir/progress.make -CMakeFiles/ExperimentalBuild.dir/build.make -CMakeFiles/ExperimentalBuild.dir/cmake_clean.cmake -CMakeFiles/ExperimentalBuild.dir/compiler_depend.make -CMakeFiles/ExperimentalBuild.dir/compiler_depend.ts -CMakeFiles/ExperimentalBuild.dir/DependInfo.cmake -CMakeFiles/ExperimentalBuild.dir/progress.make -CMakeFiles/ExperimentalConfigure.dir/build.make -CMakeFiles/ExperimentalConfigure.dir/cmake_clean.cmake -CMakeFiles/ExperimentalConfigure.dir/compiler_depend.make -CMakeFiles/ExperimentalConfigure.dir/compiler_depend.ts -CMakeFiles/ExperimentalConfigure.dir/DependInfo.cmake -CMakeFiles/ExperimentalConfigure.dir/progress.make -CMakeFiles/ExperimentalCoverage.dir/build.make -CMakeFiles/ExperimentalCoverage.dir/cmake_clean.cmake -CMakeFiles/ExperimentalCoverage.dir/compiler_depend.make -CMakeFiles/ExperimentalCoverage.dir/compiler_depend.ts -CMakeFiles/ExperimentalCoverage.dir/DependInfo.cmake -CMakeFiles/ExperimentalCoverage.dir/progress.make -CMakeFiles/ExperimentalMemCheck.dir/build.make -CMakeFiles/ExperimentalMemCheck.dir/cmake_clean.cmake -CMakeFiles/ExperimentalMemCheck.dir/compiler_depend.make -CMakeFiles/ExperimentalMemCheck.dir/compiler_depend.ts -CMakeFiles/ExperimentalMemCheck.dir/DependInfo.cmake -CMakeFiles/ExperimentalMemCheck.dir/progress.make -CMakeFiles/ExperimentalStart.dir/build.make -CMakeFiles/ExperimentalStart.dir/cmake_clean.cmake -CMakeFiles/ExperimentalStart.dir/compiler_depend.make -CMakeFiles/ExperimentalStart.dir/compiler_depend.ts -CMakeFiles/ExperimentalStart.dir/DependInfo.cmake -CMakeFiles/ExperimentalStart.dir/progress.make -CMakeFiles/ExperimentalSubmit.dir/build.make -CMakeFiles/ExperimentalSubmit.dir/cmake_clean.cmake -CMakeFiles/ExperimentalSubmit.dir/compiler_depend.make -CMakeFiles/ExperimentalSubmit.dir/compiler_depend.ts -CMakeFiles/ExperimentalSubmit.dir/DependInfo.cmake -CMakeFiles/ExperimentalSubmit.dir/progress.make -CMakeFiles/ExperimentalTest.dir/build.make -CMakeFiles/ExperimentalTest.dir/cmake_clean.cmake -CMakeFiles/ExperimentalTest.dir/compiler_depend.make -CMakeFiles/ExperimentalTest.dir/compiler_depend.ts -CMakeFiles/ExperimentalTest.dir/DependInfo.cmake -CMakeFiles/ExperimentalTest.dir/progress.make -CMakeFiles/ExperimentalUpdate.dir/build.make -CMakeFiles/ExperimentalUpdate.dir/cmake_clean.cmake -CMakeFiles/ExperimentalUpdate.dir/compiler_depend.make -CMakeFiles/ExperimentalUpdate.dir/compiler_depend.ts -CMakeFiles/ExperimentalUpdate.dir/DependInfo.cmake -CMakeFiles/ExperimentalUpdate.dir/progress.make -CMakeFiles/Nightly.dir/build.make -CMakeFiles/Nightly.dir/cmake_clean.cmake -CMakeFiles/Nightly.dir/compiler_depend.make -CMakeFiles/Nightly.dir/compiler_depend.ts -CMakeFiles/Nightly.dir/DependInfo.cmake -CMakeFiles/Nightly.dir/progress.make -CMakeFiles/NightlyBuild.dir/build.make -CMakeFiles/NightlyBuild.dir/cmake_clean.cmake -CMakeFiles/NightlyBuild.dir/compiler_depend.make -CMakeFiles/NightlyBuild.dir/compiler_depend.ts -CMakeFiles/NightlyBuild.dir/DependInfo.cmake -CMakeFiles/NightlyBuild.dir/progress.make -CMakeFiles/NightlyConfigure.dir/build.make -CMakeFiles/NightlyConfigure.dir/cmake_clean.cmake -CMakeFiles/NightlyConfigure.dir/compiler_depend.make -CMakeFiles/NightlyConfigure.dir/compiler_depend.ts -CMakeFiles/NightlyConfigure.dir/DependInfo.cmake -CMakeFiles/NightlyConfigure.dir/progress.make -CMakeFiles/NightlyCoverage.dir/build.make -CMakeFiles/NightlyCoverage.dir/cmake_clean.cmake -CMakeFiles/NightlyCoverage.dir/compiler_depend.make -CMakeFiles/NightlyCoverage.dir/compiler_depend.ts -CMakeFiles/NightlyCoverage.dir/DependInfo.cmake -CMakeFiles/NightlyCoverage.dir/progress.make -CMakeFiles/NightlyMemCheck.dir/build.make -CMakeFiles/NightlyMemCheck.dir/cmake_clean.cmake -CMakeFiles/NightlyMemCheck.dir/compiler_depend.make -CMakeFiles/NightlyMemCheck.dir/compiler_depend.ts -CMakeFiles/NightlyMemCheck.dir/DependInfo.cmake -CMakeFiles/NightlyMemCheck.dir/progress.make -CMakeFiles/NightlyMemoryCheck.dir/build.make -CMakeFiles/NightlyMemoryCheck.dir/cmake_clean.cmake -CMakeFiles/NightlyMemoryCheck.dir/compiler_depend.make -CMakeFiles/NightlyMemoryCheck.dir/compiler_depend.ts -CMakeFiles/NightlyMemoryCheck.dir/DependInfo.cmake -CMakeFiles/NightlyMemoryCheck.dir/progress.make -CMakeFiles/NightlyStart.dir/build.make -CMakeFiles/NightlyStart.dir/cmake_clean.cmake -CMakeFiles/NightlyStart.dir/compiler_depend.make -CMakeFiles/NightlyStart.dir/compiler_depend.ts -CMakeFiles/NightlyStart.dir/DependInfo.cmake -CMakeFiles/NightlyStart.dir/progress.make -CMakeFiles/NightlySubmit.dir/build.make -CMakeFiles/NightlySubmit.dir/cmake_clean.cmake -CMakeFiles/NightlySubmit.dir/compiler_depend.make -CMakeFiles/NightlySubmit.dir/compiler_depend.ts -CMakeFiles/NightlySubmit.dir/DependInfo.cmake -CMakeFiles/NightlySubmit.dir/progress.make -CMakeFiles/NightlyTest.dir/build.make -CMakeFiles/NightlyTest.dir/cmake_clean.cmake -CMakeFiles/NightlyTest.dir/compiler_depend.make -CMakeFiles/NightlyTest.dir/compiler_depend.ts -CMakeFiles/NightlyTest.dir/DependInfo.cmake -CMakeFiles/NightlyTest.dir/progress.make -CMakeFiles/NightlyUpdate.dir/build.make -CMakeFiles/NightlyUpdate.dir/cmake_clean.cmake -CMakeFiles/NightlyUpdate.dir/compiler_depend.make -CMakeFiles/NightlyUpdate.dir/compiler_depend.ts -CMakeFiles/NightlyUpdate.dir/DependInfo.cmake -CMakeFiles/NightlyUpdate.dir/progress.make +bin/* +CMakeFiles/* src/cmake_install.cmake src/CTestTestfile.cmake -src/CMakeFiles/CMakeDirectoryInformation.cmake -src/CMakeFiles/progress.marks -src/CMakeFiles/crypto.dir/build.make -src/CMakeFiles/crypto.dir/cmake_clean.cmake -src/CMakeFiles/crypto.dir/compiler_depend.internal -src/CMakeFiles/crypto.dir/compiler_depend.internal.tmp42f59 -src/CMakeFiles/crypto.dir/compiler_depend.internal.tmp93b2c -src/CMakeFiles/crypto.dir/compiler_depend.internal.tmpe28df -src/CMakeFiles/crypto.dir/compiler_depend.internal.tmpea58b -src/CMakeFiles/crypto.dir/compiler_depend.make -src/CMakeFiles/crypto.dir/compiler_depend.ts -src/CMakeFiles/crypto.dir/depend.make -src/CMakeFiles/crypto.dir/DependInfo.cmake -src/CMakeFiles/crypto.dir/flags.make -src/CMakeFiles/crypto.dir/link.txt -src/CMakeFiles/crypto.dir/progress.make -src/CMakeFiles/crypto.dir/core/crypto.c.gcda -src/CMakeFiles/crypto.dir/core/crypto.c.gcno -src/CMakeFiles/crypto.dir/core/crypto.c.o -src/CMakeFiles/crypto.dir/core/crypto.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_aos.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_aos.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_aos.c.o -src/CMakeFiles/crypto.dir/core/crypto_aos.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_config.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_config.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_config.c.o -src/CMakeFiles/crypto.dir/core/crypto_config.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_error.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_error.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_error.c.o -src/CMakeFiles/crypto.dir/core/crypto_error.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_key_mgmt.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_key_mgmt.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_key_mgmt.c.o -src/CMakeFiles/crypto.dir/core/crypto_key_mgmt.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_mc.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_mc.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_mc.c.o -src/CMakeFiles/crypto.dir/core/crypto_mc.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_print.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_print.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_print.c.o -src/CMakeFiles/crypto.dir/core/crypto_print.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_tc.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_tc.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_tc.c.o -src/CMakeFiles/crypto.dir/core/crypto_tc.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_tm.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_tm.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_tm.c.o -src/CMakeFiles/crypto.dir/core/crypto_tm.c.o.d -src/CMakeFiles/crypto.dir/core/crypto_user.c.gcda -src/CMakeFiles/crypto.dir/core/crypto_user.c.gcno -src/CMakeFiles/crypto.dir/core/crypto_user.c.o -src/CMakeFiles/crypto.dir/core/crypto_user.c.o.d -src/CMakeFiles/crypto.dir/crypto/custom_stub/cryptography_interface_custom_stub.template.c.gcda -src/CMakeFiles/crypto.dir/crypto/custom_stub/cryptography_interface_custom_stub.template.c.gcno -src/CMakeFiles/crypto.dir/crypto/custom_stub/cryptography_interface_custom_stub.template.c.o -src/CMakeFiles/crypto.dir/crypto/custom_stub/cryptography_interface_custom_stub.template.c.o.d -src/CMakeFiles/crypto.dir/crypto/kmc_stub/cryptography_interface_kmc.stub.c.gcda -src/CMakeFiles/crypto.dir/crypto/kmc_stub/cryptography_interface_kmc.stub.c.gcno -src/CMakeFiles/crypto.dir/crypto/kmc_stub/cryptography_interface_kmc.stub.c.o -src/CMakeFiles/crypto.dir/crypto/kmc_stub/cryptography_interface_kmc.stub.c.o.d -src/CMakeFiles/crypto.dir/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c.gcda -src/CMakeFiles/crypto.dir/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c.gcno -src/CMakeFiles/crypto.dir/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c.o -src/CMakeFiles/crypto.dir/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c.o.d -src/CMakeFiles/crypto.dir/crypto/wolfssl_stub/cryptography_interface_wolfssl.stub.c.gcda -src/CMakeFiles/crypto.dir/crypto/wolfssl_stub/cryptography_interface_wolfssl.stub.c.gcno -src/CMakeFiles/crypto.dir/crypto/wolfssl_stub/cryptography_interface_wolfssl.stub.c.o -src/CMakeFiles/crypto.dir/crypto/wolfssl_stub/cryptography_interface_wolfssl.stub.c.o.d -src/CMakeFiles/crypto.dir/key/custom_stub/key_interface_custom_stub.template.c.gcda -src/CMakeFiles/crypto.dir/key/custom_stub/key_interface_custom_stub.template.c.gcno -src/CMakeFiles/crypto.dir/key/custom_stub/key_interface_custom_stub.template.c.o -src/CMakeFiles/crypto.dir/key/custom_stub/key_interface_custom_stub.template.c.o.d -src/CMakeFiles/crypto.dir/key/internal/key_interface_internal.template.c.gcda -src/CMakeFiles/crypto.dir/key/internal/key_interface_internal.template.c.gcno -src/CMakeFiles/crypto.dir/key/internal/key_interface_internal.template.c.o -src/CMakeFiles/crypto.dir/key/internal/key_interface_internal.template.c.o.d -src/CMakeFiles/crypto.dir/key/kmc_stub/key_interface_kmc_stub.template.c.gcda -src/CMakeFiles/crypto.dir/key/kmc_stub/key_interface_kmc_stub.template.c.gcno -src/CMakeFiles/crypto.dir/key/kmc_stub/key_interface_kmc_stub.template.c.o -src/CMakeFiles/crypto.dir/key/kmc_stub/key_interface_kmc_stub.template.c.o.d -src/CMakeFiles/crypto.dir/mc/custom_stub/mc_interface_custom_stub.template.c.gcda -src/CMakeFiles/crypto.dir/mc/custom_stub/mc_interface_custom_stub.template.c.gcno -src/CMakeFiles/crypto.dir/mc/custom_stub/mc_interface_custom_stub.template.c.o -src/CMakeFiles/crypto.dir/mc/custom_stub/mc_interface_custom_stub.template.c.o.d -src/CMakeFiles/crypto.dir/mc/disabled_stub/mc_interface_disabled_stub.template.c.gcda -src/CMakeFiles/crypto.dir/mc/disabled_stub/mc_interface_disabled_stub.template.c.gcno -src/CMakeFiles/crypto.dir/mc/disabled_stub/mc_interface_disabled_stub.template.c.o -src/CMakeFiles/crypto.dir/mc/disabled_stub/mc_interface_disabled_stub.template.c.o.d -src/CMakeFiles/crypto.dir/mc/internal/mc_interface_internal.template.c.gcda -src/CMakeFiles/crypto.dir/mc/internal/mc_interface_internal.template.c.gcno -src/CMakeFiles/crypto.dir/mc/internal/mc_interface_internal.template.c.o -src/CMakeFiles/crypto.dir/mc/internal/mc_interface_internal.template.c.o.d -src/CMakeFiles/crypto.dir/sa/custom_stub/sa_interface_custom.stub.c.gcda -src/CMakeFiles/crypto.dir/sa/custom_stub/sa_interface_custom.stub.c.gcno -src/CMakeFiles/crypto.dir/sa/custom_stub/sa_interface_custom.stub.c.o -src/CMakeFiles/crypto.dir/sa/custom_stub/sa_interface_custom.stub.c.o.d -src/CMakeFiles/crypto.dir/sa/internal/sa_interface_inmemory.template.c.gcda -src/CMakeFiles/crypto.dir/sa/internal/sa_interface_inmemory.template.c.gcno -src/CMakeFiles/crypto.dir/sa/internal/sa_interface_inmemory.template.c.o -src/CMakeFiles/crypto.dir/sa/internal/sa_interface_inmemory.template.c.o.d -src/CMakeFiles/crypto.dir/sa/mariadb_stub/sa_interface_mariadb.stub.c.gcda -src/CMakeFiles/crypto.dir/sa/mariadb_stub/sa_interface_mariadb.stub.c.gcno -src/CMakeFiles/crypto.dir/sa/mariadb_stub/sa_interface_mariadb.stub.c.o -src/CMakeFiles/crypto.dir/sa/mariadb_stub/sa_interface_mariadb.stub.c.o.d +src/CMakeFiles/* test/cmake_install.cmake test/CTestTestfile.cmake -test/CMakeFiles/CMakeDirectoryInformation.cmake -test/CMakeFiles/progress.marks -test/CMakeFiles/et_dt_validation.dir/build.make -test/CMakeFiles/et_dt_validation.dir/cmake_clean.cmake -test/CMakeFiles/et_dt_validation.dir/compiler_depend.internal -test/CMakeFiles/et_dt_validation.dir/compiler_depend.internal.tmp4078d -test/CMakeFiles/et_dt_validation.dir/compiler_depend.make -test/CMakeFiles/et_dt_validation.dir/compiler_depend.ts -test/CMakeFiles/et_dt_validation.dir/depend.make -test/CMakeFiles/et_dt_validation.dir/DependInfo.cmake -test/CMakeFiles/et_dt_validation.dir/flags.make -test/CMakeFiles/et_dt_validation.dir/link.txt -test/CMakeFiles/et_dt_validation.dir/progress.make -test/CMakeFiles/et_dt_validation.dir/core/shared_util.c.gcda -test/CMakeFiles/et_dt_validation.dir/core/shared_util.c.gcno -test/CMakeFiles/et_dt_validation.dir/core/shared_util.c.o -test/CMakeFiles/et_dt_validation.dir/core/shared_util.c.o.d -test/CMakeFiles/et_dt_validation.dir/unit/et_dt_validation.c.gcda -test/CMakeFiles/et_dt_validation.dir/unit/et_dt_validation.c.gcno -test/CMakeFiles/et_dt_validation.dir/unit/et_dt_validation.c.o -test/CMakeFiles/et_dt_validation.dir/unit/et_dt_validation.c.o.d -test/CMakeFiles/gcov.dir/build.make -test/CMakeFiles/gcov.dir/cmake_clean.cmake -test/CMakeFiles/gcov.dir/compiler_depend.make -test/CMakeFiles/gcov.dir/compiler_depend.ts -test/CMakeFiles/gcov.dir/DependInfo.cmake -test/CMakeFiles/gcov.dir/progress.make -test/CMakeFiles/scrub.dir/build.make -test/CMakeFiles/scrub.dir/cmake_clean.cmake -test/CMakeFiles/scrub.dir/compiler_depend.make -test/CMakeFiles/scrub.dir/compiler_depend.ts -test/CMakeFiles/scrub.dir/DependInfo.cmake -test/CMakeFiles/scrub.dir/progress.make -test/CMakeFiles/ut_aes_gcm_siv.dir/build.make -test/CMakeFiles/ut_aes_gcm_siv.dir/cmake_clean.cmake -test/CMakeFiles/ut_aes_gcm_siv.dir/compiler_depend.internal -test/CMakeFiles/ut_aes_gcm_siv.dir/compiler_depend.make -test/CMakeFiles/ut_aes_gcm_siv.dir/compiler_depend.ts -test/CMakeFiles/ut_aes_gcm_siv.dir/depend.make -test/CMakeFiles/ut_aes_gcm_siv.dir/depend.make.tmp919b1 -test/CMakeFiles/ut_aes_gcm_siv.dir/DependInfo.cmake -test/CMakeFiles/ut_aes_gcm_siv.dir/flags.make -test/CMakeFiles/ut_aes_gcm_siv.dir/link.txt -test/CMakeFiles/ut_aes_gcm_siv.dir/progress.make -test/CMakeFiles/ut_aes_gcm_siv.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_aes_gcm_siv.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_aes_gcm_siv.dir/core/shared_util.c.o -test/CMakeFiles/ut_aes_gcm_siv.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_aes_gcm_siv.dir/unit/ut_aes_gcm_siv.c.gcda -test/CMakeFiles/ut_aes_gcm_siv.dir/unit/ut_aes_gcm_siv.c.gcno -test/CMakeFiles/ut_aes_gcm_siv.dir/unit/ut_aes_gcm_siv.c.o -test/CMakeFiles/ut_aes_gcm_siv.dir/unit/ut_aes_gcm_siv.c.o.d -test/CMakeFiles/ut_aos_apply.dir/build.make -test/CMakeFiles/ut_aos_apply.dir/cmake_clean.cmake -test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal -test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal.tmp6591d -test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal.tmp66d0f -test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal.tmp7852e -test/CMakeFiles/ut_aos_apply.dir/compiler_depend.internal.tmpe78a5 -test/CMakeFiles/ut_aos_apply.dir/compiler_depend.make -test/CMakeFiles/ut_aos_apply.dir/compiler_depend.ts -test/CMakeFiles/ut_aos_apply.dir/depend.make -test/CMakeFiles/ut_aos_apply.dir/DependInfo.cmake -test/CMakeFiles/ut_aos_apply.dir/flags.make -test/CMakeFiles/ut_aos_apply.dir/link.txt -test/CMakeFiles/ut_aos_apply.dir/progress.make -test/CMakeFiles/ut_aos_apply.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_aos_apply.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_aos_apply.dir/core/shared_util.c.o -test/CMakeFiles/ut_aos_apply.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_aos_apply.dir/unit/ut_aos_apply.c.gcda -test/CMakeFiles/ut_aos_apply.dir/unit/ut_aos_apply.c.gcno -test/CMakeFiles/ut_aos_apply.dir/unit/ut_aos_apply.c.o -test/CMakeFiles/ut_aos_apply.dir/unit/ut_aos_apply.c.o.d -test/CMakeFiles/ut_aos_process.dir/build.make -test/CMakeFiles/ut_aos_process.dir/cmake_clean.cmake -test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal -test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmp1d940 -test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmp43581 -test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmp692f0 -test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmp9a968 -test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmpb039e -test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmpcf343 -test/CMakeFiles/ut_aos_process.dir/compiler_depend.internal.tmpd8366 -test/CMakeFiles/ut_aos_process.dir/compiler_depend.make -test/CMakeFiles/ut_aos_process.dir/compiler_depend.make.tmp0109b -test/CMakeFiles/ut_aos_process.dir/compiler_depend.ts -test/CMakeFiles/ut_aos_process.dir/depend.make -test/CMakeFiles/ut_aos_process.dir/DependInfo.cmake -test/CMakeFiles/ut_aos_process.dir/flags.make -test/CMakeFiles/ut_aos_process.dir/link.txt -test/CMakeFiles/ut_aos_process.dir/progress.make -test/CMakeFiles/ut_aos_process.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_aos_process.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_aos_process.dir/core/shared_util.c.o -test/CMakeFiles/ut_aos_process.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_aos_process.dir/unit/ut_aos_process.c.gcda -test/CMakeFiles/ut_aos_process.dir/unit/ut_aos_process.c.gcno -test/CMakeFiles/ut_aos_process.dir/unit/ut_aos_process.c.o -test/CMakeFiles/ut_aos_process.dir/unit/ut_aos_process.c.o.d -test/CMakeFiles/ut_crypto.dir/build.make -test/CMakeFiles/ut_crypto.dir/cmake_clean.cmake -test/CMakeFiles/ut_crypto.dir/compiler_depend.internal -test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmp0e029 -test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmp9a785 -test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmp9c660 -test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmpd75d7 -test/CMakeFiles/ut_crypto.dir/compiler_depend.internal.tmpf9940 -test/CMakeFiles/ut_crypto.dir/compiler_depend.make -test/CMakeFiles/ut_crypto.dir/compiler_depend.ts -test/CMakeFiles/ut_crypto.dir/depend.make -test/CMakeFiles/ut_crypto.dir/DependInfo.cmake -test/CMakeFiles/ut_crypto.dir/flags.make -test/CMakeFiles/ut_crypto.dir/link.txt -test/CMakeFiles/ut_crypto.dir/progress.make -test/CMakeFiles/ut_crypto.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_crypto.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_crypto.dir/core/shared_util.c.o -test/CMakeFiles/ut_crypto.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_crypto.dir/unit/ut_crypto.c.gcda -test/CMakeFiles/ut_crypto.dir/unit/ut_crypto.c.gcno -test/CMakeFiles/ut_crypto.dir/unit/ut_crypto.c.o -test/CMakeFiles/ut_crypto.dir/unit/ut_crypto.c.o.d -test/CMakeFiles/ut_crypto_config.dir/build.make -test/CMakeFiles/ut_crypto_config.dir/cmake_clean.cmake -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp1e991 -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp26782 -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp2f7d7 -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp34269 -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmp7bb32 -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmpd62ff -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.internal.tmpf0f8b -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.make -test/CMakeFiles/ut_crypto_config.dir/compiler_depend.ts -test/CMakeFiles/ut_crypto_config.dir/depend.make -test/CMakeFiles/ut_crypto_config.dir/DependInfo.cmake -test/CMakeFiles/ut_crypto_config.dir/flags.make -test/CMakeFiles/ut_crypto_config.dir/link.txt -test/CMakeFiles/ut_crypto_config.dir/progress.make -test/CMakeFiles/ut_crypto_config.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_crypto_config.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_crypto_config.dir/core/shared_util.c.o -test/CMakeFiles/ut_crypto_config.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_crypto_config.dir/unit/ut_crypto_config.c.gcda -test/CMakeFiles/ut_crypto_config.dir/unit/ut_crypto_config.c.gcno -test/CMakeFiles/ut_crypto_config.dir/unit/ut_crypto_config.c.o -test/CMakeFiles/ut_crypto_config.dir/unit/ut_crypto_config.c.o.d -test/CMakeFiles/ut_crypto_mc.dir/build.make -test/CMakeFiles/ut_crypto_mc.dir/cmake_clean.cmake -test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.internal -test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.internal.tmpad969 -test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.internal.tmpdadc6 -test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.make -test/CMakeFiles/ut_crypto_mc.dir/compiler_depend.ts -test/CMakeFiles/ut_crypto_mc.dir/depend.make -test/CMakeFiles/ut_crypto_mc.dir/DependInfo.cmake -test/CMakeFiles/ut_crypto_mc.dir/flags.make -test/CMakeFiles/ut_crypto_mc.dir/link.txt -test/CMakeFiles/ut_crypto_mc.dir/progress.make -test/CMakeFiles/ut_crypto_mc.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_crypto_mc.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_crypto_mc.dir/core/shared_util.c.o -test/CMakeFiles/ut_crypto_mc.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_crypto_mc.dir/unit/ut_crypto_mc.c.gcda -test/CMakeFiles/ut_crypto_mc.dir/unit/ut_crypto_mc.c.gcno -test/CMakeFiles/ut_crypto_mc.dir/unit/ut_crypto_mc.c.o -test/CMakeFiles/ut_crypto_mc.dir/unit/ut_crypto_mc.c.o.d -test/CMakeFiles/ut_ep_key_validation.dir/build.make -test/CMakeFiles/ut_ep_key_validation.dir/cmake_clean.cmake -test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal -test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmp1a3de -test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmp8ca19 -test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmpb3f30 -test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmpbb088 -test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.internal.tmpcaf94 -test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.make -test/CMakeFiles/ut_ep_key_validation.dir/compiler_depend.ts -test/CMakeFiles/ut_ep_key_validation.dir/depend.make -test/CMakeFiles/ut_ep_key_validation.dir/DependInfo.cmake -test/CMakeFiles/ut_ep_key_validation.dir/flags.make -test/CMakeFiles/ut_ep_key_validation.dir/link.txt -test/CMakeFiles/ut_ep_key_validation.dir/progress.make -test/CMakeFiles/ut_ep_key_validation.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_ep_key_validation.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_ep_key_validation.dir/core/shared_util.c.o -test/CMakeFiles/ut_ep_key_validation.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_ep_key_validation.dir/unit/ut_ep_key_validation.c.gcda -test/CMakeFiles/ut_ep_key_validation.dir/unit/ut_ep_key_validation.c.gcno -test/CMakeFiles/ut_ep_key_validation.dir/unit/ut_ep_key_validation.c.o -test/CMakeFiles/ut_ep_key_validation.dir/unit/ut_ep_key_validation.c.o.d -test/CMakeFiles/ut_mysql_m_tls_connection.dir/build.make -test/CMakeFiles/ut_mysql_m_tls_connection.dir/cmake_clean.cmake -test/CMakeFiles/ut_mysql_m_tls_connection.dir/compiler_depend.internal -test/CMakeFiles/ut_mysql_m_tls_connection.dir/compiler_depend.internal.tmpd2ee9 -test/CMakeFiles/ut_mysql_m_tls_connection.dir/compiler_depend.make -test/CMakeFiles/ut_mysql_m_tls_connection.dir/compiler_depend.ts -test/CMakeFiles/ut_mysql_m_tls_connection.dir/depend.make -test/CMakeFiles/ut_mysql_m_tls_connection.dir/DependInfo.cmake -test/CMakeFiles/ut_mysql_m_tls_connection.dir/flags.make -test/CMakeFiles/ut_mysql_m_tls_connection.dir/link.txt -test/CMakeFiles/ut_mysql_m_tls_connection.dir/progress.make -test/CMakeFiles/ut_mysql_m_tls_connection.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_mysql_m_tls_connection.dir/core/shared_util.c.o -test/CMakeFiles/ut_mysql_m_tls_connection.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_mysql_m_tls_connection.dir/unit/ut_mysql_m_tls_connection.c.gcno -test/CMakeFiles/ut_mysql_m_tls_connection.dir/unit/ut_mysql_m_tls_connection.c.o -test/CMakeFiles/ut_mysql_m_tls_connection.dir/unit/ut_mysql_m_tls_connection.c.o.d -test/CMakeFiles/ut_mysql_tls_connection.dir/build.make -test/CMakeFiles/ut_mysql_tls_connection.dir/cmake_clean.cmake -test/CMakeFiles/ut_mysql_tls_connection.dir/compiler_depend.internal -test/CMakeFiles/ut_mysql_tls_connection.dir/compiler_depend.internal.tmp5a860 -test/CMakeFiles/ut_mysql_tls_connection.dir/compiler_depend.make -test/CMakeFiles/ut_mysql_tls_connection.dir/compiler_depend.ts -test/CMakeFiles/ut_mysql_tls_connection.dir/depend.make -test/CMakeFiles/ut_mysql_tls_connection.dir/DependInfo.cmake -test/CMakeFiles/ut_mysql_tls_connection.dir/flags.make -test/CMakeFiles/ut_mysql_tls_connection.dir/link.txt -test/CMakeFiles/ut_mysql_tls_connection.dir/progress.make -test/CMakeFiles/ut_mysql_tls_connection.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_mysql_tls_connection.dir/core/shared_util.c.o -test/CMakeFiles/ut_mysql_tls_connection.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_mysql_tls_connection.dir/unit/ut_mysql_tls_connection.c.gcno -test/CMakeFiles/ut_mysql_tls_connection.dir/unit/ut_mysql_tls_connection.c.o -test/CMakeFiles/ut_mysql_tls_connection.dir/unit/ut_mysql_tls_connection.c.o.d -test/CMakeFiles/ut_sa_save.dir/build.make -test/CMakeFiles/ut_sa_save.dir/cmake_clean.cmake -test/CMakeFiles/ut_sa_save.dir/compiler_depend.internal -test/CMakeFiles/ut_sa_save.dir/compiler_depend.internal.tmp1c114 -test/CMakeFiles/ut_sa_save.dir/compiler_depend.internal.tmp3e9d5 -test/CMakeFiles/ut_sa_save.dir/compiler_depend.internal.tmpa1269 -test/CMakeFiles/ut_sa_save.dir/compiler_depend.make -test/CMakeFiles/ut_sa_save.dir/compiler_depend.ts -test/CMakeFiles/ut_sa_save.dir/depend.make -test/CMakeFiles/ut_sa_save.dir/DependInfo.cmake -test/CMakeFiles/ut_sa_save.dir/flags.make -test/CMakeFiles/ut_sa_save.dir/link.txt -test/CMakeFiles/ut_sa_save.dir/progress.make -test/CMakeFiles/ut_sa_save.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_sa_save.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_sa_save.dir/core/shared_util.c.o -test/CMakeFiles/ut_sa_save.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_sa_save.dir/unit/ut_sa_save.c.gcda -test/CMakeFiles/ut_sa_save.dir/unit/ut_sa_save.c.gcno -test/CMakeFiles/ut_sa_save.dir/unit/ut_sa_save.c.o -test/CMakeFiles/ut_sa_save.dir/unit/ut_sa_save.c.o.d -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/build.make -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/cmake_clean.cmake -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmp1d97b -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmp2bd6f -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmpbf2ef -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmpdf920 -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.internal.tmpe4969 -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.make -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/compiler_depend.ts -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/depend.make -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/DependInfo.cmake -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/flags.make -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/link.txt -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/progress.make -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/core/shared_util.c.o -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/unit/ut_sadb_err_cases_kmc_crypto.c.gcno -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/unit/ut_sadb_err_cases_kmc_crypto.c.o -test/CMakeFiles/ut_sadb_err_cases_kmc_crypto.dir/unit/ut_sadb_err_cases_kmc_crypto.c.o.d -test/CMakeFiles/ut_tc_apply.dir/build.make -test/CMakeFiles/ut_tc_apply.dir/cmake_clean.cmake -test/CMakeFiles/ut_tc_apply.dir/compiler_depend.internal -test/CMakeFiles/ut_tc_apply.dir/compiler_depend.internal.tmp8ecd9 -test/CMakeFiles/ut_tc_apply.dir/compiler_depend.internal.tmpcc9fb -test/CMakeFiles/ut_tc_apply.dir/compiler_depend.make -test/CMakeFiles/ut_tc_apply.dir/compiler_depend.ts -test/CMakeFiles/ut_tc_apply.dir/depend.make -test/CMakeFiles/ut_tc_apply.dir/DependInfo.cmake -test/CMakeFiles/ut_tc_apply.dir/flags.make -test/CMakeFiles/ut_tc_apply.dir/link.txt -test/CMakeFiles/ut_tc_apply.dir/progress.make -test/CMakeFiles/ut_tc_apply.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_tc_apply.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_tc_apply.dir/core/shared_util.c.o -test/CMakeFiles/ut_tc_apply.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_tc_apply.dir/unit/ut_tc_apply.c.gcda -test/CMakeFiles/ut_tc_apply.dir/unit/ut_tc_apply.c.gcno -test/CMakeFiles/ut_tc_apply.dir/unit/ut_tc_apply.c.o -test/CMakeFiles/ut_tc_apply.dir/unit/ut_tc_apply.c.o.d -test/CMakeFiles/ut_tc_process.dir/build.make -test/CMakeFiles/ut_tc_process.dir/cmake_clean.cmake -test/CMakeFiles/ut_tc_process.dir/compiler_depend.internal -test/CMakeFiles/ut_tc_process.dir/compiler_depend.internal.tmp0d844 -test/CMakeFiles/ut_tc_process.dir/compiler_depend.internal.tmp263c3 -test/CMakeFiles/ut_tc_process.dir/compiler_depend.internal.tmp5e58f -test/CMakeFiles/ut_tc_process.dir/compiler_depend.make -test/CMakeFiles/ut_tc_process.dir/compiler_depend.ts -test/CMakeFiles/ut_tc_process.dir/depend.make -test/CMakeFiles/ut_tc_process.dir/DependInfo.cmake -test/CMakeFiles/ut_tc_process.dir/flags.make -test/CMakeFiles/ut_tc_process.dir/link.txt -test/CMakeFiles/ut_tc_process.dir/progress.make -test/CMakeFiles/ut_tc_process.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_tc_process.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_tc_process.dir/core/shared_util.c.o -test/CMakeFiles/ut_tc_process.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_tc_process.dir/unit/ut_tc_process.c.gcda -test/CMakeFiles/ut_tc_process.dir/unit/ut_tc_process.c.gcno -test/CMakeFiles/ut_tc_process.dir/unit/ut_tc_process.c.o -test/CMakeFiles/ut_tc_process.dir/unit/ut_tc_process.c.o.d -test/CMakeFiles/ut_tm_apply.dir/build.make -test/CMakeFiles/ut_tm_apply.dir/cmake_clean.cmake -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmp3533b -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmp39698 -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmp643bc -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmpb2441 -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmpd8be5 -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.internal.tmpff179 -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.make -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.make.tmp8ed4c -test/CMakeFiles/ut_tm_apply.dir/compiler_depend.ts -test/CMakeFiles/ut_tm_apply.dir/depend.make -test/CMakeFiles/ut_tm_apply.dir/DependInfo.cmake -test/CMakeFiles/ut_tm_apply.dir/flags.make -test/CMakeFiles/ut_tm_apply.dir/link.txt -test/CMakeFiles/ut_tm_apply.dir/progress.make -test/CMakeFiles/ut_tm_apply.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_tm_apply.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_tm_apply.dir/core/shared_util.c.o -test/CMakeFiles/ut_tm_apply.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_tm_apply.dir/unit/ut_tm_apply.c.gcda -test/CMakeFiles/ut_tm_apply.dir/unit/ut_tm_apply.c.gcno -test/CMakeFiles/ut_tm_apply.dir/unit/ut_tm_apply.c.o -test/CMakeFiles/ut_tm_apply.dir/unit/ut_tm_apply.c.o.d -test/CMakeFiles/ut_tm_process.dir/build.make -test/CMakeFiles/ut_tm_process.dir/cmake_clean.cmake -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp04d6f -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp43b22 -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp48038 -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp4b32f -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp5f062 -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmp7859e -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmpce567 -test/CMakeFiles/ut_tm_process.dir/compiler_depend.internal.tmpf7073 -test/CMakeFiles/ut_tm_process.dir/compiler_depend.make -test/CMakeFiles/ut_tm_process.dir/compiler_depend.ts -test/CMakeFiles/ut_tm_process.dir/depend.make -test/CMakeFiles/ut_tm_process.dir/DependInfo.cmake -test/CMakeFiles/ut_tm_process.dir/flags.make -test/CMakeFiles/ut_tm_process.dir/link.txt -test/CMakeFiles/ut_tm_process.dir/progress.make -test/CMakeFiles/ut_tm_process.dir/core/shared_util.c.gcda -test/CMakeFiles/ut_tm_process.dir/core/shared_util.c.gcno -test/CMakeFiles/ut_tm_process.dir/core/shared_util.c.o -test/CMakeFiles/ut_tm_process.dir/core/shared_util.c.o.d -test/CMakeFiles/ut_tm_process.dir/unit/ut_tm_process.c.gcda -test/CMakeFiles/ut_tm_process.dir/unit/ut_tm_process.c.gcno -test/CMakeFiles/ut_tm_process.dir/unit/ut_tm_process.c.o -test/CMakeFiles/ut_tm_process.dir/unit/ut_tm_process.c.o.d -Testing/Temporary/CTestCheckpoint.txt -Testing/Temporary/CTestCostData.txt -Testing/Temporary/LastTest.log -Testing/Temporary/LastTest.log.tmp -Testing/Temporary/LastTestsFailed.log +test/CMakeFiles/* +Testing/Temporary/* From 0f4dea4f3d24a495223efd125bf1239782afb550 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 14:39:39 +0000 Subject: [PATCH 130/241] [nasa/cryptolib#331] Remove unused for-loop --- src/sa/internal/sa_interface_inmemory.template.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index ac7daf98..06a65c71 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1519,10 +1519,7 @@ static int32_t sa_setARSNW(void) sa[spi].arsnw_len = ARSN_SIZE; } - for (x = 0; x < sa[spi].arsnw_len; x++) - { - sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 2])); - } + sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 2])); #ifdef PDU_DEBUG printf("ARSN set to: %d\n", sa[spi].arsnw); #endif From b138db3475d31309863ff0dc93366c119ff47415 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 14:46:41 +0000 Subject: [PATCH 131/241] [nasa/cryptolib#331] Remove uninitialized variable --- src/sa/internal/sa_interface_inmemory.template.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 06a65c71..ac29c5fc 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1519,7 +1519,7 @@ static int32_t sa_setARSNW(void) sa[spi].arsnw_len = ARSN_SIZE; } - sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[x + 2])); + sa[spi].arsnw = (((uint8_t)sdls_frame.pdu.data[2])); #ifdef PDU_DEBUG printf("ARSN set to: %d\n", sa[spi].arsnw); #endif From d560e6d4ccebeab44459356414078b76119fc002 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 11 Oct 2024 14:47:12 +0000 Subject: [PATCH 132/241] [nasa/cryptolib#331] Remove uninitialized variable --- src/sa/internal/sa_interface_inmemory.template.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index ac29c5fc..0b716d71 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1502,7 +1502,6 @@ static int32_t sa_setARSNW(void) { // Local variables uint16_t spi = 0x0000; - int x; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; From 697add5835b502a1d11cb0c18fdf68f73e15853e Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Wed, 16 Oct 2024 17:17:43 +0000 Subject: [PATCH 133/241] [nasa/cryptolib#334] Add write permission for actions --- .github/workflows/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bc9e3b35..b89c4b5b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,7 +13,7 @@ name: "CodeQL Advanced" on: push: - branches: [ dev ] + branches: [ dev, 334-resolve-codeql-ci-failures ] pull_request: branches: [ main, dev ] @@ -29,7 +29,7 @@ jobs: packages: read # only required for workflows in private repositories - actions: read + actions: write contents: read env: From e19bd82a46b9e91e54adfb974f3a969f9232e3b6 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Wed, 16 Oct 2024 17:28:52 +0000 Subject: [PATCH 134/241] [nasa/cryptolib#334] Remove testing branch from push triggers --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b89c4b5b..2343be03 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,7 +13,7 @@ name: "CodeQL Advanced" on: push: - branches: [ dev, 334-resolve-codeql-ci-failures ] + branches: [ dev ] pull_request: branches: [ main, dev ] From 2951b624bc535fce13f76c303728f89e66c5f0f7 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 19:07:10 +0000 Subject: [PATCH 135/241] [nasa/cryptolib#299] revisit cpp-linter --- .github/workflows/cpp-linter.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 32483522..93e607f7 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -1,6 +1,8 @@ name: cpp-linter on: + push: + branches: [ 299-setup-code-formatter ] pull_request: branches: [ main, dev ] @@ -9,6 +11,7 @@ jobs: permissions: pull-requests: write contents: write + actions: write runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 @@ -18,5 +21,4 @@ jobs: with: style: 'file' files-changed-only: false - thread-comments: true tidy-review: true From ba69fa7ee5c0417e4eca843d5b6403b2f4001572 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 19:16:13 +0000 Subject: [PATCH 136/241] [nasa/cryptolib#299] try building code in linter --- .github/workflows/cpp-linter.yml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 93e607f7..f2f38ec3 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -15,10 +15,40 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 + - name: Update + run: sudo apt-get update + - name: Install Dependencies + run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 + - name: Install Python Libraries + run: sudo pip install pycryptodome + - name: Install Libgcrypt + run: > + curl + -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 + -o /tmp/libgpg-error-1.50.tar.bz2 + && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ + && cd /tmp/libgpg-error-1.50 + && sudo ./configure + && sudo make install + && curl + -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 + -o /tmp/libgcrypt-1.11.0.tar.bz2 + && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ + && cd /tmp/libgcrypt-1.11.0 + && sudo ./configure + && sudo make install + && sudo ldconfig + # End Container Setup + + - name: Internal Build Script + working-directory: ${{github.workspace}} + run: bash ${GITHUB_WORKSPACE}/support/scripts/build_internal.sh - uses: cpp-linter/cpp-linter-action@main id: linter continue-on-error: true with: style: 'file' files-changed-only: false + thread-comments: true tidy-review: true + format-review: true From ebfe910e71fb89c0f5b8a6131cc5c432d1b34716 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 19:32:00 +0000 Subject: [PATCH 137/241] [nasa/cryptolib#299] try using cpp-linter example job --- .github/workflows/cpp-linter.yml | 34 ++------------------------------ 1 file changed, 2 insertions(+), 32 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index f2f38ec3..3f7b0d33 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -15,40 +15,10 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Update - run: sudo apt-get update - - name: Install Dependencies - run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - - name: Install Python Libraries - run: sudo pip install pycryptodome - - name: Install Libgcrypt - run: > - curl - -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 - -o /tmp/libgpg-error-1.50.tar.bz2 - && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ - && cd /tmp/libgpg-error-1.50 - && sudo ./configure - && sudo make install - && curl - -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 - -o /tmp/libgcrypt-1.11.0.tar.bz2 - && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ - && cd /tmp/libgcrypt-1.11.0 - && sudo ./configure - && sudo make install - && sudo ldconfig - # End Container Setup - - - name: Internal Build Script - working-directory: ${{github.workspace}} - run: bash ${GITHUB_WORKSPACE}/support/scripts/build_internal.sh - uses: cpp-linter/cpp-linter-action@main id: linter continue-on-error: true with: - style: 'file' + style: file files-changed-only: false - thread-comments: true - tidy-review: true - format-review: true + thread-comments: false From 33dbfa0b89b33b5dc10c8d97e29094cc536c087b Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 19:43:29 +0000 Subject: [PATCH 138/241] [nasa/cryptolib#299] testing file-annotations --- .github/workflows/cpp-linter.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 3f7b0d33..55251794 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -15,10 +15,12 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: cpp-linter/cpp-linter-action@main + - uses: cpp-linter/cpp-linter-action@v2 id: linter continue-on-error: true with: style: file + tidy-checks: '' files-changed-only: false - thread-comments: false + file-annotations: true + thread-comments: true From cd813db8905357286bac89365a3df6b0f60b3841 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 19:47:06 +0000 Subject: [PATCH 139/241] [nasa/cryptolib#299] use llvm style --- .github/workflows/cpp-linter.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 55251794..1e494f9b 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -19,8 +19,7 @@ jobs: id: linter continue-on-error: true with: - style: file - tidy-checks: '' + style: 'llvm' files-changed-only: false file-annotations: true thread-comments: true From c22941bf89f17c512f35f413216a7139096c47af Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 19:59:38 +0000 Subject: [PATCH 140/241] [nasa/cryptolib#299] test --- .github/workflows/cpp-linter.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 1e494f9b..34ffe5f7 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -3,6 +3,7 @@ name: cpp-linter on: push: branches: [ 299-setup-code-formatter ] + paths: [ '**.c', '**.h' ] pull_request: branches: [ main, dev ] @@ -17,9 +18,11 @@ jobs: - uses: actions/checkout@v4 - uses: cpp-linter/cpp-linter-action@v2 id: linter - continue-on-error: true with: - style: 'llvm' + style: '' + tidy-checks: '' files-changed-only: false - file-annotations: true - thread-comments: true + verbosity: 'debug' + step-summary: 'true' + no-lgtm: 'false' + passive-reviews: 'true' From def97e0bfe910ff7dee3271136d293de73257184 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 20:00:32 +0000 Subject: [PATCH 141/241] [nasa/cryptolib#299] test --- .github/workflows/cpp-linter.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 34ffe5f7..5b419ca9 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -3,7 +3,6 @@ name: cpp-linter on: push: branches: [ 299-setup-code-formatter ] - paths: [ '**.c', '**.h' ] pull_request: branches: [ main, dev ] From 39a90f9195f35226767fe21b4ab913a633929224 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 20:07:13 +0000 Subject: [PATCH 142/241] [nasa/cryptolib#299] test --- .github/workflows/cpp-linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 5b419ca9..c405bb0d 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -18,7 +18,7 @@ jobs: - uses: cpp-linter/cpp-linter-action@v2 id: linter with: - style: '' + style: 'file' tidy-checks: '' files-changed-only: false verbosity: 'debug' From b4b649009228f73b63c25b49d90d9b67341975a7 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 20:09:53 +0000 Subject: [PATCH 143/241] [nasa/cryptolib#299] test --- .clang-format | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.clang-format b/.clang-format index f4dc1dbb..8408b3bd 100644 --- a/.clang-format +++ b/.clang-format @@ -62,8 +62,4 @@ SpacesInSquareBrackets: false Standard: c++11 TabWidth: 8 UseTab: Never -IncludeDirs: - - ./ - - ./include - - ./test/include ... \ No newline at end of file From 2ba6df10f9101a1ae0994ee5364550746f002719 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 20:13:52 +0000 Subject: [PATCH 144/241] [nasa/cryptolib#299] test --- .clang-format | 2 +- .github/workflows/cpp-linter.yml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.clang-format b/.clang-format index 8408b3bd..0a417bb5 100644 --- a/.clang-format +++ b/.clang-format @@ -62,4 +62,4 @@ SpacesInSquareBrackets: false Standard: c++11 TabWidth: 8 UseTab: Never -... \ No newline at end of file +--- \ No newline at end of file diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index c405bb0d..d6ee39fe 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -19,7 +19,6 @@ jobs: id: linter with: style: 'file' - tidy-checks: '' files-changed-only: false verbosity: 'debug' step-summary: 'true' From 9a4c3f0eda5ca39a07e00a365e4bc3b33a869857 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 20:22:34 +0000 Subject: [PATCH 145/241] [nasa/cryptolib#299] test --- .clang-format | 3 +-- .github/workflows/cpp-linter.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.clang-format b/.clang-format index 0a417bb5..97daf9dd 100644 --- a/.clang-format +++ b/.clang-format @@ -61,5 +61,4 @@ SpacesInParentheses: false SpacesInSquareBrackets: false Standard: c++11 TabWidth: 8 -UseTab: Never ---- \ No newline at end of file +UseTab: Never \ No newline at end of file diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index d6ee39fe..53c5f6d1 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -20,7 +20,7 @@ jobs: with: style: 'file' files-changed-only: false - verbosity: 'debug' + verbosity: 'info' step-summary: 'true' no-lgtm: 'false' passive-reviews: 'true' From 2e3670a17086a263647ac4d6532c923765d9f012 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 17 Oct 2024 21:10:55 +0000 Subject: [PATCH 146/241] [nasa/cryptolib#299] test fixing error using clang-format --- .github/workflows/cpp-linter.yml | 1 + test/include/ut_aes_gcm_siv.h | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 53c5f6d1..0dc00c2e 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -24,3 +24,4 @@ jobs: step-summary: 'true' no-lgtm: 'false' passive-reviews: 'true' + ignore: 'test/include/utest.h' diff --git a/test/include/ut_aes_gcm_siv.h b/test/include/ut_aes_gcm_siv.h index 99fb7572..fcb617de 100644 --- a/test/include/ut_aes_gcm_siv.h +++ b/test/include/ut_aes_gcm_siv.h @@ -15,4 +15,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_AES_GCM_SIV_H \ No newline at end of file +#endif // CRYPTOLIB_UT_AES_GCM_SIV_H \ No newline at end of file From 49a4b1b59be2708b598f459292b9b5b1c86681a4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 18 Oct 2024 13:51:13 +0000 Subject: [PATCH 147/241] [nasa/cryptolib#299] Formatted all '.c' and '.h' files using cFS .clang-format --- include/crypto.h | 373 +-- include/crypto_config.h | 197 +- include/crypto_config_structs.h | 107 +- include/crypto_error.h | 205 +- include/crypto_events.h | 16 +- include/crypto_print.h | 20 +- include/crypto_structs.h | 317 ++- include/cryptography_interface.h | 75 +- include/key_interface.h | 8 +- include/mc_interface.h | 6 +- include/sa_interface.h | 12 +- src/core/crypto.c | 352 +-- src/core/crypto_aos.c | 744 +++--- src/core/crypto_config.c | 419 +-- src/core/crypto_error.c | 285 ++- src/core/crypto_key_mgmt.c | 278 +- src/core/crypto_mc.c | 86 +- src/core/crypto_print.c | 33 +- src/core/crypto_tc.c | 831 +++--- src/core/crypto_tm.c | 846 +++--- src/core/crypto_user.c | 42 +- src/crypto/kmc/base64.c | 250 +- src/crypto/kmc/base64.h | 25 +- src/crypto/kmc/base64url.c | 232 +- src/crypto/kmc/base64url.h | 29 +- ...hy_interface_kmc_crypto_service.template.c | 1656 ++++++------ src/crypto/kmc/jsmn.h | 796 +++--- ...ryptography_interface_libgcrypt.template.c | 453 ++-- .../cryptography_interface_wolfssl.template.c | 458 ++-- .../key_interface_custom_stub.template.c | 3 +- .../key_interface_internal.template.c | 366 +-- .../key_interface_internal_stub.template.c | 3 +- src/key/kmc/key_interface_kmc.template.c | 12 +- .../key_interface_kmc_stub.template.c | 3 +- .../mc_interface_custom_stub.template.c | 3 +- .../disabled/mc_interface_disabled.template.c | 6 +- .../mc_interface_disabled_stub.template.c | 3 +- .../internal/mc_interface_internal.template.c | 34 +- .../mc_interface_internal_stub.template.c | 3 +- src/sa/custom_stub/sa_interface_custom.stub.c | 3 +- .../internal/sa_interface_inmemory.template.c | 962 +++---- .../sa_interface_inmemory.stub.c | 3 +- .../mariadb/sa_interface_mariadb.template.c | 252 +- .../mariadb_stub/sa_interface_mariadb.stub.c | 3 +- support/standalone/standalone.c | 356 +-- support/standalone/standalone.h | 105 +- test/core/apply_security.c | 24 +- test/core/crypto_sequence.c | 28 +- test/core/process_security.c | 22 +- test/core/shared_util.c | 16 +- test/format.py | 64 + test/include/apply_security.h | 2 +- test/include/crypto_sequence.h | 2 +- test/include/et_dt_validation.h | 2 +- test/include/process_security.h | 2 +- test/include/shared_util.h | 12 +- test/include/ut_aos_apply.h | 2 +- test/include/ut_aos_process.h | 2 +- test/include/ut_crypto.h | 2 +- test/include/ut_crypto_config.h | 2 +- test/include/ut_crypto_mc.h | 2 +- test/include/ut_ep_key_mgmt.h | 2 +- test/include/ut_ep_mc.h | 2 +- test/include/ut_ep_sa_mgmt.h | 2 +- test/include/ut_mariadb.h | 2 +- test/include/ut_sa_save.h | 2 +- test/include/ut_tc_apply.h | 2 +- test/include/ut_tc_process.h | 3 +- test/include/ut_tm_apply.h | 2 +- test/include/ut_tm_process.h | 2 +- test/include/utest.h | 1469 ++++++----- test/kmc/ut_kmc_crypto.c | 224 +- test/kmc/ut_kmc_crypto_auth_only.c | 215 +- test/kmc/ut_kmc_crypto_cam.c | 282 +- test/kmc/ut_kmc_crypto_with_mtls_sadb.c | 96 +- test/kmc/ut_mariadb.c | 130 +- test/kmc/ut_tc_kmc.c | 570 +++-- test/performance/pt_auth_as.c | 1202 +++++---- test/performance/pt_auth_enc_as.c | 1090 +++++--- test/performance/pt_auth_enc_ps.c | 857 +++++-- test/performance/pt_gcry_base.c | 88 +- test/unit/et_dt_validation.c | 2272 +++++++++-------- test/unit/ut_aes_gcm_siv.c | 391 +-- test/unit/ut_aos_apply.c | 952 +++++-- test/unit/ut_aos_process.c | 1506 ++++++++--- test/unit/ut_crypto.c | 176 +- test/unit/ut_crypto_config.c | 156 +- test/unit/ut_ep_key_mgmt.c | 358 +-- test/unit/ut_ep_mc.c | 190 +- test/unit/ut_ep_sa_mgmt.c | 247 +- test/unit/ut_mysql_m_tls_connection.c | 134 +- test/unit/ut_mysql_tls_connection.c | 115 +- test/unit/ut_sa_save.c | 351 ++- test/unit/ut_sadb_err_cases_kmc_crypto.c | 203 +- test/unit/ut_tc_apply.c | 946 +++---- test/unit/ut_tc_process.c | 896 ++++--- test/unit/ut_tm_apply.c | 1581 +++++++++--- test/unit/ut_tm_process.c | 1607 +++++++++--- 98 files changed, 17394 insertions(+), 12384 deletions(-) create mode 100644 test/format.py diff --git a/include/crypto.h b/include/crypto.h index 8faa850a..9c6fa13d 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -49,177 +49,218 @@ */ #define CRYPTO_LIB_MAJOR_VERSION 1 #define CRYPTO_LIB_MINOR_VERSION 3 -#define CRYPTO_LIB_REVISION 1 -#define CRYPTO_LIB_MISSION_REV 0 +#define CRYPTO_LIB_REVISION 1 +#define CRYPTO_LIB_MISSION_REV 0 #define GVCID_MAX_PARAM_SIZE 250 -#define CRC32TBL_SIZE 256 -#define CRC16TBL_SIZE 256 - +#define CRC32TBL_SIZE 256 +#define CRC16TBL_SIZE 256 /* ** User Prototypes */ // Crypto Library Configuration functions -extern int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t mc_type, uint8_t sa_type, uint8_t cryptography_type, - uint8_t iv_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, +extern int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t mc_type, uint8_t sa_type, uint8_t cryptography_type, + uint8_t iv_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, - uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, + uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, uint8_t crypto_increment_nontransmitted_iv); -extern int32_t Crypto_Config_MariaDB(char* mysql_hostname, char* mysql_database, uint16_t mysql_port, +extern int32_t Crypto_Config_MariaDB(char *mysql_hostname, char *mysql_database, uint16_t mysql_port, uint8_t mysql_require_secure_transport, uint8_t mysql_tls_verify_server, - char* mysql_tls_ca, char* mysql_tls_capath, char* mysql_mtls_cert, - char* mysql_mtls_key, - char* mysql_mtls_client_key_password, char* mysql_username, char* mysql_password); -extern int32_t Crypto_Config_Kmc_Crypto_Service(char* protocol, char* kmc_crypto_hostname, uint16_t kmc_crypto_port, - char* kmc_crypto_app, char* kmc_tls_ca_bundle, char* kmc_tls_ca_path, - uint8_t kmc_ignore_ssl_hostname_validation, char* mtls_client_cert_path, - char* mtls_client_cert_type, char* mtls_client_key_path, - char* mtls_client_key_pass, char* mtls_issuer_cert); -extern int32_t Crypto_Config_Cam(uint8_t cam_enabled, char* cookie_file_path, char* keytab_file_path, uint8_t login_method, char* access_manager_uri, char* username, char* cam_home); + char *mysql_tls_ca, char *mysql_tls_capath, char *mysql_mtls_cert, + char *mysql_mtls_key, char *mysql_mtls_client_key_password, char *mysql_username, + char *mysql_password); +extern int32_t Crypto_Config_Kmc_Crypto_Service(char *protocol, char *kmc_crypto_hostname, uint16_t kmc_crypto_port, + char *kmc_crypto_app, char *kmc_tls_ca_bundle, char *kmc_tls_ca_path, + uint8_t kmc_ignore_ssl_hostname_validation, char *mtls_client_cert_path, + char *mtls_client_cert_type, char *mtls_client_key_path, + char *mtls_client_key_pass, char *mtls_issuer_cert); +extern int32_t Crypto_Config_Cam(uint8_t cam_enabled, char *cookie_file_path, char *keytab_file_path, + uint8_t login_method, char *access_manager_uri, char *username, char *cam_home); extern int32_t Crypto_Config_Add_Gvcid_Managed_Parameters(GvcidManagedParameters_t mp_struct); // Initialization extern int32_t Crypto_Init(void); // Initialize CryptoLib After Configuration Calls extern int32_t Crypto_Init_With_Configs( - CryptoConfig_t* crypto_config_p, GvcidManagedParameters_t* gvcid_managed_parameters_p, - SadbMariaDBConfig_t* sa_mariadb_config_p, - CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config_p); // Initialize CryptoLib With Application Defined Configuration -extern int32_t Crypto_SC_Init(void); // Initialize CryptoLib with Spacecraft default Configurations -extern int32_t Crypto_Init_TC_Unit_Test(void); // Initialize CryptoLib with unit test default Configurations -extern int32_t Crypto_Init_TM_Unit_Test(void); // Initialize CryptoLib with unit test default Configurations -extern int32_t Crypto_Init_AOS_Unit_Test(void); // Initialize CryptoLib with unit test default Configurations + CryptoConfig_t *crypto_config_p, GvcidManagedParameters_t *gvcid_managed_parameters_p, + SadbMariaDBConfig_t *sa_mariadb_config_p, + CryptographyKmcCryptoServiceConfig_t + *cryptography_kmc_crypto_config_p); // Initialize CryptoLib With Application Defined Configuration +extern int32_t Crypto_SC_Init(void); // Initialize CryptoLib with Spacecraft default Configurations +extern int32_t Crypto_Init_TC_Unit_Test(void); // Initialize CryptoLib with unit test default Configurations +extern int32_t Crypto_Init_TM_Unit_Test(void); // Initialize CryptoLib with unit test default Configurations +extern int32_t Crypto_Init_AOS_Unit_Test(void); // Initialize CryptoLib with unit test default Configurations // Cleanup extern int32_t Crypto_Shutdown(void); // Free all allocated memory // Telecommand (TC) -extern int32_t Crypto_TC_ApplySecurity(const uint8_t* p_in_frame, const uint16_t in_frame_length, - uint8_t** pp_enc_frame, uint16_t* p_enc_frame_len); -extern int32_t Crypto_TC_ProcessSecurity(uint8_t* ingest, int *len_ingest, TC_t* tc_sdls_processed_frame); -extern int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in_frame_length, - uint8_t** pp_enc_frame, uint16_t* p_enc_frame_len, char* cam_cookies); -extern int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc_sdls_processed_frame, char* cam_cookies); - -int32_t Crypto_TC_Get_SA_Service_Type(uint8_t* sa_service_type, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TC_Parse_Check_FECF(uint8_t* ingest, int* len_ingest, TC_t* tc_sdls_processed_frame); -int32_t Crypto_TC_Nontransmitted_IV_Increment(SecurityAssociation_t* sa_ptr, TC_t* tc_sdls_processed_frame); -int32_t Crypto_TC_Nontransmitted_SN_Increment(SecurityAssociation_t* sa_ptr, TC_t* tc_sdls_processed_frame); -int32_t Crypto_TC_Check_ACS_Keylen(crypto_key_t* akp, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TC_Check_ECS_Keylen(crypto_key_t* ekp, SecurityAssociation_t* sa_ptr); -void Crypto_TC_Safe_Free_Ptr(uint8_t* ptr); -int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, crypto_key_t* ekp, SecurityAssociation_t* sa_ptr, uint8_t* aad, TC_t* tc_sdls_processed_frame, uint8_t* ingest, uint16_t tc_enc_payload_start_index, uint16_t aad_len, char* cam_cookies, crypto_key_t* akp, uint8_t segment_hdr_len); -int32_t Crypto_TC_Process_Sanity_Check(int* len_ingest); -int32_t Crypto_TC_Prep_AAD(TC_t* tc_sdls_processed_frame, uint8_t fecf_len, uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, uint16_t* aad_len, SecurityAssociation_t* sa_ptr, uint8_t segment_hdr_len, uint8_t* ingest, uint8_t** aad); -int32_t Crypto_TC_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TC_Check_IV_ARSN(SecurityAssociation_t* sa_ptr,TC_t* tc_sdls_processed_frame); -uint32_t Crypto_TC_Sanity_Validations(TC_t* tc_sdls_processed_frame, SecurityAssociation_t** sa_ptr); -void Crypto_TC_Get_Ciper_Mode_TCP(uint8_t sa_service_type, uint32_t* encryption_cipher, uint8_t* ecs_is_aead_algorithm, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TC_Get_Ciper_Mode_TCA(uint8_t sa_service_type, uint32_t* encryption_cipher, uint8_t* ecs_is_aead_algorithm, SecurityAssociation_t* sa_ptr); -void Crypto_TC_Calc_Lengths(uint8_t* fecf_len, uint8_t* segment_hdr_len); -void Crypto_TC_Set_Segment_Header(TC_t* tc_sdls_processed_frame, uint8_t* ingest, int* byte_idx); +extern int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_frame_length, + uint8_t **pp_enc_frame, uint16_t *p_enc_frame_len); +extern int32_t Crypto_TC_ProcessSecurity(uint8_t *ingest, int *len_ingest, TC_t *tc_sdls_processed_frame); +extern int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t *p_in_frame, const uint16_t in_frame_length, + uint8_t **pp_enc_frame, uint16_t *p_enc_frame_len, char *cam_cookies); +extern int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc_sdls_processed_frame, + char *cam_cookies); + +int32_t Crypto_TC_Get_SA_Service_Type(uint8_t *sa_service_type, SecurityAssociation_t *sa_ptr); +int32_t Crypto_TC_Parse_Check_FECF(uint8_t *ingest, int *len_ingest, TC_t *tc_sdls_processed_frame); +int32_t Crypto_TC_Nontransmitted_IV_Increment(SecurityAssociation_t *sa_ptr, TC_t *tc_sdls_processed_frame); +int32_t Crypto_TC_Nontransmitted_SN_Increment(SecurityAssociation_t *sa_ptr, TC_t *tc_sdls_processed_frame); +int32_t Crypto_TC_Check_ACS_Keylen(crypto_key_t *akp, SecurityAssociation_t *sa_ptr); +int32_t Crypto_TC_Check_ECS_Keylen(crypto_key_t *ekp, SecurityAssociation_t *sa_ptr); +void Crypto_TC_Safe_Free_Ptr(uint8_t *ptr); +int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, crypto_key_t *ekp, + SecurityAssociation_t *sa_ptr, uint8_t *aad, TC_t *tc_sdls_processed_frame, + uint8_t *ingest, uint16_t tc_enc_payload_start_index, uint16_t aad_len, char *cam_cookies, + crypto_key_t *akp, uint8_t segment_hdr_len); +int32_t Crypto_TC_Process_Sanity_Check(int *len_ingest); +int32_t Crypto_TC_Prep_AAD(TC_t *tc_sdls_processed_frame, uint8_t fecf_len, uint8_t sa_service_type, + uint8_t ecs_is_aead_algorithm, uint16_t *aad_len, SecurityAssociation_t *sa_ptr, + uint8_t segment_hdr_len, uint8_t *ingest, uint8_t **aad); +int32_t Crypto_TC_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssociation_t *sa_ptr); +int32_t Crypto_TC_Check_IV_ARSN(SecurityAssociation_t *sa_ptr, TC_t *tc_sdls_processed_frame); +uint32_t Crypto_TC_Sanity_Validations(TC_t *tc_sdls_processed_frame, SecurityAssociation_t **sa_ptr); +void Crypto_TC_Get_Ciper_Mode_TCP(uint8_t sa_service_type, uint32_t *encryption_cipher, uint8_t *ecs_is_aead_algorithm, + SecurityAssociation_t *sa_ptr); +int32_t Crypto_TC_Get_Ciper_Mode_TCA(uint8_t sa_service_type, uint32_t *encryption_cipher, + uint8_t *ecs_is_aead_algorithm, SecurityAssociation_t *sa_ptr); +void Crypto_TC_Calc_Lengths(uint8_t *fecf_len, uint8_t *segment_hdr_len); +void Crypto_TC_Set_Segment_Header(TC_t *tc_sdls_processed_frame, uint8_t *ingest, int *byte_idx); int32_t Crypto_TC_Check_CMD_Frame_Flag(uint8_t header_cc); int32_t Crypto_TC_Validate_SA_Service_Type(uint8_t sa_service_type); -int32_t Crypto_TC_Handle_Enc_Padding(uint8_t sa_service_type, uint32_t* pkcs_padding, uint16_t* p_enc_frame_len, uint16_t* new_enc_frame_header_field_length, uint16_t tf_payload_len, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TC_Frame_Validation(uint16_t* p_enc_frame_len); -int32_t Crypto_TC_Accio_Buffer(uint8_t** p_new_enc_frame, uint16_t* p_enc_frame_len); -int32_t Crypto_TC_ACS_Algo_Check(SecurityAssociation_t* sa_ptr); -int32_t Crypto_TC_Check_IV_Setup(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame, uint16_t *index); -int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint16_t* mac_loc, uint16_t tf_payload_len, uint8_t segment_hdr_len, uint8_t* p_new_enc_frame, crypto_key_t* ekp, uint8_t** aad, uint8_t ecs_is_aead_algorithm, uint16_t *index_p, const uint8_t* p_in_frame, char* cam_cookies, uint32_t pkcs_padding); -void Crypto_TC_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TC_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint16_t* mac_loc, uint16_t tf_payload_len, uint8_t segment_hdr_len, uint8_t* p_new_enc_frame, crypto_key_t* ekp, uint8_t** aad, uint8_t ecs_is_aead_algorithm, uint16_t *index_p, const uint8_t* p_in_frame, char* cam_cookies, uint32_t pkcs_padding, uint16_t new_enc_frame_header_field_length, uint16_t* new_fecf); +int32_t Crypto_TC_Handle_Enc_Padding(uint8_t sa_service_type, uint32_t *pkcs_padding, uint16_t *p_enc_frame_len, + uint16_t *new_enc_frame_header_field_length, uint16_t tf_payload_len, + SecurityAssociation_t *sa_ptr); +int32_t Crypto_TC_Frame_Validation(uint16_t *p_enc_frame_len); +int32_t Crypto_TC_Accio_Buffer(uint8_t **p_new_enc_frame, uint16_t *p_enc_frame_len); +int32_t Crypto_TC_ACS_Algo_Check(SecurityAssociation_t *sa_ptr); +int32_t Crypto_TC_Check_IV_Setup(SecurityAssociation_t *sa_ptr, uint8_t *p_new_enc_frame, uint16_t *index); +int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint16_t *mac_loc, + uint16_t tf_payload_len, uint8_t segment_hdr_len, uint8_t *p_new_enc_frame, + crypto_key_t *ekp, uint8_t **aad, uint8_t ecs_is_aead_algorithm, + uint16_t *index_p, const uint8_t *p_in_frame, char *cam_cookies, + uint32_t pkcs_padding); +void Crypto_TC_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr); +int32_t Crypto_TC_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint16_t *mac_loc, + uint16_t tf_payload_len, uint8_t segment_hdr_len, uint8_t *p_new_enc_frame, + crypto_key_t *ekp, uint8_t **aad, uint8_t ecs_is_aead_algorithm, uint16_t *index_p, + const uint8_t *p_in_frame, char *cam_cookies, uint32_t pkcs_padding, + uint16_t new_enc_frame_header_field_length, uint16_t *new_fecf); int32_t Crypto_TC_Check_Init_Setup(uint16_t in_frame_length); -int32_t Crypto_TC_Sanity_Setup(const uint8_t* p_in_frame, const uint16_t in_frame_length); -int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_FramePrimaryHeader_t temp_tc_header, const uint8_t* p_in_frame, uint8_t* map_id, uint8_t* segmentation_hdr, SecurityAssociation_t** sa_ptr); -int32_t Crypto_TC_Finalize_Frame_Setup(uint8_t sa_service_type, uint32_t* pkcs_padding, uint16_t* p_enc_frame_len, uint16_t* new_enc_frame_header_field_length, uint16_t tf_payload_len, SecurityAssociation_t** sa_ptr, uint8_t** p_new_enc_frame); -void Crypto_TC_Handle_Padding(uint32_t pkcs_padding, SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame, uint16_t* index); -int32_t Crypto_TC_Set_IV(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame, uint16_t* index); - - - +int32_t Crypto_TC_Sanity_Setup(const uint8_t *p_in_frame, const uint16_t in_frame_length); +int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_FramePrimaryHeader_t temp_tc_header, + const uint8_t *p_in_frame, uint8_t *map_id, uint8_t *segmentation_hdr, + SecurityAssociation_t **sa_ptr); +int32_t Crypto_TC_Finalize_Frame_Setup(uint8_t sa_service_type, uint32_t *pkcs_padding, uint16_t *p_enc_frame_len, + uint16_t *new_enc_frame_header_field_length, uint16_t tf_payload_len, + SecurityAssociation_t **sa_ptr, uint8_t **p_new_enc_frame); +void Crypto_TC_Handle_Padding(uint32_t pkcs_padding, SecurityAssociation_t *sa_ptr, uint8_t *p_new_enc_frame, + uint16_t *index); +int32_t Crypto_TC_Set_IV(SecurityAssociation_t *sa_ptr, uint8_t *p_new_enc_frame, uint16_t *index); // Telemetry (TM) -extern int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer); -extern int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length); +extern int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer); +extern int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame, + uint16_t *p_decrypted_length); // Advanced Orbiting Systems (AOS) -extern int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer); -extern int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length); - +extern int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer); +extern int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame, + uint16_t *p_decrypted_length); // Crypo Error Support Functions -extern char* Crypto_Get_Error_Code_Enum_String(int32_t crypto_error_code); +extern char *Crypto_Get_Error_Code_Enum_String(int32_t crypto_error_code); /* ** Internal Prototypes */ // Telemetry (TM) -int32_t Crypto_TM_Sanity_Check(uint8_t* pTfBuffer); -int32_t Crypto_TM_Determine_SA_Service_Type(uint8_t* sa_service_type, SecurityAssociation_t* sa_ptr); -void Crypto_TM_Check_For_Secondary_Header(uint8_t* pTfBuffer, uint16_t* idx); -int32_t Crypto_TM_IV_Sanity_Check(uint8_t* sa_service_type, SecurityAssociation_t* sa_ptr); -void Crypto_TM_PKCS_Padding(uint32_t* pkcs_padding, SecurityAssociation_t* sa_ptr, uint8_t* pTfBuffer, uint16_t* idx_p); -void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t* pdu_len); -int32_t Crypto_TM_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, uint16_t* aad_len, int* mac_loc, uint16_t* idx_p, uint16_t pdu_len, uint8_t* pTfBuffer, uint8_t* aad, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT_AEAD_Logic(uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, uint8_t* pTfBuffer, uint16_t pdu_len, uint16_t data_loc, crypto_key_t* ekp, crypto_key_t* akp, uint32_t pkcs_padding, int* mac_loc, uint16_t* aad_len, uint8_t* aad, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TM_Do_Encrypt_Handle_Increment(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint16_t* aad_len, int* mac_loc, uint16_t* idx_p, uint16_t pdu_len, uint8_t* pTfBuffer, uint8_t* aad, uint8_t ecs_is_aead_algorithm, uint16_t data_loc, crypto_key_t* ekp, crypto_key_t* akp, uint32_t pkcs_padding, uint16_t* new_fecf); -void Crypto_TM_ApplySecurity_Debug_Print(uint16_t idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); -int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t* byte_idx, uint8_t* p_ingest, uint8_t* secondary_hdr_len); -int32_t Crypto_TM_Determine_Cipher_Mode(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint32_t* encryption_cipher, uint8_t* ecs_is_aead_algorithm); -int32_t Crypto_TM_FECF_Setup(uint8_t* p_ingest, uint16_t len_ingest); -int32_t Crypto_TM_Parse_Mac_Prep_AAD(uint8_t sa_service_type, uint8_t* p_ingest, int mac_loc, SecurityAssociation_t* sa_ptr, uint16_t* aad_len, uint16_t byte_idx, uint8_t* aad); -int32_t Crypto_TM_Do_Decrypt_AEAD(uint8_t sa_service_type, uint8_t* p_ingest, uint8_t* p_new_dec_frame, uint16_t byte_idx, uint16_t pdu_len, crypto_key_t* ekp, SecurityAssociation_t* sa_ptr, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad); -int32_t Crypto_TM_Do_Decrypt_NONAEAD(uint8_t sa_service_type, uint16_t pdu_len, uint8_t* p_new_dec_frame, uint16_t byte_idx, uint8_t* p_ingest, crypto_key_t* akp, crypto_key_t* ekp, SecurityAssociation_t* sa_ptr, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad); -void Crypto_TM_Calc_PDU_MAC(uint16_t* pdu_len, uint16_t byte_idx, SecurityAssociation_t* sa_ptr, int* mac_loc); -int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint8_t ecs_is_aead_algorithm, uint16_t byte_idx, uint8_t* p_new_dec_frame, uint16_t pdu_len, uint8_t* p_ingest, crypto_key_t* ekp, crypto_key_t* akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length); -void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr); - -extern int32_t Crypto_increment(uint8_t* num, int length); -int32_t Crypto_Get_tmLength(int len); -uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id); -void Crypto_TM_updatePDU(uint8_t* ingest, int len_ingest); -void Crypto_TM_updateOCF(void); -uint8_t* Crypto_Prepare_TC_AAD(uint8_t* buffer, uint16_t len_aad, uint8_t* abm_buffer); -uint32_t Crypto_Prepare_TM_AAD(const uint8_t* buffer, uint16_t len_aad, const uint8_t* abm_buffer, uint8_t* aad); -uint32_t Crypto_Prepare_AOS_AAD(const uint8_t* buffer, uint16_t len_aad, const uint8_t* abm_buffer, uint8_t* aad); -void Crypto_Local_Config(void); -void Crypto_Local_Init(void); -int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window); -uint16_t Crypto_Calc_FECF(const uint8_t* ingest, int len_ingest); -void Crypto_Calc_CRC_Init_Table(void); -uint16_t Crypto_Calc_CRC16(uint8_t* data, int size); -int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, uint8_t *iv); -int32_t Crypto_Get_ECS_Algo_Keylen(uint8_t algo); -int32_t Crypto_Get_ACS_Algo_Keylen(uint8_t algo); - -int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t* sa_ptr, uint8_t* arsn, uint8_t* iv); -int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* arsn, int8_t* arsn_valid); -int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, int8_t* iv_valid); +int32_t Crypto_TM_Sanity_Check(uint8_t *pTfBuffer); +int32_t Crypto_TM_Determine_SA_Service_Type(uint8_t *sa_service_type, SecurityAssociation_t *sa_ptr); +void Crypto_TM_Check_For_Secondary_Header(uint8_t *pTfBuffer, uint16_t *idx); +int32_t Crypto_TM_IV_Sanity_Check(uint8_t *sa_service_type, SecurityAssociation_t *sa_ptr); +void Crypto_TM_PKCS_Padding(uint32_t *pkcs_padding, SecurityAssociation_t *sa_ptr, uint8_t *pTfBuffer, uint16_t *idx_p); +void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t *pdu_len); +int32_t Crypto_TM_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssociation_t *sa_ptr); +int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, uint16_t *aad_len, int *mac_loc, uint16_t *idx_p, + uint16_t pdu_len, uint8_t *pTfBuffer, uint8_t *aad, + SecurityAssociation_t *sa_ptr); +int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT_AEAD_Logic(uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, + uint8_t *pTfBuffer, uint16_t pdu_len, uint16_t data_loc, + crypto_key_t *ekp, crypto_key_t *akp, uint32_t pkcs_padding, + int *mac_loc, uint16_t *aad_len, uint8_t *aad, + SecurityAssociation_t *sa_ptr); +int32_t Crypto_TM_Do_Encrypt_Handle_Increment(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr); +int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint16_t *aad_len, int *mac_loc, + uint16_t *idx_p, uint16_t pdu_len, uint8_t *pTfBuffer, uint8_t *aad, + uint8_t ecs_is_aead_algorithm, uint16_t data_loc, crypto_key_t *ekp, crypto_key_t *akp, + uint32_t pkcs_padding, uint16_t *new_fecf); +void Crypto_TM_ApplySecurity_Debug_Print(uint16_t idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); +int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t *byte_idx, uint8_t *p_ingest, uint8_t *secondary_hdr_len); +int32_t Crypto_TM_Determine_Cipher_Mode(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, + uint32_t *encryption_cipher, uint8_t *ecs_is_aead_algorithm); +int32_t Crypto_TM_FECF_Setup(uint8_t *p_ingest, uint16_t len_ingest); +int32_t Crypto_TM_Parse_Mac_Prep_AAD(uint8_t sa_service_type, uint8_t *p_ingest, int mac_loc, + SecurityAssociation_t *sa_ptr, uint16_t *aad_len, uint16_t byte_idx, uint8_t *aad); +int32_t Crypto_TM_Do_Decrypt_AEAD(uint8_t sa_service_type, uint8_t *p_ingest, uint8_t *p_new_dec_frame, + uint16_t byte_idx, uint16_t pdu_len, crypto_key_t *ekp, SecurityAssociation_t *sa_ptr, + uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t *aad); +int32_t Crypto_TM_Do_Decrypt_NONAEAD(uint8_t sa_service_type, uint16_t pdu_len, uint8_t *p_new_dec_frame, + uint16_t byte_idx, uint8_t *p_ingest, crypto_key_t *akp, crypto_key_t *ekp, + SecurityAssociation_t *sa_ptr, uint8_t iv_loc, int mac_loc, uint16_t aad_len, + uint8_t *aad); +void Crypto_TM_Calc_PDU_MAC(uint16_t *pdu_len, uint16_t byte_idx, SecurityAssociation_t *sa_ptr, int *mac_loc); +int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint8_t ecs_is_aead_algorithm, + uint16_t byte_idx, uint8_t *p_new_dec_frame, uint16_t pdu_len, uint8_t *p_ingest, + crypto_key_t *ekp, crypto_key_t *akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, + uint8_t *aad, uint8_t **pp_processed_frame, uint16_t *p_decrypted_length); +void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); + +extern int32_t Crypto_increment(uint8_t *num, int length); +int32_t Crypto_Get_tmLength(int len); +uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id); +void Crypto_TM_updatePDU(uint8_t *ingest, int len_ingest); +void Crypto_TM_updateOCF(void); +uint8_t *Crypto_Prepare_TC_AAD(uint8_t *buffer, uint16_t len_aad, uint8_t *abm_buffer); +uint32_t Crypto_Prepare_TM_AAD(const uint8_t *buffer, uint16_t len_aad, const uint8_t *abm_buffer, uint8_t *aad); +uint32_t Crypto_Prepare_AOS_AAD(const uint8_t *buffer, uint16_t len_aad, const uint8_t *abm_buffer, uint8_t *aad); +void Crypto_Local_Config(void); +void Crypto_Local_Init(void); +int32_t Crypto_window(uint8_t *actual, uint8_t *expected, int length, int window); +uint16_t Crypto_Calc_FECF(const uint8_t *ingest, int len_ingest); +void Crypto_Calc_CRC_Init_Table(void); +uint16_t Crypto_Calc_CRC16(uint8_t *data, int size); +int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, uint8_t *iv); +int32_t Crypto_Get_ECS_Algo_Keylen(uint8_t algo); +int32_t Crypto_Get_ACS_Algo_Keylen(uint8_t algo); + +int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t *sa_ptr, uint8_t *arsn, uint8_t *iv); +int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t *sa_ptr, uint8_t *arsn, int8_t *arsn_valid); +int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t *sa_ptr, uint8_t *iv, int8_t *iv_valid); // SDLS Related Functions -extern uint8_t Crypto_Prep_Reply(uint8_t* ingest, uint8_t appID); -extern void Crypto_Print_Sdls_Ep_Reply(void); -extern int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t* buffer, uint16_t* length); +extern uint8_t Crypto_Prep_Reply(uint8_t *ingest, uint8_t appID); +extern void Crypto_Print_Sdls_Ep_Reply(void); +extern int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t *buffer, uint16_t *length); // Key Management Functions int32_t Crypto_Key_OTAR(void); int32_t Crypto_Key_update(uint8_t state); -int32_t Crypto_Key_inventory(uint8_t*); -int32_t Crypto_Key_verify(TC_t* tc_frame); +int32_t Crypto_Key_inventory(uint8_t *); +int32_t Crypto_Key_verify(TC_t *tc_frame); // Security Monitoring & Control Procedure -int32_t Crypto_MC_ping(uint8_t* ingest); -int32_t Crypto_MC_status(uint8_t* ingest); -int32_t Crypto_MC_dump(uint8_t* ingest); -int32_t Crypto_MC_erase(uint8_t* ingest); -int32_t Crypto_MC_selftest(uint8_t* ingest); -int32_t Crypto_SA_readARSN(uint8_t* ingest); +int32_t Crypto_MC_ping(uint8_t *ingest); +int32_t Crypto_MC_status(uint8_t *ingest); +int32_t Crypto_MC_dump(uint8_t *ingest); +int32_t Crypto_MC_erase(uint8_t *ingest); +int32_t Crypto_MC_selftest(uint8_t *ingest); +int32_t Crypto_SA_readARSN(uint8_t *ingest); int32_t Crypto_MC_resetalarm(void); // User Functions -int32_t Crypto_User_IdleTrigger(uint8_t* ingest); +int32_t Crypto_User_IdleTrigger(uint8_t *ingest); int32_t Crypto_User_BadSPI(void); int32_t Crypto_User_BadIV(void); int32_t Crypto_User_BadMAC(void); @@ -229,70 +270,70 @@ int32_t Crypto_User_ModifyActiveTM(void); int32_t Crypto_User_ModifyVCID(void); // SA Save Functions -int32_t sa_perform_save(SecurityAssociation_t* sa); +int32_t sa_perform_save(SecurityAssociation_t *sa); // Clean REF -void clean_ekref(SecurityAssociation_t* sa); -void clean_akref(SecurityAssociation_t* sa); +void clean_ekref(SecurityAssociation_t *sa); +void clean_akref(SecurityAssociation_t *sa); // Determine Payload Data Unit -int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uint8_t* ingest); -int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame); -int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame); -int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame); -int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest); -int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest); +int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uint8_t *ingest); +int32_t Crypto_PDU(uint8_t *ingest, TC_t *tc_frame); +int32_t Crypto_SG_KEY_MGMT(uint8_t *ingest, TC_t *tc_frame); +int32_t Crypto_SG_SA_MGMT(uint8_t *ingest, TC_t *tc_frame); +int32_t Crypto_SEC_MON_CTRL(uint8_t *ingest); +int32_t Crypto_USER_DEFINED_CMD(uint8_t *ingest); // Managed Parameter Functions int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uint8_t vcid, - GvcidManagedParameters_t* managed_parameters_in, - GvcidManagedParameters_t* managed_parameters_out); + GvcidManagedParameters_t *managed_parameters_in, + GvcidManagedParameters_t *managed_parameters_out); // Project-wide support functions -extern char* crypto_deep_copy_string(char* src_string); +extern char *crypto_deep_copy_string(char *src_string); /* ** Extern Global Variables -*/ +*/ // Data stores used in multiple components -extern CCSDS_t sdls_frame; +extern CCSDS_t sdls_frame; extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; -extern uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; +extern uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; // extern TM_t tm_frame; -extern uint8_t tm_frame[1786]; -extern TM_FramePrimaryHeader_t tm_frame_pri_hdr; +extern uint8_t tm_frame[1786]; +extern TM_FramePrimaryHeader_t tm_frame_pri_hdr; extern TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // exterm AOS_t aos_frame -extern AOS_FramePrimaryHeader_t aos_frame_pri_hdr; +extern AOS_FramePrimaryHeader_t aos_frame_pri_hdr; extern AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication // Global configuration structs -extern CryptoConfig_t crypto_config; -extern SadbMariaDBConfig_t* sa_mariadb_config; -extern CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config; -extern CamConfig_t* cam_config; -extern GvcidManagedParameters_t* gvcid_managed_parameters; -extern GvcidManagedParameters_t* current_managed_parameters; -extern GvcidManagedParameters_t gvcid_managed_parameters_array[GVCID_MAX_PARAM_SIZE]; -extern GvcidManagedParameters_t current_managed_parameters_struct; -extern int gvcid_counter; -extern KeyInterface key_if; -extern McInterface mc_if; -extern SaInterface sa_if; -extern CryptographyInterface cryptography_if; +extern CryptoConfig_t crypto_config; +extern SadbMariaDBConfig_t *sa_mariadb_config; +extern CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config; +extern CamConfig_t *cam_config; +extern GvcidManagedParameters_t *gvcid_managed_parameters; +extern GvcidManagedParameters_t *current_managed_parameters; +extern GvcidManagedParameters_t gvcid_managed_parameters_array[GVCID_MAX_PARAM_SIZE]; +extern GvcidManagedParameters_t current_managed_parameters_struct; +extern int gvcid_counter; +extern KeyInterface key_if; +extern McInterface mc_if; +extern SaInterface sa_if; +extern CryptographyInterface cryptography_if; // extern crypto_key_t ak_ring[NUM_KEYS]; -extern SadbMariaDBConfig_t* sa_mariadb_config; -extern GvcidManagedParameters_t* gvcid_managed_parameters; -extern GvcidManagedParameters_t* current_managed_parameters; +extern SadbMariaDBConfig_t *sa_mariadb_config; +extern GvcidManagedParameters_t *gvcid_managed_parameters; +extern GvcidManagedParameters_t *current_managed_parameters; // OCF -extern uint8_t ocf; -extern SDLS_FSR_t report; +extern uint8_t ocf; +extern SDLS_FSR_t report; extern Telemetry_Frame_Clcw_t clcw; // Flags -extern SDLS_MC_LOG_RPLY_t log_summary; +extern SDLS_MC_LOG_RPLY_t log_summary; extern SDLS_MC_DUMP_BLK_RPLY_t mc_log; -extern uint8_t log_count; -extern uint16_t tm_offset; +extern uint8_t log_count; +extern uint16_t tm_offset; // ESA Testing - 0 = disabled, 1 = enabled extern uint8_t badSPI; extern uint8_t badIV; @@ -302,4 +343,4 @@ extern uint8_t badFECF; extern uint32_t crc32Table[CRC32TBL_SIZE]; extern uint16_t crc16Table[CRC16TBL_SIZE]; -#endif //CRYPTO_H \ No newline at end of file +#endif // CRYPTO_H \ No newline at end of file diff --git a/include/crypto_config.h b/include/crypto_config.h index e370fa7e..4f6ed4ef 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -21,13 +21,13 @@ // Debug Colors #ifdef DEBUG #define CRYPTO_DEBUG printf("%s:%s: %d", __FILE__, __FUNCTION__, __LINE__); -#define KRED "\x1B[31m" -#define KGRN "\x1B[32m" -#define KYEL "\x1B[33m" -#define KBLU "\x1B[34m" -#define KMAG "\x1B[35m" -#define KCYN "\x1B[36m" -#define RESET "\033[0m" +#define KRED "\x1B[31m" +#define KGRN "\x1B[32m" +#define KYEL "\x1B[33m" +#define KBLU "\x1B[34m" +#define KMAG "\x1B[35m" +#define KCYN "\x1B[36m" +#define RESET "\033[0m" #else #define CRYPTO_DEBUG #define KRED @@ -45,8 +45,8 @@ #define GVCID_MAN_PARAM_SIZE 250 // Max Frame Size -#define TC_MAX_FRAME_SIZE 1024 -#define TM_MAX_FRAME_SIZE 1786 +#define TC_MAX_FRAME_SIZE 1024 +#define TM_MAX_FRAME_SIZE 1786 #define AOS_MAX_FRAME_SIZE 1786 // Spacecraft Defines @@ -61,158 +61,158 @@ // GVCID Defines #define NUM_GVCID 64 -#define TYPE_TC 0 -#define TYPE_MAP 1 -#define TYPE_TM 2 -#define TYPE_AOS 3 +#define TYPE_TC 0 +#define TYPE_MAP 1 +#define TYPE_TM 2 +#define TYPE_AOS 3 // Specific to Authentication -#define SA_NONE 0 -#define SA_UNKEYED 1 -#define SA_KEYED 2 +#define SA_NONE 0 +#define SA_UNKEYED 1 +#define SA_KEYED 2 #define SA_OPERATIONAL 3 // SA State Transitions #define SA_CREATE 5 -#define SA_REKEY 6 -#define SA_START 7 -#define SA_STOP 2 +#define SA_REKEY 6 +#define SA_START 7 +#define SA_STOP 2 #define SA_EXPIRE 1 #define SA_DELETE 0 // SA Additional Directives -#define SA_STATUS 8 -#define SA_SETARSN 9 +#define SA_STATUS 8 +#define SA_SETARSN 9 #define SA_SETARSNW 10 // Key State Defines -#define KEY_PREACTIVE 0 -#define KEY_ACTIVE 1 +#define KEY_PREACTIVE 0 +#define KEY_ACTIVE 1 #define KEY_DEACTIVATED 2 -#define KEY_DESTROYED 3 -#define KEY_CORRUPTED 4 +#define KEY_DESTROYED 3 +#define KEY_CORRUPTED 4 // Key Length Defines // ECS -#define AES256_GCM_KEYLEN 32 +#define AES256_GCM_KEYLEN 32 #define AES256_GCM_SIV_KEYLEN 32 -#define AES256_CBC_KEYLEN 32 -#define AES256_CCM_KEYLEN 32 +#define AES256_CBC_KEYLEN 32 +#define AES256_CCM_KEYLEN 32 // ACS #define CMAC_AES256_KEYLEN 32 #define HMAC_SHA256_KEYLEN 32 #define HMAC_SHA512_KEYLEN 64 // SA Service Types -#define SA_PLAINTEXT 0 -#define SA_AUTHENTICATION 1 -#define SA_ENCRYPTION 2 +#define SA_PLAINTEXT 0 +#define SA_AUTHENTICATION 1 +#define SA_ENCRYPTION 2 #define SA_AUTHENTICATED_ENCRYPTION 3 // Generic Defines -#define NUM_SA 64 -#define SPI_LEN 2 /* bytes */ -#define KEY_SIZE 512 /* bytes */ -#define KEY_ID_SIZE 8 -#define NUM_KEYS 256 -#define DISABLED 0 -#define ENABLED 1 -#define IV_SIZE 16 /* TM IV size bytes */ -#define IV_SIZE_TC 4 /* TC IV size bytes */ -#define REF_SIZE 250 -#define OCF_SIZE 4 -#define MAC_SIZE 16 /* bytes */ -#define FECF_SIZE 2 +#define NUM_SA 64 +#define SPI_LEN 2 /* bytes */ +#define KEY_SIZE 512 /* bytes */ +#define KEY_ID_SIZE 8 +#define NUM_KEYS 256 +#define DISABLED 0 +#define ENABLED 1 +#define IV_SIZE 16 /* TM IV size bytes */ +#define IV_SIZE_TC 4 /* TC IV size bytes */ +#define REF_SIZE 250 +#define OCF_SIZE 4 +#define MAC_SIZE 16 /* bytes */ +#define FECF_SIZE 2 #define TC_SEGMENT_HDR_SIZE 1 -#define ECS_SIZE 4 /* bytes */ -#define ABM_SIZE 1786 /* bytes */ -#define ARSN_SIZE 20 /* total messages */ -#define ARSNW_SIZE 1 /* bytes */ -#define SN_SIZE 16 /* bytes */ -#define PAD_SIZE 32 /* bytes */ -#define CHALLENGE_SIZE 16 /* bytes */ -#define CHALLENGE_MAC_SIZE 16 /* bytes */ -#define BYTE_LEN 8 /* bits */ +#define ECS_SIZE 4 /* bytes */ +#define ABM_SIZE 1786 /* bytes */ +#define ARSN_SIZE 20 /* total messages */ +#define ARSNW_SIZE 1 /* bytes */ +#define SN_SIZE 16 /* bytes */ +#define PAD_SIZE 32 /* bytes */ +#define CHALLENGE_SIZE 16 /* bytes */ +#define CHALLENGE_MAC_SIZE 16 /* bytes */ +#define BYTE_LEN 8 /* bits */ // Monitoring and Control Defines #define EMV_SIZE 4 /* bytes */ #define LOG_SIZE 50 /* packets */ -#define ST_OK 0x00 -#define ST_NOK 0xFF +#define ST_OK 0x00 +#define ST_NOK 0xFF // Protocol Data Unit (PDU) // PDU Type #define PDU_TYPE_COMMAND 0 -#define PDU_TYPE_REPLY 1 +#define PDU_TYPE_REPLY 1 // PDU User Flag -#define PDU_USER_FLAG_TRUE 1 +#define PDU_USER_FLAG_TRUE 1 #define PDU_USER_FLAG_FALSE 0 // Procedure Identification (PID) - CCSDS Defined Commands // Service Group - Key Management -#define SG_KEY_MGMT 0x00 // 0b00 -#define PID_OTAR 0x01 // 0b0001 -#define PID_KEY_ACTIVATION 0x02 // 0b0010 -#define PID_KEY_DEACTIVATION 0x03 //0b0011 +#define SG_KEY_MGMT 0x00 // 0b00 +#define PID_OTAR 0x01 // 0b0001 +#define PID_KEY_ACTIVATION 0x02 // 0b0010 +#define PID_KEY_DEACTIVATION 0x03 // 0b0011 #define PID_KEY_VERIFICATION 0x04 // 0b0100 -#define PID_KEY_DESTRUCTION 0x06 // 0b0110 -#define PID_KEY_INVENTORY 0x07 // 0b0111 +#define PID_KEY_DESTRUCTION 0x06 // 0b0110 +#define PID_KEY_INVENTORY 0x07 // 0b0111 // Service Group - Security Association Management -#define SG_SA_MGMT 0x01 // 0b01 -#define PID_CREATE_SA 0x01 //0b0001 -#define PID_REKEY_SA 0x06 //0b0110 -#define PID_START_SA 0x0B //0b1011 -#define PID_STOP_SA 0x0E // 0b1110 +#define SG_SA_MGMT 0x01 // 0b01 +#define PID_CREATE_SA 0x01 // 0b0001 +#define PID_REKEY_SA 0x06 // 0b0110 +#define PID_START_SA 0x0B // 0b1011 +#define PID_STOP_SA 0x0E // 0b1110 #define PID_EXPIRE_SA 0x09 // 0b1001 #define PID_DELETE_SA 0x04 // 0b0100 -#define PID_SET_ARSN 0x0A //0b1010 +#define PID_SET_ARSN 0x0A // 0b1010 #define PID_SET_ARSNW 0x05 // 0b0101 #define PID_READ_ARSN 0x00 // 0b0000 #define PID_SA_STATUS 0x0F // 0b1111 // Service Group - Security Monitoring & Control #define SG_SEC_MON_CTRL 0x03 // 0b11 -#define PID_PING 0x01 // 0b0001 -#define PID_LOG_STATUS 0x02 //0b0010 -#define PID_DUMP_LOG 0x03 // 0b0011 -#define PID_ERASE_LOG 0x04 // 0b0100 -#define PID_SELF_TEST 0x05 // 0b0101 -#define PID_ALARM_FLAG 0x07 // 0b0111 +#define PID_PING 0x01 // 0b0001 +#define PID_LOG_STATUS 0x02 // 0b0010 +#define PID_DUMP_LOG 0x03 // 0b0011 +#define PID_ERASE_LOG 0x04 // 0b0100 +#define PID_SELF_TEST 0x05 // 0b0101 +#define PID_ALARM_FLAG 0x07 // 0b0111 // Procedure Identification (PID) - User Defined Commands #define PID_IDLE_FRAME_TRIGGER 0 -#define PID_TOGGLE_BAD_SPI 1 -#define PID_TOGGLE_BAD_IV 2 -#define PID_TOGGLE_BAD_MAC 3 -#define PID_TOGGLE_BAD_FECF 4 -#define PID_MODIFY_KEY 5 -#define PID_MODIFY_ACTIVE_TM 6 -#define PID_MODIFY_VCID 7 +#define PID_TOGGLE_BAD_SPI 1 +#define PID_TOGGLE_BAD_IV 2 +#define PID_TOGGLE_BAD_MAC 3 +#define PID_TOGGLE_BAD_FECF 4 +#define PID_MODIFY_KEY 5 +#define PID_MODIFY_ACTIVE_TM 6 +#define PID_MODIFY_VCID 7 // TC Defines -#define TC_SH_SIZE 8 /* bits */ -#define TC_SN_SIZE 2 -#define TC_SN_WINDOW 10 /* +/- value */ +#define TC_SH_SIZE 8 /* bits */ +#define TC_SN_SIZE 2 +#define TC_SN_WINDOW 10 /* +/- value */ #define TC_FRAME_DATA_SIZE 1019 /* bytes */ // 1024 - 5byte header -#define TC_CADU_ASM_SIZE 4 +#define TC_CADU_ASM_SIZE 4 // CCSDS PUS Defines #define TLV_DATA_SIZE 494 /* bytes */ // TM Defines #define TM_FRAME_DATA_SIZE 1786 /* bytes */ -#define TM_FILL_SIZE 1145 /* bytes */ -#define TM_PAD_SIZE 2 /* bytes */ +#define TM_FILL_SIZE 1145 /* bytes */ +#define TM_PAD_SIZE 2 /* bytes */ // AOS Defines #define AOS_FRAME_DATA_SIZE 1786 /* bytes */ -#define AOS_FILL_SIZE 1145 /* bytes */ +#define AOS_FILL_SIZE 1145 /* bytes */ // SDLS Behavior Defines -#define SDLS_KEYV_MAX_KEYS 21 /* keys */ -#define SDLS_IV_LEN 12 /* bytes */ -#define SDLS_KEYV_KEY_ID_LEN 2 /* bytes */ -#define SDLS_KEY_LEN 32 /* bytes */ +#define SDLS_KEYV_MAX_KEYS 21 /* keys */ +#define SDLS_IV_LEN 12 /* bytes */ +#define SDLS_KEYV_KEY_ID_LEN 2 /* bytes */ +#define SDLS_KEY_LEN 32 /* bytes */ // TC Behavior Defines -#define TC_SDLS_EP_VCID \ +#define TC_SDLS_EP_VCID \ 4 // VCID which has SDLS PDUs (JPL uses VCIDs to determine TC type, there is no space packet layer with APIDs). Set // to -1 if uses SP APIDs. @@ -220,14 +220,14 @@ #define TM_CADU_HAS_ASM 1 // Skip 0x1acffc1d at beginning of each frame // TM CADU based on ASM, currently only holds non-turbo ASM #ifdef TM_CADU_HAS_ASM - #define TM_CADU_SIZE (TM_FRAME_DATA_SIZE + TC_CADU_ASM_SIZE) +#define TM_CADU_SIZE (TM_FRAME_DATA_SIZE + TC_CADU_ASM_SIZE) #else - #define TM_CADU_SIZE TM_FRAME_DATA_SIZE +#define TM_CADU_SIZE TM_FRAME_DATA_SIZE #endif // Logic Behavior Defines #define CRYPTO_FALSE 0 -#define CRYPTO_TRUE 1 +#define CRYPTO_TRUE 1 /* ** SAVE FILE NAME/LOCATION @@ -239,5 +239,4 @@ */ #define TC_BLOCK_SIZE 16 - -#endif //CRYPTO_CONFIG_H \ No newline at end of file +#endif // CRYPTO_CONFIG_H \ No newline at end of file diff --git a/include/crypto_config_structs.h b/include/crypto_config_structs.h index 09123c93..7a2e42d8 100644 --- a/include/crypto_config_structs.h +++ b/include/crypto_config_structs.h @@ -89,7 +89,7 @@ typedef enum } CreateFecfBool; typedef enum { - AOS_FHEC_NA=0, + AOS_FHEC_NA = 0, AOS_NO_FHEC, AOS_HAS_FHEC } AosFhecPresent; @@ -172,8 +172,8 @@ typedef enum typedef enum { - CAM_LOGIN_NONE, // Using already populated cam_cookie_file - CAM_LOGIN_KERBEROS, // Using already logged-in Kerberos to generate CAM cookies + CAM_LOGIN_NONE, // Using already populated cam_cookie_file + CAM_LOGIN_KERBEROS, // Using already logged-in Kerberos to generate CAM cookies CAM_LOGIN_KEYTAB_FILE // using keytab file to login and generate CAM cookies } CamLoginMethod; /* @@ -201,39 +201,40 @@ typedef enum */ typedef struct { - InitStatus init_status; - KeyType key_type; - McType mc_type; - SadbType sa_type; + InitStatus init_status; + KeyType key_type; + McType mc_type; + SadbType sa_type; CryptographyType cryptography_type; - IvType iv_type; // Whether or not CryptoLib should generate the IV - CreateFecfBool crypto_create_fecf; // Whether or not CryptoLib is expected to calculate TC FECFs and return - // payloads with the FECF - TcProcessSdlsPdus process_sdls_pdus; // Config to process SDLS extended procedure PDUs in CryptoLib - TcPusHdrPresent has_pus_hdr; - TcIgnoreSaState ignore_sa_state; // TODO - add logic that uses this configuration + IvType iv_type; // Whether or not CryptoLib should generate the IV + CreateFecfBool crypto_create_fecf; // Whether or not CryptoLib is expected to calculate TC FECFs and return + // payloads with the FECF + TcProcessSdlsPdus process_sdls_pdus; // Config to process SDLS extended procedure PDUs in CryptoLib + TcPusHdrPresent has_pus_hdr; + TcIgnoreSaState ignore_sa_state; // TODO - add logic that uses this configuration TcIgnoreAntiReplay ignore_anti_replay; TcUniqueSaPerMapId unique_sa_per_mapid; - CheckFecfBool crypto_check_fecf; - uint8_t vcid_bitmask; - uint8_t crypto_increment_nontransmitted_iv; // Whether or not CryptoLib increments the non-transmitted portion of the IV field + CheckFecfBool crypto_check_fecf; + uint8_t vcid_bitmask; + uint8_t crypto_increment_nontransmitted_iv; // Whether or not CryptoLib increments the non-transmitted portion of + // the IV field } CryptoConfig_t; #define CRYPTO_CONFIG_SIZE (sizeof(CryptoConfig_t)) typedef struct _GvcidManagedParameters_t GvcidManagedParameters_t; struct _GvcidManagedParameters_t { - uint8_t tfvn : 4; // Transfer Frame Version Number - uint16_t scid : 10; // SpacecraftID - uint8_t vcid : 6; // Virtual Channel ID - FecfPresent has_fecf; - AosFhecPresent aos_has_fhec; + uint8_t tfvn : 4; // Transfer Frame Version Number + uint16_t scid : 10; // SpacecraftID + uint8_t vcid : 6; // Virtual Channel ID + FecfPresent has_fecf; + AosFhecPresent aos_has_fhec; AosInsertZonePresent aos_has_iz; - uint16_t aos_iz_len; + uint16_t aos_iz_len; TcSegmentHdrsPresent has_segmentation_hdr; - uint16_t max_frame_size; // Maximum TC/TM Frame Length with headers - OcfPresent has_ocf; - int set_flag; + uint16_t max_frame_size; // Maximum TC/TM Frame Length with headers + OcfPresent has_ocf; + int set_flag; }; #define GVCID_MANAGED_PARAMETERS_SIZE (sizeof(GvcidManagedParameters_t)) @@ -242,18 +243,18 @@ struct _GvcidManagedParameters_t */ typedef struct { - char* mysql_username; - char* mysql_password; - char* mysql_hostname; - char* mysql_database; + char *mysql_username; + char *mysql_password; + char *mysql_hostname; + char *mysql_database; uint16_t mysql_port; - char* mysql_mtls_cert; - char* mysql_mtls_key; - char* mysql_mtls_ca; - char* mysql_mtls_capath; - uint8_t mysql_tls_verify_server; - char* mysql_mtls_client_key_password; - uint8_t mysql_require_secure_transport; + char *mysql_mtls_cert; + char *mysql_mtls_key; + char *mysql_mtls_ca; + char *mysql_mtls_capath; + uint8_t mysql_tls_verify_server; + char *mysql_mtls_client_key_password; + uint8_t mysql_require_secure_transport; } SadbMariaDBConfig_t; #define SADB_MARIADB_CONFIG_SIZE (sizeof(SadbMariaDBConfig_t)) @@ -263,18 +264,18 @@ typedef struct */ typedef struct { - char* kmc_crypto_hostname; - char* protocol; + char *kmc_crypto_hostname; + char *protocol; uint16_t kmc_crypto_port; - char* kmc_crypto_app_uri; - char* mtls_client_cert_path; - char* mtls_client_cert_type; // default "PEM", supports "P12" and "DER" - char* mtls_client_key_path; - char* mtls_client_key_pass; - char* mtls_ca_bundle; - char* mtls_ca_path; - char* mtls_issuer_cert; - uint8_t ignore_ssl_hostname_validation; + char *kmc_crypto_app_uri; + char *mtls_client_cert_path; + char *mtls_client_cert_type; // default "PEM", supports "P12" and "DER" + char *mtls_client_key_path; + char *mtls_client_key_pass; + char *mtls_ca_bundle; + char *mtls_ca_path; + char *mtls_issuer_cert; + uint8_t ignore_ssl_hostname_validation; } CryptographyKmcCryptoServiceConfig_t; #define CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIG_SIZE (sizeof(CryptographyKmcCryptoServiceConfig_t)) @@ -285,14 +286,14 @@ typedef struct typedef struct { uint8_t cam_enabled; - char* cookie_file_path; - char* keytab_file_path; - char* access_manager_uri; - char* username; - char* cam_home; + char *cookie_file_path; + char *keytab_file_path; + char *access_manager_uri; + char *username; + char *cam_home; uint8_t login_method; } CamConfig_t; #define CAM_CONFIG_SIZE (sizeof(CamConfig_t)) -#endif //CRYPTO_CONFIG_STRUCTS_H \ No newline at end of file +#endif // CRYPTO_CONFIG_STRUCTS_H \ No newline at end of file diff --git a/include/crypto_error.h b/include/crypto_error.h index 06251aa6..08f3aac0 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -24,130 +24,130 @@ * AND the appropriate _ERROR_CODE_MAX must be updated below! */ -#define CRYPTO_CONFIGURATION_NOT_COMPLETE 100 +#define CRYPTO_CONFIGURATION_NOT_COMPLETE 100 #define CRYPTO_MANAGED_PARAM_CONFIGURATION_NOT_COMPLETE 101 -#define CRYPTO_MARIADB_CONFIGURATION_NOT_COMPLETE 102 -#define MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND 103 +#define CRYPTO_MARIADB_CONFIGURATION_NOT_COMPLETE 102 +#define MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND 103 #define SADB_INVALID_SADB_TYPE 200 -#define SADB_NULL_SA_USED 201 +#define SADB_NULL_SA_USED 201 #define SADB_MARIADB_CONNECTION_FAILED 300 -#define SADB_QUERY_FAILED 301 -#define SADB_QUERY_EMPTY_RESULTS 302 -#define SADB_INSERT_FAILED 303 +#define SADB_QUERY_FAILED 301 +#define SADB_QUERY_EMPTY_RESULTS 302 +#define SADB_INSERT_FAILED 303 -#define CRYPTOGRAPHY_INVALID_CRYPTO_INTERFACE_TYPE 400 +#define CRYPTOGRAPHY_INVALID_CRYPTO_INTERFACE_TYPE 400 #define CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING 401 -#define CRYPTOGRAPHY_LIBRARY_INITIALIZIATION_ERROR 402 +#define CRYPTOGRAPHY_LIBRARY_INITIALIZIATION_ERROR 402 #define CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIGURATION_NOT_COMPLETE 500 -#define CRYPTOGRAPHY_KMC_CURL_INITIALIZATION_FAILURE 501 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_CONNECTION_ERROR 502 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AEAD_ENCRYPT_ERROR 503 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AEAD_DECRYPT_ERROR 504 -#define CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR 505 -#define CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE 506 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE 507 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AUTHENTICATION_ERROR 508 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_MAC_VALIDATION_ERROR 509 -#define CRYPTOGRAHPY_KMC_ICV_NOT_FOUND_IN_JSON_RESPONSE 510 -#define CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA 511 -#define CRYPTOGRAHPY_KMC_NULL_AUTHENTICATION_KEY_REFERENCE_IN_SA 512 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE 513 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR 514 -#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR 515 - -#define CAM_CONFIG_NOT_SUPPORTED_ERROR 600 -#define CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL 601 -#define CAM_AUTHENTICATION_FAILURE_REDIRECT 602 -#define CAM_AUTHENTICATION_REQUIRED 603 -#define CAM_GET_SSO_TOKEN_FAILURE 604 -#define CAM_INVALID_CONFIGURATION_ACCESS_MANAGER_URI_NULL 605 -#define CAM_INVALID_CONFIGURATION_KEYTAB_FILE_PATH_NULL 606 +#define CRYPTOGRAPHY_KMC_CURL_INITIALIZATION_FAILURE 501 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_CONNECTION_ERROR 502 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AEAD_ENCRYPT_ERROR 503 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AEAD_DECRYPT_ERROR 504 +#define CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR 505 +#define CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE 506 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE 507 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AUTHENTICATION_ERROR 508 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_MAC_VALIDATION_ERROR 509 +#define CRYPTOGRAHPY_KMC_ICV_NOT_FOUND_IN_JSON_RESPONSE 510 +#define CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA 511 +#define CRYPTOGRAHPY_KMC_NULL_AUTHENTICATION_KEY_REFERENCE_IN_SA 512 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE 513 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR 514 +#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR 515 + +#define CAM_CONFIG_NOT_SUPPORTED_ERROR 600 +#define CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL 601 +#define CAM_AUTHENTICATION_FAILURE_REDIRECT 602 +#define CAM_AUTHENTICATION_REQUIRED 603 +#define CAM_GET_SSO_TOKEN_FAILURE 604 +#define CAM_INVALID_CONFIGURATION_ACCESS_MANAGER_URI_NULL 605 +#define CAM_INVALID_CONFIGURATION_KEYTAB_FILE_PATH_NULL 606 #define CAM_INVALID_CONFIGURATION_KEYTAB_FILE_USERNAME_NULL 607 -#define CAM_KEYTAB_FILE_KINIT_FAILURE 608 -#define CAM_KERBEROS_REQUEST_TIME_OUT 609 -#define CAM_MAX_AUTH_RETRIES_REACHED 610 - -#define CRYPTO_LIB_SUCCESS (0) -#define CRYPTO_LIB_ERROR (-1) -#define CRYPTO_LIB_ERR_NO_INIT (-2) -#define CRYPTO_LIB_ERR_INVALID_TFVN (-3) -#define CRYPTO_LIB_ERR_INVALID_SCID (-4) -#define CRYPTO_LIB_ERR_INVALID_VCID (-5) -#define CRYPTO_LIB_ERR_INVALID_MAPID (-6) -#define CRYPTO_LIB_ERR_INVALID_CC_FLAG (-7) -#define CRYPTO_LIB_ERR_NO_OPERATIONAL_SA (-8) -#define CRYPTO_LIB_ERR_NULL_BUFFER (-9) -#define CRYPTO_LIB_ERR_UT_BYTE_MISMATCH (-10) -#define CRYPTO_LIB_ERR_NO_CONFIG (-11) -#define CRYPTO_LIB_ERR_INVALID_FECF (-12) -#define CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW (-13) -#define CRYPTO_LIB_ERR_LIBGCRYPT_ERROR (-14) -#define CRYPTO_LIB_ERR_AUTHENTICATION_ERROR (-15) -#define CRYPTO_LIB_ERR_NULL_IV (-16) -#define CRYPTO_LIB_ERR_NULL_ABM (-17) -#define CRYPTO_LIB_ERR_DECRYPT_ERROR (-18) -#define CRYPTO_LIB_ERR_ABM_TOO_SHORT_FOR_AAD (-19) -#define CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR (-20) -#define CRYPTO_LIB_ERR_MAC_VALIDATION_ERROR (-21) -#define CRYPTO_LIB_ERR_INVALID_HEADER (-22) -#define CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW (-23) -#define CRYPTO_LIB_ERR_NULL_ARSN (-24) -#define CRYPTO_LIB_ERR_NULL_SA (-25) -#define CRYPTO_LIB_ERR_UNSUPPORTED_ACS (-26) -#define CRYPTO_LIB_ERR_ENCRYPTION_ERROR (-27) -#define CRYPTO_LIB_ERR_INVALID_SA_CONFIGURATION (-28) -#define CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_MANAGED_PARAM_MAX_LIMIT (-29) -#define CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_SPEC_LIMIT (-30) -#define CRYPTO_LIB_ERR_UNSUPPORTED_ECS (-31) -#define CRYPTO_LIB_ERR_KEY_LENGTH_ERROR (-32) -#define CRYPTO_LIB_ERR_NULL_ECS_PTR (-33) -#define CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO (-34) -#define CRYPTO_LIB_ERR_NULL_CIPHERS (-35) -#define CRYPTO_LIB_ERR_NO_ECS_SET_FOR_ENCRYPTION_MODE (-36) -#define CRYPTO_LIB_ERR_IV_LEN_SHORTER_THAN_SEC_HEADER_LENGTH (-37) -#define CRYPTO_LIB_ERR_ARSN_LEN_SHORTER_THAN_SEC_HEADER_LENGTH (-38) -#define CRYPTO_LIB_ERR_FRAME_COUNTER_DOESNT_MATCH_SA (-39) -#define CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TC_STANDARD (-40) +#define CAM_KEYTAB_FILE_KINIT_FAILURE 608 +#define CAM_KERBEROS_REQUEST_TIME_OUT 609 +#define CAM_MAX_AUTH_RETRIES_REACHED 610 + +#define CRYPTO_LIB_SUCCESS (0) +#define CRYPTO_LIB_ERROR (-1) +#define CRYPTO_LIB_ERR_NO_INIT (-2) +#define CRYPTO_LIB_ERR_INVALID_TFVN (-3) +#define CRYPTO_LIB_ERR_INVALID_SCID (-4) +#define CRYPTO_LIB_ERR_INVALID_VCID (-5) +#define CRYPTO_LIB_ERR_INVALID_MAPID (-6) +#define CRYPTO_LIB_ERR_INVALID_CC_FLAG (-7) +#define CRYPTO_LIB_ERR_NO_OPERATIONAL_SA (-8) +#define CRYPTO_LIB_ERR_NULL_BUFFER (-9) +#define CRYPTO_LIB_ERR_UT_BYTE_MISMATCH (-10) +#define CRYPTO_LIB_ERR_NO_CONFIG (-11) +#define CRYPTO_LIB_ERR_INVALID_FECF (-12) +#define CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW (-13) +#define CRYPTO_LIB_ERR_LIBGCRYPT_ERROR (-14) +#define CRYPTO_LIB_ERR_AUTHENTICATION_ERROR (-15) +#define CRYPTO_LIB_ERR_NULL_IV (-16) +#define CRYPTO_LIB_ERR_NULL_ABM (-17) +#define CRYPTO_LIB_ERR_DECRYPT_ERROR (-18) +#define CRYPTO_LIB_ERR_ABM_TOO_SHORT_FOR_AAD (-19) +#define CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR (-20) +#define CRYPTO_LIB_ERR_MAC_VALIDATION_ERROR (-21) +#define CRYPTO_LIB_ERR_INVALID_HEADER (-22) +#define CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW (-23) +#define CRYPTO_LIB_ERR_NULL_ARSN (-24) +#define CRYPTO_LIB_ERR_NULL_SA (-25) +#define CRYPTO_LIB_ERR_UNSUPPORTED_ACS (-26) +#define CRYPTO_LIB_ERR_ENCRYPTION_ERROR (-27) +#define CRYPTO_LIB_ERR_INVALID_SA_CONFIGURATION (-28) +#define CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_MANAGED_PARAM_MAX_LIMIT (-29) +#define CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_SPEC_LIMIT (-30) +#define CRYPTO_LIB_ERR_UNSUPPORTED_ECS (-31) +#define CRYPTO_LIB_ERR_KEY_LENGTH_ERROR (-32) +#define CRYPTO_LIB_ERR_NULL_ECS_PTR (-33) +#define CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO (-34) +#define CRYPTO_LIB_ERR_NULL_CIPHERS (-35) +#define CRYPTO_LIB_ERR_NO_ECS_SET_FOR_ENCRYPTION_MODE (-36) +#define CRYPTO_LIB_ERR_IV_LEN_SHORTER_THAN_SEC_HEADER_LENGTH (-37) +#define CRYPTO_LIB_ERR_ARSN_LEN_SHORTER_THAN_SEC_HEADER_LENGTH (-38) +#define CRYPTO_LIB_ERR_FRAME_COUNTER_DOESNT_MATCH_SA (-39) +#define CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TC_STANDARD (-40) #define CRYPTO_LIB_ERR_INPUT_FRAME_LENGTH_SHORTER_THAN_FRAME_HEADERS_LENGTH (-41) -#define CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE (-42) -#define CRYPTO_LIB_ERR_NULL_MODE_PTR (-43) -#define CRYPTO_LIB_ERR_UNSUPPORTED_MODE (-44) -#define CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TM_STANDARD (-45) -#define CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG (-46) -#define CRYPTO_LIB_ERR_KEY_ID_ERROR (-47) -#define CRYPTO_LIB_ERR_MC_INIT (-48) -#define CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_AOS_STANDARD (-49) -#define CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_AOS_CONFIG (-50) -#define CRYPTO_LIB_ERR_INVALID_SA_SERVICE_TYPE (-51) -#define CRYPTO_LIB_ERR_FAIL_SA_SAVE (-52) -#define CRYPTO_LIB_ERR_FAIL_SA_LOAD (-53) -#define CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT (-54) -#define CRYPTO_LIB_ERR_KEY_VALIDATION (-55) -#define CRYPTO_LIB_ERR_SPI_INDEX_OOB (-56) -#define CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL (-57) -#define CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH (-58) -#define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) +#define CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE (-42) +#define CRYPTO_LIB_ERR_NULL_MODE_PTR (-43) +#define CRYPTO_LIB_ERR_UNSUPPORTED_MODE (-44) +#define CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TM_STANDARD (-45) +#define CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG (-46) +#define CRYPTO_LIB_ERR_KEY_ID_ERROR (-47) +#define CRYPTO_LIB_ERR_MC_INIT (-48) +#define CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_AOS_STANDARD (-49) +#define CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_AOS_CONFIG (-50) +#define CRYPTO_LIB_ERR_INVALID_SA_SERVICE_TYPE (-51) +#define CRYPTO_LIB_ERR_FAIL_SA_SAVE (-52) +#define CRYPTO_LIB_ERR_FAIL_SA_LOAD (-53) +#define CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT (-54) +#define CRYPTO_LIB_ERR_KEY_VALIDATION (-55) +#define CRYPTO_LIB_ERR_SPI_INDEX_OOB (-56) +#define CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL (-57) +#define CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH (-58) +#define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) // Define codes for returning MDB Strings, and determining error based on strings -#define CAM_ERROR_CODES 600 +#define CAM_ERROR_CODES 600 #define CAM_ERROR_CODES_MAX 610 -#define KMC_ERROR_CODES 500 +#define KMC_ERROR_CODES 500 #define KMC_ERROR_CODES_MAX 515 -#define CRYPTO_INTERFACE_ERROR_CODES 400 +#define CRYPTO_INTERFACE_ERROR_CODES 400 #define CRYPTO_INTERFACE_ERROR_CODES_MAX 402 -#define SADB_ERROR_CODES 300 +#define SADB_ERROR_CODES 300 #define SADB_ERROR_CODES_MAX 303 -#define SADB_INTERFACE_ERROR_CODES 200 +#define SADB_INTERFACE_ERROR_CODES 200 #define SADB_INTERFACE_ERROR_CODES_MAX 201 -#define CONFIGURATION_ERROR_CODES 100 +#define CONFIGURATION_ERROR_CODES 100 #define CONFIGURATION_ERROR_CODES_MAX 103 #define CRYPTO_CORE_ERROR_CODES_MAX -59 @@ -160,5 +160,4 @@ extern char *crypto_enum_errlist_crypto_if[]; extern char *crypto_enum_errlist_crypto_kmc[]; extern char *crypto_enum_errlist_crypto_cam[]; - -#endif //CRYPTO_ERROR_H \ No newline at end of file +#endif // CRYPTO_ERROR_H \ No newline at end of file diff --git a/include/crypto_events.h b/include/crypto_events.h index 505fbd25..bbb9bec4 100644 --- a/include/crypto_events.h +++ b/include/crypto_events.h @@ -18,15 +18,15 @@ #ifndef CRYPTO_EVENTS_H #define CRYPTO_EVENTS_H -#define FECF_ERR_EID 0 -#define MKID_INVALID_EID 1 -#define MKID_STATE_ERR_EID 2 +#define FECF_ERR_EID 0 +#define MKID_INVALID_EID 1 +#define MKID_STATE_ERR_EID 2 #define KEY_TRANSITION_ERR_EID 3 -#define SPI_INVALID_EID 4 -#define IV_WINDOW_ERR_EID 5 -#define IV_REPLAY_ERR_EID 6 -#define OTAR_MK_ERR_EID 7 +#define SPI_INVALID_EID 4 +#define IV_WINDOW_ERR_EID 5 +#define IV_REPLAY_ERR_EID 6 +#define OTAR_MK_ERR_EID 7 #define STARTUP_EID 10 -#endif //CRYPTO_EVENTS_H \ No newline at end of file +#endif // CRYPTO_EVENTS_H \ No newline at end of file diff --git a/include/crypto_print.h b/include/crypto_print.h index 4d084e5b..924b99bc 100644 --- a/include/crypto_print.h +++ b/include/crypto_print.h @@ -34,42 +34,42 @@ * @param tc_frame: TC_T* * Prints the contents of the tc_frame **/ -void Crypto_tcPrint(TC_t* tc_frame); +void Crypto_tcPrint(TC_t *tc_frame); /** * @brief Function: Crypto_tmPrint * @param tm_frame: TM_T* * Prints the contents of the tm_frame **/ -void Crypto_tmPrint(TM_t* tm_frame); +void Crypto_tmPrint(TM_t *tm_frame); /** * @brief Function: Crypto_clcwPrint * @param clcw: Telemetry_Frame_Clcw_t* * Prints the contents of the clcw **/ -void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw); +void Crypto_clcwPrint(Telemetry_Frame_Clcw_t *clcw); /** * @brief Function: Crypto_fsrPrint * @param report: SDLS_FSR_t* * Prints the contents of current FSR in memory **/ -void Crypto_fsrPrint(SDLS_FSR_t* report); +void Crypto_fsrPrint(SDLS_FSR_t *report); /** * @brief Function: Crypto_ccsdsPrint * @param sdls_frame: CCSDS_t* * Prints the contents of current CCSDS in memory **/ -void Crypto_ccsdsPrint(CCSDS_t* sdls_frame); +void Crypto_ccsdsPrint(CCSDS_t *sdls_frame); /** * @brief Function: Crypto_saPrint * @param sa: SecurityAssociation_t* * Prints the contents of SA **/ -void Crypto_saPrint(SecurityAssociation_t* sa); +void Crypto_saPrint(SecurityAssociation_t *sa); /** * @brief Function: Crypto_hexPrint @@ -77,7 +77,7 @@ void Crypto_saPrint(SecurityAssociation_t* sa); * @param c: void*, The hex to be printed. * @param n: size_t, The size of the array to be printed. **/ -void Crypto_hexprint(const void* c, size_t n); +void Crypto_hexprint(const void *c, size_t n); /** * @brief Function: Crypto_binprint @@ -85,7 +85,7 @@ void Crypto_hexprint(const void* c, size_t n); * @param c: void*, The binary array to be printed. * @param n: size_t, The size of the array to be printed. **/ -void Crypto_binprint(void* c, size_t n); +void Crypto_binprint(void *c, size_t n); /** * @brief Function: Crypto_mpPrint @@ -93,6 +93,6 @@ void Crypto_binprint(void* c, size_t n); * @param managed_parameters: GvcidManagedParameters_t*, The binary array to be printed. * @param print_children: uint8_t, The size of the array to be printed. **/ -void Crypto_mpPrint(GvcidManagedParameters_t* managed_parameters, uint8_t print_children); +void Crypto_mpPrint(GvcidManagedParameters_t *managed_parameters, uint8_t print_children); -#endif //CRYPTO_PRINT_H +#endif // CRYPTO_PRINT_H diff --git a/include/crypto_structs.h b/include/crypto_structs.h index f0d13050..560c0aee 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -19,34 +19,33 @@ #ifndef CRYPTO_STRUCTS_H #define CRYPTO_STRUCTS_H -#define SDLS_CHALLENGED_SIZE 10 -#define SDLS_CMAC_SIZE 10 +#define SDLS_CHALLENGED_SIZE 10 +#define SDLS_CMAC_SIZE 10 #define SDLS_KEY_VERIFY_BLK_SIZE 29 -#define SDLS_KEY_ID_SIZE 98 -#define SDLS_EKB_LEN 30 +#define SDLS_KEY_ID_SIZE 98 +#define SDLS_EKB_LEN 30 #include "crypto_config.h" - #ifdef NOS3 // NOS3/cFS build is ready - #include "common_types.h" - #endif // Assume build outside of NOS3/cFS infrastructure +#ifdef NOS3 // NOS3/cFS build is ready +#include "common_types.h" +#endif // Assume build outside of NOS3/cFS infrastructure - #ifndef KMC_CFFI_EXCLUDE // Exclude libraries that CFFI parser can’t process - #include - #include - #include - #endif - +#ifndef KMC_CFFI_EXCLUDE // Exclude libraries that CFFI parser can’t process +#include +#include +#include +#endif /* ** Definitions */ typedef struct { // Global Virtual Channel ID / Global MAP ID - uint8_t tfvn : 4; // Transfer Frame Version Number + uint8_t tfvn : 4; // Transfer Frame Version Number uint16_t scid : 16; // Spacecraft ID uint16_t vcid : 6; // Virtual Channel ID - uint8_t mapid : 6; // Multiplexer Access Point ID + uint8_t mapid : 6; // Multiplexer Access Point ID } crypto_gvcid_t; #define CRYPTO_GVCID_SIZE (sizeof(crypto_gvcid_t)) @@ -58,34 +57,36 @@ typedef struct typedef struct { // Status - uint16_t spi; // Security Parameter Index - uint16_t ekid; // Encryption Key ID (Used with numerically indexed keystores, EG inmemory keyring) - uint16_t akid; // Authentication Key ID - char ek_ref[REF_SIZE]; // Encryption Key Reference (Used with string-referenced keystores,EG-PKCS12 keystores, KMC crypto) - char ak_ref[REF_SIZE]; // Authentication Key Reference (Used with string-referenced keystores,EG-PKCS12 keystores, KMC crypto) - uint8_t sa_state : 2; + uint16_t spi; // Security Parameter Index + uint16_t ekid; // Encryption Key ID (Used with numerically indexed keystores, EG inmemory keyring) + uint16_t akid; // Authentication Key ID + char ek_ref[REF_SIZE]; // Encryption Key Reference (Used with string-referenced keystores,EG-PKCS12 keystores, KMC + // crypto) + char ak_ref[REF_SIZE]; // Authentication Key Reference (Used with string-referenced keystores,EG-PKCS12 keystores, + // KMC crypto) + uint8_t sa_state : 2; crypto_gvcid_t gvcid_blk; - uint8_t lpid; + uint8_t lpid; // Configuration - uint8_t est : 1; // Encryption Service Type - uint8_t ast : 1; // Authentication Service Type - uint8_t shivf_len : 6; // Sec. Header Transmitted IV Field Length - uint8_t shsnf_len : 6; // Sec. Header SN Field Length - uint8_t shplf_len : 2; // Sec. Header PL Field Length - uint8_t stmacf_len : 8; // Sec. Trailer MAC Field Length - uint8_t ecs; // Encryption Cipher Suite (algorithm / mode ID) - uint8_t ecs_len : 8; // Encryption Cipher Suite Length - uint8_t iv[IV_SIZE]; // Initialization Vector - uint8_t iv_len; // Length of entire IV - uint8_t acs_len : 8; // Authentication Cipher Suite Length - uint8_t acs; // Authentication Cipher Suite (algorithm / mode ID) - uint16_t abm_len : 16; // Authentication Bit Mask Length - uint8_t abm[ABM_SIZE]; // Authentication Bit Mask (Primary Hdr. through Security Hdr.) - uint8_t arsn_len : 8; // Anti-Replay Seq Num Length - uint8_t arsn[ARSN_SIZE];// Anti-Replay Seq Num - uint8_t arsnw_len : 8; // Anti-Replay Seq Num Window Length - uint16_t arsnw; // Anti-Replay Seq Num Window + uint8_t est : 1; // Encryption Service Type + uint8_t ast : 1; // Authentication Service Type + uint8_t shivf_len : 6; // Sec. Header Transmitted IV Field Length + uint8_t shsnf_len : 6; // Sec. Header SN Field Length + uint8_t shplf_len : 2; // Sec. Header PL Field Length + uint8_t stmacf_len : 8; // Sec. Trailer MAC Field Length + uint8_t ecs; // Encryption Cipher Suite (algorithm / mode ID) + uint8_t ecs_len : 8; // Encryption Cipher Suite Length + uint8_t iv[IV_SIZE]; // Initialization Vector + uint8_t iv_len; // Length of entire IV + uint8_t acs_len : 8; // Authentication Cipher Suite Length + uint8_t acs; // Authentication Cipher Suite (algorithm / mode ID) + uint16_t abm_len : 16; // Authentication Bit Mask Length + uint8_t abm[ABM_SIZE]; // Authentication Bit Mask (Primary Hdr. through Security Hdr.) + uint8_t arsn_len : 8; // Anti-Replay Seq Num Length + uint8_t arsn[ARSN_SIZE]; // Anti-Replay Seq Num + uint8_t arsnw_len : 8; // Anti-Replay Seq Num Window Length + uint16_t arsnw; // Anti-Replay Seq Num Window } SecurityAssociation_t; #define SA_SIZE (sizeof(SecurityAssociation_t)) @@ -95,47 +96,47 @@ typedef struct */ typedef struct { - uint8_t cwt : 1; // Control Word Type - uint8_t vnum : 3; // FSR Version Number - uint8_t af : 1; // Alarm Field - uint8_t bsnf : 1; // Bad SN Flag - uint8_t bmacf : 1; // Bad MAC Flag - uint8_t ispif : 1; // Invalid SPI Flag + uint8_t cwt : 1; // Control Word Type + uint8_t vnum : 3; // FSR Version Number + uint8_t af : 1; // Alarm Field + uint8_t bsnf : 1; // Bad SN Flag + uint8_t bmacf : 1; // Bad MAC Flag + uint8_t ispif : 1; // Invalid SPI Flag uint16_t lspiu : 16; // Last SPI Used - uint8_t snval : 8; // SN Value (LSB) + uint8_t snval : 8; // SN Value (LSB) } SDLS_FSR_t; #define SDLS_FSR_SIZE (sizeof(SDLS_FSR_t)) typedef struct { - uint8_t type : 1; // Procedure Type Flag - uint8_t uf : 1; // User Flag - uint8_t sg : 2; // Service Group Field - uint8_t pid : 4; // Procedure Identification Field - uint16_t pdu_len; // EP Data Field Length - BITS -} __attribute__ ((packed)) SDLS_TLV_Hdr_t; + uint8_t type : 1; // Procedure Type Flag + uint8_t uf : 1; // User Flag + uint8_t sg : 2; // Service Group Field + uint8_t pid : 4; // Procedure Identification Field + uint16_t pdu_len; // EP Data Field Length - BITS +} __attribute__((packed)) SDLS_TLV_Hdr_t; #define SDLS_TLV_HDR_SIZE (sizeof(SDLS_TLV_Hdr_t)) typedef struct { SDLS_TLV_Hdr_t hdr; - uint8_t data[TLV_DATA_SIZE]; + uint8_t data[TLV_DATA_SIZE]; } SDLS_TLV_t; #define SDLS_TLV_SIZE (sizeof(SDLS_TLV_t)) typedef struct { - uint16_t ekid; // Encrypted Key ID - uint8_t ek[KEY_SIZE]; // Encrypted Key + uint16_t ekid; // Encrypted Key ID + uint8_t ek[KEY_SIZE]; // Encrypted Key } SDLS_EKB_t; #define SDLS_EKB_SIZE (sizeof(SDLS_EKB_t)) typedef struct { - uint16_t mkid; // Master Key ID - uint8_t iv[IV_SIZE]; // Initialization Vector - SDLS_EKB_t EKB[SDLS_EKB_LEN]; // Encrypted Key Block - uint8_t mac[MAC_SIZE]; // Message Authentication Code + uint16_t mkid; // Master Key ID + uint8_t iv[IV_SIZE]; // Initialization Vector + SDLS_EKB_t EKB[SDLS_EKB_LEN]; // Encrypted Key Block + uint8_t mac[MAC_SIZE]; // Message Authentication Code } SDLS_OTAR_t; #define SDLS_OTAR_SIZE (sizeof(SDLS_OTAR_t)) @@ -160,15 +161,15 @@ typedef struct typedef struct { - uint16_t kid : 16; // Key ID - uint16_t key_state : 8; // Key state -} __attribute__ ((packed)) SDLS_KEY_INVENTORY_RPLY_t; + uint16_t kid : 16; // Key ID + uint16_t key_state : 8; // Key state +} __attribute__((packed)) SDLS_KEY_INVENTORY_RPLY_t; #define SDLS_KEY_INVENTORY_RPLY_SIZE (sizeof(SDLS_KEY_INVENTORY_RPLY_t)) typedef struct { - uint16_t kid : 16; // Key ID - uint8_t challenge[CHALLENGE_SIZE]; // Key Challenge + uint16_t kid : 16; // Key ID + uint8_t challenge[CHALLENGE_SIZE]; // Key Challenge } SDLS_KEYV_CMD_BLK_t; #define SDLS_KEYV_CMD_BLK_SIZE (sizeof(SDLS_KEYV_CMD_BLK_t)) @@ -180,14 +181,13 @@ typedef struct typedef struct { - uint16_t kid : 16; // Key ID - uint8_t iv[IV_SIZE]; // Key Initialization Vector - uint8_t challenged[CHALLENGE_SIZE]; // Encrypted Challenge - uint8_t mac[CHALLENGE_MAC_SIZE]; // Challenge Message Authentication Code + uint16_t kid : 16; // Key ID + uint8_t iv[IV_SIZE]; // Key Initialization Vector + uint8_t challenged[CHALLENGE_SIZE]; // Encrypted Challenge + uint8_t mac[CHALLENGE_MAC_SIZE]; // Challenge Message Authentication Code } SDLS_KEYV_RPLY_BLK_t; #define SDLS_KEYV_RPLY_BLK_SIZE (sizeof(SDLS_KEYV_RPLY_BLK_t)) - typedef struct { SDLS_KEYV_RPLY_BLK_t blk[SDLS_KEY_VERIFY_BLK_SIZE]; // Key Verification Reply Block @@ -197,31 +197,30 @@ typedef struct typedef struct { uint16_t kid : 16; // Key ID - uint8_t challenged[SDLS_CHALLENGED_SIZE]; + uint8_t challenged[SDLS_CHALLENGED_SIZE]; } SDLS_KEYDB_CMD_t; #define SDLS_KEYDB_CMD_SIZE (sizeof(SDLS_KEYDB_CMD_t)) - typedef struct { - uint16_t kid : 16; // Key ID - uint8_t iv[IV_SIZE]; // Initialization Vector - uint8_t challenged[SDLS_CHALLENGED_SIZE]; // Encrypted Challenge - uint8_t cmac[SDLS_CMAC_SIZE]; // Challenge Message Authentication Code + uint16_t kid : 16; // Key ID + uint8_t iv[IV_SIZE]; // Initialization Vector + uint8_t challenged[SDLS_CHALLENGED_SIZE]; // Encrypted Challenge + uint8_t cmac[SDLS_CMAC_SIZE]; // Challenge Message Authentication Code } SDLS_KEYDB_RPLY_t; #define SDLS_KEYDB_RPLY_SIZE (sizeof(SDLS_KEYDB_RPLY_t)) typedef struct { uint16_t spi : 16; // Security Parameter Index - uint8_t lpid : 8; // Procedure ID from Last State Transition or Current State -} __attribute__ ((packed)) SDLS_SA_STATUS_RPLY_t; + uint8_t lpid : 8; // Procedure ID from Last State Transition or Current State +} __attribute__((packed)) SDLS_SA_STATUS_RPLY_t; #define SDLS_SA_STATUS_RPLY_SIZE (sizeof(SDLS_SA_STATUS_RPLY_t)) typedef struct { uint16_t spi : 16; // Security Parameter Index - uint8_t arsn[ARSN_SIZE]; // Anti-Replay Sequence Number + uint8_t arsn[ARSN_SIZE]; // Anti-Replay Sequence Number } SDLS_SA_READ_ARSN_RPLY_t; #define SDLS_SA_READ_ARSN_RPLY_SIZE (sizeof(SDLS_SA_READ_ARSN_RPLY_t)) @@ -234,10 +233,10 @@ typedef struct typedef struct { - uint8_t emt : 8; // Event Message Tag - uint16_t em_len : 16; // Event Message Length - uint8_t emv[EMV_SIZE]; // Event Message Value -} __attribute__ ((packed)) SDLS_MC_DUMP_RPLY_t; + uint8_t emt : 8; // Event Message Tag + uint16_t em_len : 16; // Event Message Length + uint8_t emv[EMV_SIZE]; // Event Message Value +} __attribute__((packed)) SDLS_MC_DUMP_RPLY_t; #define SDLS_MC_DUMP_RPLY_SIZE (sizeof(SDLS_MC_DUMP_RPLY_t)) typedef struct @@ -270,43 +269,43 @@ typedef struct uint8_t cc : 1; // Control Command // 0 = Type D: Transfer Frame is Data Unit // 1 = Type C: Contron Command (for COP) - uint8_t spare : 2; // Reserved Spare - Shall be 00 + uint8_t spare : 2; // Reserved Spare - Shall be 00 uint16_t scid : 10; // Spacecraft ID // Master Channel ID (MCID) = TFVN + SCID - uint8_t vcid : 6; // Virtual Channel ID + uint8_t vcid : 6; // Virtual Channel ID uint16_t fl : 10; // The whole transfer frame length (max 1024) - uint8_t fsn : 8; // Frame sequence number, also N(S), zeroed on Type-B frames + uint8_t fsn : 8; // Frame sequence number, also N(S), zeroed on Type-B frames } TC_FramePrimaryHeader_t; #define TC_FRAME_PRIMARYHEADER_STRUCT_SIZE (sizeof(TC_FramePrimaryHeader_t)) -#define TC_FRAME_HEADER_SIZE 5 +#define TC_FRAME_HEADER_SIZE 5 typedef struct { - uint8_t sh : TC_SH_SIZE; // Segment Header + uint8_t sh : TC_SH_SIZE; // Segment Header uint16_t spi; // Security Parameter Index - uint8_t iv[IV_SIZE]; // Initialization Vector for encryption - uint8_t iv_field_len; - uint8_t sn[SN_SIZE]; // Sequence Number for anti-replay - uint8_t sn_field_len; - uint8_t pad[PAD_SIZE]; // Count of the used fill Bytes - uint8_t pad_field_len; + uint8_t iv[IV_SIZE]; // Initialization Vector for encryption + uint8_t iv_field_len; + uint8_t sn[SN_SIZE]; // Sequence Number for anti-replay + uint8_t sn_field_len; + uint8_t pad[PAD_SIZE]; // Count of the used fill Bytes + uint8_t pad_field_len; } TC_FrameSecurityHeader_t; #define TC_FRAME_SECHEADER_SIZE (sizeof(TC_FrameSecurityHeader_t)) typedef struct { - uint8_t mac[MAC_SIZE]; // Message Authentication Code - uint8_t mac_field_len; - uint16_t fecf; // Frame Error Control Field + uint8_t mac[MAC_SIZE]; // Message Authentication Code + uint8_t mac_field_len; + uint16_t fecf; // Frame Error Control Field } TC_FrameSecurityTrailer_t; #define TC_FRAME_SECTRAILER_SIZE (sizeof(TC_FrameSecurityTrailer_t)) typedef struct { - TC_FramePrimaryHeader_t tc_header; - TC_FrameSecurityHeader_t tc_sec_header; - uint8_t tc_pdu[TC_FRAME_DATA_SIZE]; - uint16_t tc_pdu_len; + TC_FramePrimaryHeader_t tc_header; + TC_FrameSecurityHeader_t tc_sec_header; + uint8_t tc_pdu[TC_FRAME_DATA_SIZE]; + uint16_t tc_pdu_len; TC_FrameSecurityTrailer_t tc_sec_trailer; } TC_t; #define TC_SIZE (sizeof(TC_t)) @@ -316,11 +315,11 @@ typedef struct */ typedef struct { - uint8_t pvn : 3; // Packet Version Number - uint8_t type : 1; // Type = 1 - uint8_t shdr : 1; // Data Field Header Flag + uint8_t pvn : 3; // Packet Version Number + uint8_t type : 1; // Type = 1 + uint8_t shdr : 1; // Data Field Header Flag uint16_t appID : 11; // Application ID - uint8_t seq : 2; // Sequence Flags + uint8_t seq : 2; // Sequence Flags uint16_t pktid : 14; // Sequence Count uint16_t pkt_length : 16; // Packet Length } CCSDS_HDR_t; @@ -342,14 +341,14 @@ typedef struct { CCSDS_HDR_t hdr; CCSDS_PUS_t pus; - SDLS_TLV_t pdu; + SDLS_TLV_t pdu; } CCSDS_t; #define CCSDS_SIZE (sizeof(CCSDS_t)) /* ** Operational Control Field definition ** Telemetry frames can reply with either of these in their OCF field: -** 1) A Communications Control Link Word -or- +** 1) A Communications Control Link Word -or- ** 2) A Frame Security Report */ @@ -377,14 +376,14 @@ typedef struct // INFO: This is the Frame Security Report register format typedef struct { - uint8_t cwt : 1; // Control Word Type "1" - uint8_t fvn : 3; // FSR Version Number "100" - uint8_t af : 1; // Alarm Flag - uint8_t bsnf : 1; // Bad Sequence Number Flag - uint8_t bmf : 1; // Bad Mac Flag - uint8_t bsaf : 1; // Bad Security Association Flag + uint8_t cwt : 1; // Control Word Type "1" + uint8_t fvn : 3; // FSR Version Number "100" + uint8_t af : 1; // Alarm Flag + uint8_t bsnf : 1; // Bad Sequence Number Flag + uint8_t bmf : 1; // Bad Mac Flag + uint8_t bsaf : 1; // Bad Security Association Flag uint16_t lspi : 16; // Last SPI Used - uint8_t snv : 8; // Sequence Number Value (LSB) + uint8_t snv : 8; // Sequence Number Value (LSB) } Telemetry_Frame_Fsr_t; #define TELEMETRY_FRAME_OCF_SIZE (sizeof(Telemetry_Frame_Fsr_t)) @@ -394,14 +393,14 @@ typedef struct */ typedef struct { - uint8_t tfvn : 2; // Transfer Frame Version Number + uint8_t tfvn : 2; // Transfer Frame Version Number uint16_t scid : 10; // Spacecraft ID - uint8_t vcid : 3; // Virtual Channel ID - uint8_t ocff : 1; // Describes whether OCF is present or not - uint8_t mcfc : 8; // Master Channel Frame Count (modulo-256) - uint8_t vcfc : 8; // Virtual Channel Frame Count (modulo-256) - uint8_t tfsh : 1; // Transfer Frame Secondary Header - uint8_t sf : 1; // Sync Flag + uint8_t vcid : 3; // Virtual Channel ID + uint8_t ocff : 1; // Describes whether OCF is present or not + uint8_t mcfc : 8; // Master Channel Frame Count (modulo-256) + uint8_t vcfc : 8; // Virtual Channel Frame Count (modulo-256) + uint8_t tfsh : 1; // Transfer Frame Secondary Header + uint8_t sf : 1; // Sync Flag // 0 = Payload is either idle data or octet synchronized forward-ordered packets // 1 = Data is a virtual channel access data unit uint8_t pof : 1; // Packet Order Flag @@ -418,29 +417,29 @@ typedef struct typedef struct { - uint16_t spi; // Security Parameter Index - uint8_t iv[IV_SIZE]; // Initialization Vector for encryption + uint16_t spi; // Security Parameter Index + uint8_t iv[IV_SIZE]; // Initialization Vector for encryption } TM_FrameSecurityHeader_t; #define TM_FRAME_SECHEADER_SIZE (sizeof(TM_FrameSecurityHeader_t)) typedef struct { - uint8_t mac[MAC_SIZE]; // Message Authentication Code - uint8_t ocf[OCF_SIZE]; // Operational Control Field - uint16_t fecf; // Frame Error Control Field + uint8_t mac[MAC_SIZE]; // Message Authentication Code + uint8_t ocf[OCF_SIZE]; // Operational Control Field + uint16_t fecf; // Frame Error Control Field } TM_FrameSecurityTrailer_t; #define TM_FRAME_SECTRAILER_SIZE (sizeof(TM_FrameSecurityTrailer_t)) typedef struct { - TM_FramePrimaryHeader_t tm_header; - TM_FrameSecurityHeader_t tm_sec_header; - uint8_t tm_pdu[TM_FRAME_DATA_SIZE]; + TM_FramePrimaryHeader_t tm_header; + TM_FrameSecurityHeader_t tm_sec_header; + uint8_t tm_pdu[TM_FRAME_DATA_SIZE]; TM_FrameSecurityTrailer_t tm_sec_trailer; } TM_t; #define TM_SIZE (sizeof(TM_t)) -#define TM_MIN_SIZE \ +#define TM_MIN_SIZE \ (TM_FRAME_PRIMARYHEADER_SIZE + TM_FRAME_SECHEADER_SIZE + TM_FRAME_SECTRAILER_SIZE + TM_FRAME_CLCW_SIZE) /* @@ -448,54 +447,54 @@ typedef struct */ typedef struct { - uint8_t tfvn : 2; // Transfer Frame Version Number - // Shall be set to '01' (732.0b4 Section 4.1.2.2.2) - uint16_t scid : 8; // Spacecraft ID - uint8_t vcid : 6; // Virtual Channel ID - // To be all zeros if only one VC used (732.0b4 Section 4.1.2.3) - long vcfc : 24; // Virtual Channel Frame Count (modulo-16,777,216) + uint8_t tfvn : 2; // Transfer Frame Version Number + // Shall be set to '01' (732.0b4 Section 4.1.2.2.2) + uint16_t scid : 8; // Spacecraft ID + uint8_t vcid : 6; // Virtual Channel ID + // To be all zeros if only one VC used (732.0b4 Section 4.1.2.3) + long vcfc : 24; // Virtual Channel Frame Count (modulo-16,777,216) /* Begin TF Signalling Field */ - uint8_t rf : 1; // Replay Flag - uint8_t sf : 1; // VC Frame Count Usgae Flag - // 0 = Payload is either idle data or octet synchronized forward-ordered packets - // 1 = Data is a virtual channel access data unit - uint8_t spare : 2; // Reserved Spare - // 0 = Shall be set to 0 - // Sync Flag 1 = Undefined - uint8_t vfcc : 2; // VC Frame Count cycle - // Sync Flag 0 = Shall be 11 - // Sync Flag 1 = Undefined - uint16_t fhp : 11; // First Header Pointer - // Sync Flag 0 = Contains position of the first byte of the first packet in the data field - // Sync Flag 1 = undefined + uint8_t rf : 1; // Replay Flag + uint8_t sf : 1; // VC Frame Count Usgae Flag + // 0 = Payload is either idle data or octet synchronized forward-ordered packets + // 1 = Data is a virtual channel access data unit + uint8_t spare : 2; // Reserved Spare + // 0 = Shall be set to 0 + // Sync Flag 1 = Undefined + uint8_t vfcc : 2; // VC Frame Count cycle + // Sync Flag 0 = Shall be 11 + // Sync Flag 1 = Undefined + uint16_t fhp : 11; // First Header Pointer + // Sync Flag 0 = Contains position of the first byte of the first packet in the data field + // Sync Flag 1 = undefined } AOS_FramePrimaryHeader_t; #define AOS_FRAME_PRIMARYHEADER_SIZE (sizeof(AOS_FramePrimaryHeader_t)) typedef struct { - uint16_t spi; // Security Parameter Index - uint8_t iv[IV_SIZE]; // Initialization Vector for encryption + uint16_t spi; // Security Parameter Index + uint8_t iv[IV_SIZE]; // Initialization Vector for encryption } AOS_FrameSecurityHeader_t; #define AOS_FRAME_SECHEADER_SIZE (sizeof(AOS_FrameSecurityHeader_t)) typedef struct { - uint8_t mac[MAC_SIZE]; // Message Authentication Code - uint8_t ocf[OCF_SIZE]; // Operational Control Field - uint16_t fecf; // Frame Error Control Field + uint8_t mac[MAC_SIZE]; // Message Authentication Code + uint8_t ocf[OCF_SIZE]; // Operational Control Field + uint16_t fecf; // Frame Error Control Field } AOS_FrameSecurityTrailer_t; #define AOS_FRAME_SECTRAILER_SIZE (sizeof(AOS_FrameSecurityTrailer_t)) typedef struct { - AOS_FramePrimaryHeader_t tm_header; - AOS_FrameSecurityHeader_t tm_sec_header; - uint8_t aos_pdu[AOS_FRAME_DATA_SIZE]; + AOS_FramePrimaryHeader_t tm_header; + AOS_FrameSecurityHeader_t tm_sec_header; + uint8_t aos_pdu[AOS_FRAME_DATA_SIZE]; AOS_FrameSecurityTrailer_t aos_sec_trailer; } AOS_t; #define AOS_SIZE (sizeof(AOS_t)) -#define AOS_MIN_SIZE \ +#define AOS_MIN_SIZE \ (AOS_FRAME_PRIMARYHEADER_SIZE + AOS_FRAME_SECHEADER_SIZE + AOS_FRAME_SECTRAILER_SIZE + AOS_FRAME_OCF_SIZE) -#endif //CRYPTO_STRUCTS_H \ No newline at end of file +#endif // CRYPTO_STRUCTS_H \ No newline at end of file diff --git a/include/cryptography_interface.h b/include/cryptography_interface.h index 93df7ac5..a75791af 100644 --- a/include/cryptography_interface.h +++ b/include/cryptography_interface.h @@ -33,54 +33,35 @@ typedef struct int32_t (*cryptography_init)(void); int32_t (*cryptography_shutdown)(void); // Cryptography Interface Functions - int32_t (*cryptography_encrypt)(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len,uint8_t* ecs, uint8_t padding, char* cam_cookies); - int32_t (*cryptography_decrypt)(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* ecs, uint8_t* acs, char* cam_cookies); - int32_t (*cryptography_authenticate)(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, // For key index or key references (when key not passed in explicitly via key param) - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies); - int32_t (*cryptography_validate_authentication)(uint8_t* data_out, size_t len_data_out, - const uint8_t* data_in, const size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - const uint8_t* iv, uint32_t iv_len, - const uint8_t* mac, uint32_t mac_size, - const uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies); - int32_t (*cryptography_aead_encrypt)(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t encrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies); - int32_t (*cryptography_aead_decrypt)(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* aad, uint32_t aad_len, - uint8_t* mac, uint32_t mac_size, - uint8_t decrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies); + int32_t (*cryptography_encrypt)(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t padding, char *cam_cookies); + int32_t (*cryptography_decrypt)(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t *acs, char *cam_cookies); + int32_t (*cryptography_authenticate)(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, // For key index or key references (when key not + // passed in explicitly via key param) + uint8_t *iv, uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies); + int32_t (*cryptography_validate_authentication)(uint8_t *data_out, size_t len_data_out, const uint8_t *data_in, + const size_t len_data_in, uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, const uint8_t *iv, uint32_t iv_len, + const uint8_t *mac, uint32_t mac_size, const uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies); + int32_t (*cryptography_aead_encrypt)(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t encrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies); + int32_t (*cryptography_aead_decrypt)(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *aad, uint32_t aad_len, uint8_t *mac, + uint32_t mac_size, uint8_t decrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies); int32_t (*cryptography_get_acs_algo)(int8_t algo_enum); int32_t (*cryptography_get_ecs_algo)(int8_t algo_enum); - } CryptographyInterfaceStruct, *CryptographyInterface; @@ -89,4 +70,4 @@ CryptographyInterface get_cryptography_interface_kmc_crypto_service(void); CryptographyInterface get_cryptography_interface_wolfssl(void); CryptographyInterface get_cryptography_interface_custom(void); -#endif //CRYPTOLIB_CRYPTOGRAPHY_INTERFACE_H +#endif // CRYPTOLIB_CRYPTOGRAPHY_INTERFACE_H diff --git a/include/key_interface.h b/include/key_interface.h index 71760002..9e76acff 100644 --- a/include/key_interface.h +++ b/include/key_interface.h @@ -24,22 +24,22 @@ /* Structures */ typedef struct { - uint8_t value[KEY_SIZE]; + uint8_t value[KEY_SIZE]; uint32_t key_len; - uint8_t key_state : 4; + uint8_t key_state : 4; } crypto_key_t; #define CRYPTO_KEY_SIZE (sizeof(crypto_key_t)) typedef struct { /* Key Interface, SDLS */ - crypto_key_t* (*get_key)(uint32_t key_id); + crypto_key_t *(*get_key)(uint32_t key_id); int32_t (*key_init)(void); int32_t (*key_shutdown)(void); /* Key Interface, SDLS-EP */ -} KeyInterfaceStruct, *KeyInterface; +} KeyInterfaceStruct, *KeyInterface; /* Prototypes */ KeyInterface get_key_interface_custom(void); diff --git a/include/mc_interface.h b/include/mc_interface.h index 3318d34c..ab1c0922 100644 --- a/include/mc_interface.h +++ b/include/mc_interface.h @@ -28,7 +28,7 @@ typedef struct int32_t (*mc_initialize)(void); void (*mc_log)(int32_t error_code); int32_t (*mc_shutdown)(void); - + /* MC Interface, SDLS-EP */ /* int32_t (*mc_ping)(); @@ -38,8 +38,8 @@ typedef struct int32_t (*mc_self_test)(void); int32_t (*mc_alarm_reset_flag)(void); */ - -} McInterfaceStruct, *McInterface; + +} McInterfaceStruct, *McInterface; /* Prototypes */ McInterface get_mc_interface_custom(void); diff --git a/include/sa_interface.h b/include/sa_interface.h index f403f1c2..25f8b604 100644 --- a/include/sa_interface.h +++ b/include/sa_interface.h @@ -33,15 +33,15 @@ typedef struct int32_t (*sa_init)(void); int32_t (*sa_close)(void); // Security Association Interaction Functions - int32_t (*sa_get_from_spi)(uint16_t, SecurityAssociation_t** ); - int32_t (*sa_get_operational_sa_from_gvcid)(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t**); - int32_t (*sa_save_sa)(SecurityAssociation_t* ); + int32_t (*sa_get_from_spi)(uint16_t, SecurityAssociation_t **); + int32_t (*sa_get_operational_sa_from_gvcid)(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t **); + int32_t (*sa_save_sa)(SecurityAssociation_t *); // Security Association Utility Functions int32_t (*sa_stop)(void); - int32_t (*sa_start)(TC_t* tc_frame); + int32_t (*sa_start)(TC_t *tc_frame); int32_t (*sa_expire)(void); int32_t (*sa_rekey)(void); - int32_t (*sa_status)(uint8_t* ); + int32_t (*sa_status)(uint8_t *); int32_t (*sa_create)(void); int32_t (*sa_setARSN)(void); int32_t (*sa_setARSNW)(void); @@ -54,4 +54,4 @@ SaInterface get_sa_interface_inmemory(void); SaInterface get_sa_interface_mariadb(void); // SaInterface init_parse_sa_routine(uint8_t* ); -#endif //CRYPTOLIB_SA_INTERFACE_H +#endif // CRYPTOLIB_SA_INTERFACE_H diff --git a/src/core/crypto.c b/src/core/crypto.c index eb8a7cd9..90d9080b 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -34,30 +34,30 @@ CFS_MODULE_DECLARE_LIB(crypto); */ // crypto_key_t ak_ring[NUM_KEYS]; // SDLS Replies -SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // Reply block for challenged keys -uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; -CCSDS_t sdls_frame; +SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // Reply block for challenged keys +uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; +CCSDS_t sdls_frame; // TM_t tm_frame; -uint8_t tm_frame[TM_MAX_FRAME_SIZE]; // TM Global Frame -TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication -TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication +uint8_t tm_frame[TM_MAX_FRAME_SIZE]; // TM Global Frame +TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication +TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // AOS_t aos_frame -uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame -AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication -AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication +uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame +AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication +AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication // OCF -uint8_t ocf = 0; -SDLS_FSR_t report; +uint8_t ocf = 0; +SDLS_FSR_t report; Telemetry_Frame_Clcw_t clcw; // Flags -SDLS_MC_LOG_RPLY_t log_summary; +SDLS_MC_LOG_RPLY_t log_summary; SDLS_MC_DUMP_BLK_RPLY_t mc_log; -uint8_t log_count = 0; -uint16_t tm_offset = 0; +uint8_t log_count = 0; +uint16_t tm_offset = 0; // ESA Testing - 0 = disabled, 1 = enabled -uint8_t badSPI = 0; -uint8_t badIV = 0; -uint8_t badMAC = 0; +uint8_t badSPI = 0; +uint8_t badIV = 0; +uint8_t badMAC = 0; uint8_t badFECF = 0; // CRC uint32_t crc32Table[CRC32TBL_SIZE]; @@ -72,9 +72,9 @@ uint16_t crc16Table[CRC16TBL_SIZE]; * Null terminates the entire array for EKREF * @param sa: SecurityAssocation_t* **/ -void clean_ekref(SecurityAssociation_t* sa) +void clean_ekref(SecurityAssociation_t *sa) { - for(int y = 0; y < REF_SIZE; y++) + for (int y = 0; y < REF_SIZE; y++) { sa->ek_ref[y] = '\0'; } @@ -85,9 +85,9 @@ void clean_ekref(SecurityAssociation_t* sa) * Null terminates the entire array for AKREF * @param sa: SecurityAssocation_t* **/ -void clean_akref(SecurityAssociation_t* sa) +void clean_akref(SecurityAssociation_t *sa) { - for(int y = 0; y < REF_SIZE; y++) + for (int y = 0; y < REF_SIZE; y++) { sa->ak_ref[y] = '\0'; } @@ -104,7 +104,8 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) int status = CRYPTO_FALSE; // Determine if AEAD Algorithm - if ((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC) || (cipher_suite_id == CRYPTO_CIPHER_AES256_GCM_SIV)) + if ((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC) || + (cipher_suite_id == CRYPTO_CIPHER_AES256_GCM_SIV)) { #ifdef DEBUG printf(KYEL "CRYPTO IS AEAD? : TRUE\n" RESET); @@ -128,8 +129,8 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) * @param length: int * @return int32: Success/Failure **/ -int32_t Crypto_increment(uint8_t* num, int length) -{ +int32_t Crypto_increment(uint8_t *num, int length) +{ int status = CRYPTO_LIB_SUCCESS; int i; if (num == NULL) @@ -168,14 +169,14 @@ int32_t Crypto_increment(uint8_t* num, int length) * @param window: int * @return int32: Success/Failure **/ -int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window) +int32_t Crypto_window(uint8_t *actual, uint8_t *expected, int length, int window) { - int status = CRYPTO_LIB_ERROR; - int return_code = 0; - int result = 0; + int status = CRYPTO_LIB_ERROR; + int return_code = 0; + int result = 0; uint8_t temp[length]; - int i; - int j; + int i; + int j; // Check Null Pointers if (actual == NULL) @@ -183,7 +184,7 @@ int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window #ifdef DEBUG printf("Crypto_Window expected ptr is NULL\n"); #endif - status = CRYPTO_LIB_ERROR; + status = CRYPTO_LIB_ERROR; return_code = 1; } if (expected == NULL) @@ -191,7 +192,7 @@ int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window #ifdef DEBUG printf("Crypto_Window expected ptr is NULL\n"); #endif - status = CRYPTO_LIB_ERROR; + status = CRYPTO_LIB_ERROR; return_code = 1; } // Check for special case where received value is all 0's and expected is all 0's (won't have -1 in sa!) @@ -206,7 +207,7 @@ int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window } if (zero_case == CRYPTO_TRUE) { - status = CRYPTO_LIB_SUCCESS; + status = CRYPTO_LIB_SUCCESS; return_code = 1; } if (return_code != 1) @@ -248,23 +249,23 @@ int32_t Crypto_window(uint8_t* actual, uint8_t* expected, int length, int window * @param appID: uint8 * @return uint8: Count **/ -uint8_t Crypto_Prep_Reply(uint8_t* reply, uint8_t appID) +uint8_t Crypto_Prep_Reply(uint8_t *reply, uint8_t appID) { uint8_t count = 0; if (reply == NULL) return count; // Prepare CCSDS for reply - sdls_frame.hdr.pvn = 0; - sdls_frame.hdr.type = 0; - sdls_frame.hdr.shdr = 1; + sdls_frame.hdr.pvn = 0; + sdls_frame.hdr.type = 0; + sdls_frame.hdr.shdr = 1; sdls_frame.hdr.appID = appID; sdls_frame.pdu.hdr.type = 1; // Fill reply with reply header reply[count++] = (sdls_frame.hdr.pvn << 5) | (sdls_frame.hdr.type << 4) | (sdls_frame.hdr.shdr << 3) | - ((sdls_frame.hdr.appID & 0x700 >> 8)); + ((sdls_frame.hdr.appID & 0x700 >> 8)); reply[count++] = (sdls_frame.hdr.appID & 0x00FF); reply[count++] = (sdls_frame.hdr.seq << 6) | ((sdls_frame.hdr.pktid & 0x3F00) >> 8); reply[count++] = (sdls_frame.hdr.pktid & 0x00FF); @@ -281,16 +282,15 @@ uint8_t Crypto_Prep_Reply(uint8_t* reply, uint8_t appID) } // Fill reply with Tag and Length - reply[count++] = - (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | (sdls_frame.pdu.hdr.pid); + reply[count++] = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | + (sdls_frame.pdu.hdr.pid); reply[count++] = (sdls_frame.pdu.hdr.pdu_len & 0xFF00) >> 8; reply[count++] = (sdls_frame.pdu.hdr.pdu_len & 0x00FF); return count; } - -int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t* buffer, uint16_t* length) +int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t *buffer, uint16_t *length) { int32_t status = CRYPTO_LIB_SUCCESS; // Length to be pulled from packet header @@ -328,14 +328,14 @@ int32_t Crypto_Get_Sdls_Ep_Reply(uint8_t* buffer, uint16_t* length) * @param len_ingest: int * @return uint16: FECF **/ -uint16_t Crypto_Calc_FECF(const uint8_t* ingest, int len_ingest) +uint16_t Crypto_Calc_FECF(const uint8_t *ingest, int len_ingest) { uint16_t fecf = 0xFFFF; uint16_t poly = 0x1021; // This polynomial is (CRC-CCITT) for ESA testing, may not match standard protocol - uint8_t bit; - uint8_t c15; - int i; - int j; + uint8_t bit; + uint8_t c15; + int i; + int j; for (i = 0; i < len_ingest; i++) { // Byte Logic @@ -374,7 +374,7 @@ uint16_t Crypto_Calc_FECF(const uint8_t* ingest, int len_ingest) * @param size: int * @return uint16: CRC **/ -uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) +uint16_t Crypto_Calc_CRC16(uint8_t *data, int size) { // Code provided by ESA uint16_t crc = 0xFFFF; @@ -396,7 +396,7 @@ uint16_t Crypto_Calc_CRC16(uint8_t* data, int size) * @param tc_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) +int32_t Crypto_PDU(uint8_t *ingest, TC_t *tc_frame) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -405,50 +405,50 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) { status = CRYPTO_LIB_ERR_NULL_BUFFER; } - + if (status == CRYPTO_LIB_SUCCESS) { switch (sdls_frame.pdu.hdr.type) { - case PDU_TYPE_COMMAND: - switch (sdls_frame.pdu.hdr.uf) - { - case PDU_USER_FLAG_FALSE: // CCSDS Defined Command - switch (sdls_frame.pdu.hdr.sg) + case PDU_TYPE_COMMAND: + switch (sdls_frame.pdu.hdr.uf) { - case SG_KEY_MGMT: // Key Management Procedure - status = Crypto_SG_KEY_MGMT(ingest, tc_frame); - break; - case SG_SA_MGMT: // Security Association Management Procedure - status = Crypto_SG_SA_MGMT(ingest, tc_frame); - break; - case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure - status = Crypto_SEC_MON_CTRL(ingest); - break; - default: // ERROR + case PDU_USER_FLAG_FALSE: // CCSDS Defined Command + switch (sdls_frame.pdu.hdr.sg) + { + case SG_KEY_MGMT: // Key Management Procedure + status = Crypto_SG_KEY_MGMT(ingest, tc_frame); + break; + case SG_SA_MGMT: // Security Association Management Procedure + status = Crypto_SG_SA_MGMT(ingest, tc_frame); + break; + case SG_SEC_MON_CTRL: // Security Monitoring & Control Procedure + status = Crypto_SEC_MON_CTRL(ingest); + break; + default: // ERROR #ifdef PDU_DEBUG - printf(KRED "Error: Crypto_PDU failed interpreting Service Group! \n" RESET); + printf(KRED "Error: Crypto_PDU failed interpreting Service Group! \n" RESET); #endif - break; - } - break; - - case PDU_USER_FLAG_TRUE: // User Defined Command - switch (sdls_frame.pdu.hdr.sg) - { - default: - status = Crypto_USER_DEFINED_CMD(ingest); - break; + break; + } + break; + + case PDU_USER_FLAG_TRUE: // User Defined Command + switch (sdls_frame.pdu.hdr.sg) + { + default: + status = Crypto_USER_DEFINED_CMD(ingest); + break; + } + break; } break; - } - break; - case PDU_TYPE_REPLY: + case PDU_TYPE_REPLY: #ifdef PDU_DEBUG - printf(KRED "Error: Crypto_PDU failed interpreting PDU Type! Received a Reply!?! \n" RESET); + printf(KRED "Error: Crypto_PDU failed interpreting PDU Type! Received a Reply!?! \n" RESET); #endif - break; + break; } } return status; @@ -461,7 +461,7 @@ int32_t Crypto_PDU(uint8_t* ingest, TC_t* tc_frame) * @param tc_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame) +int32_t Crypto_SG_KEY_MGMT(uint8_t *ingest, TC_t *tc_frame) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.hdr.pid) @@ -504,7 +504,8 @@ int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame) break; default: #ifdef PDU_DEBUG - printf(KRED "Error: Crypto_PDU failed interpreting Key Management Procedure Identification Field! \n" RESET); + printf(KRED + "Error: Crypto_PDU failed interpreting Key Management Procedure Identification Field! \n" RESET); #endif break; } @@ -518,7 +519,7 @@ int32_t Crypto_SG_KEY_MGMT(uint8_t* ingest, TC_t* tc_frame) * @param tc_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) +int32_t Crypto_SG_SA_MGMT(uint8_t *ingest, TC_t *tc_frame) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.hdr.pid) @@ -598,7 +599,7 @@ int32_t Crypto_SG_SA_MGMT(uint8_t* ingest, TC_t* tc_frame) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest) +int32_t Crypto_SEC_MON_CTRL(uint8_t *ingest) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.hdr.pid) @@ -654,54 +655,54 @@ int32_t Crypto_SEC_MON_CTRL(uint8_t* ingest) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest) +int32_t Crypto_USER_DEFINED_CMD(uint8_t *ingest) { int status = CRYPTO_LIB_SUCCESS; switch (sdls_frame.pdu.hdr.pid) { - case PID_IDLE_FRAME_TRIGGER: + case PID_IDLE_FRAME_TRIGGER: #ifdef PDU_DEBUG printf(KMAG "User Idle Trigger\n" RESET); #endif status = Crypto_User_IdleTrigger(ingest); break; - case PID_TOGGLE_BAD_SPI: + case PID_TOGGLE_BAD_SPI: #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad SPI\n" RESET); #endif status = Crypto_User_BadSPI(); break; - case PID_TOGGLE_BAD_IV: + case PID_TOGGLE_BAD_IV: #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad IV\n" RESET); #endif status = Crypto_User_BadIV(); break; - case PID_TOGGLE_BAD_MAC: + case PID_TOGGLE_BAD_MAC: #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad MAC\n" RESET); #endif status = Crypto_User_BadMAC(); break; - case PID_TOGGLE_BAD_FECF: + case PID_TOGGLE_BAD_FECF: #ifdef PDU_DEBUG printf(KMAG "User Toggle Bad FECF\n" RESET); #endif status = Crypto_User_BadFECF(); break; - case PID_MODIFY_KEY: + case PID_MODIFY_KEY: #ifdef PDU_DEBUG printf(KMAG "User Modify Key\n" RESET); #endif status = Crypto_User_ModifyKey(); break; - case PID_MODIFY_ACTIVE_TM: + case PID_MODIFY_ACTIVE_TM: #ifdef PDU_DEBUG printf(KMAG "User Modify Active TM\n" RESET); #endif status = Crypto_User_ModifyActiveTM(); break; - case PID_MODIFY_VCID: + case PID_MODIFY_VCID: #ifdef PDU_DEBUG printf(KMAG "User Modify VCID\n" RESET); #endif @@ -726,8 +727,8 @@ int32_t Crypto_USER_DEFINED_CMD(uint8_t* ingest) * @return int32: Success/Failure **/ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uint8_t vcid, - GvcidManagedParameters_t* managed_parameters_in, - GvcidManagedParameters_t* managed_parameters_out) + GvcidManagedParameters_t *managed_parameters_in, + GvcidManagedParameters_t *managed_parameters_out) { int32_t status = MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND; // Check gvcid counter against a max @@ -737,22 +738,22 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin } if (status != CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT) { - for(int i = 0; i < gvcid_counter; i++) + for (int i = 0; i < gvcid_counter; i++) { if (managed_parameters_in[i].tfvn == tfvn && managed_parameters_in[i].scid == scid && managed_parameters_in[i].vcid == vcid) { *managed_parameters_out = managed_parameters_in[i]; - status = CRYPTO_LIB_SUCCESS; + status = CRYPTO_LIB_SUCCESS; break; } } - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { #ifdef DEBUG - printf(KRED "Error: Managed Parameters for GVCID(TFVN: %d, SCID: %d, VCID: %d) not found. \n" RESET, tfvn, scid, - vcid); + printf(KRED "Error: Managed Parameters for GVCID(TFVN: %d, SCID: %d, VCID: %d) not found. \n" RESET, tfvn, + scid, vcid); #endif } } @@ -766,10 +767,10 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin * @return int32: Success/Failure * @note TODO - Actually update based on variable config **/ -int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uint8_t* ingest) +int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uint8_t *ingest) { int32_t status = CRYPTO_LIB_SUCCESS; - int x; + int x; // Check for null pointers if (tc_sdls_processed_frame == NULL) { @@ -786,7 +787,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin printf(KGRN "Received SDLS command: " RESET); #endif // CCSDS Header - sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; + sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; sdls_frame.hdr.appID = @@ -794,23 +795,25 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; sdls_frame.hdr.pktid = ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; - sdls_frame.hdr.pkt_length = (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + sdls_frame.hdr.pkt_length = + (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; // CCSDS PUS - sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; - sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; - sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); - sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; - sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; - sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; + sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; + sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; + sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); + sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; + sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; + sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); // SDLS TLV PDU sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; for (x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) { sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; @@ -831,11 +834,11 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; for (x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) { // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely @@ -858,7 +861,6 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin return status; } // End Process SDLS PDU - /** * @brief Function: Crypto_Check_Anti_Replay_Verify_Pointers * Sanity Check, validates pointers, verifies non-null @@ -867,7 +869,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t* tc_sdls_processed_frame, uin * @param iv: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t* sa_ptr, uint8_t* arsn, uint8_t* iv) +int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t *sa_ptr, uint8_t *arsn, uint8_t *iv) { int32_t status = CRYPTO_LIB_SUCCESS; if (sa_ptr == NULL) // #177 - Modification made per suggestion of 'Spicydll' - prevents null dereference @@ -896,7 +898,7 @@ int32_t Crypto_Check_Anti_Replay_Verify_Pointers(SecurityAssociation_t* sa_ptr, * @param arsn_valid: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* arsn, int8_t* arsn_valid) +int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t *sa_ptr, uint8_t *arsn, int8_t *arsn_valid) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -911,7 +913,7 @@ int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* a { // Check Sequence Number is in ARSNW status = Crypto_window(arsn, sa_ptr->arsn, sa_ptr->arsn_len, sa_ptr->arsnw); - #ifdef DEBUG +#ifdef DEBUG printf("Received ARSN is\n\t"); for (int i = 0; i < sa_ptr->arsn_len; i++) { @@ -924,7 +926,7 @@ int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* a } printf("\nARSNW is: %d\n", sa_ptr->arsnw); printf("Status from Crypto_Window is: %d\n", status); - #endif +#endif if (status != CRYPTO_LIB_SUCCESS) { return CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW; @@ -946,7 +948,7 @@ int32_t Crypto_Check_Anti_Replay_ARSNW(SecurityAssociation_t* sa_ptr, uint8_t* a * @param iv_valid: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, int8_t* iv_valid) +int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t *sa_ptr, uint8_t *iv, int8_t *iv_valid) { int32_t status = CRYPTO_LIB_SUCCESS; if ((sa_ptr->iv_len > 0) && (sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM)) @@ -959,14 +961,16 @@ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, if (status == CRYPTO_LIB_SUCCESS) { // Check IV is in ARSNW - if(crypto_config.crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) + if (crypto_config.crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) { status = Crypto_window(iv, sa_ptr->iv, sa_ptr->iv_len, sa_ptr->arsnw); } else // SA_INCREMENT_NONTRANSMITTED_IV_FALSE { - // Whole IV gets checked in MAC validation previously, this only verifies transmitted portion is what we expect. - status = Crypto_window(iv, sa_ptr->iv + (sa_ptr->iv_len - sa_ptr->shivf_len), sa_ptr->shivf_len, sa_ptr->arsnw); + // Whole IV gets checked in MAC validation previously, this only verifies transmitted portion is what we + // expect. + status = Crypto_window(iv, sa_ptr->iv + (sa_ptr->iv_len - sa_ptr->shivf_len), sa_ptr->shivf_len, + sa_ptr->arsnw); } #ifdef DEBUG printf("Received IV is\n\t"); @@ -1004,29 +1008,30 @@ int32_t Crypto_Check_Anti_Replay_GCM(SecurityAssociation_t* sa_ptr, uint8_t* iv, * @param iv: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t* sa_ptr, uint8_t* arsn, uint8_t* iv) +int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, uint8_t *iv) { - int32_t status = CRYPTO_LIB_SUCCESS; - int8_t iv_valid = -1; - int8_t arsn_valid = -1; + int32_t status = CRYPTO_LIB_SUCCESS; + int8_t iv_valid = -1; + int8_t arsn_valid = -1; // Check for NULL pointers status = Crypto_Check_Anti_Replay_Verify_Pointers(sa_ptr, arsn, iv); // If sequence number field is greater than zero, check for replay - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { status = Crypto_Check_Anti_Replay_ARSNW(sa_ptr, arsn, &arsn_valid); } // If IV is greater than zero and using GCM, check for replay - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { status = Crypto_Check_Anti_Replay_GCM(sa_ptr, iv, &iv_valid); } // For GCM specifically, if have a valid IV... - if ((sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM || sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM_SIV) && (iv_valid == CRYPTO_TRUE)) + if ((sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM || sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM_SIV) && + (iv_valid == CRYPTO_TRUE)) { // Using ARSN? Need to be valid to increment both if (sa_ptr->arsn_len > 0 && arsn_valid == CRYPTO_TRUE) @@ -1042,12 +1047,13 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t* sa_ptr, uint8_t* arsn, u } // If not GCM, and ARSN is valid - can incrmeent it - if ((sa_ptr->ecs != CRYPTO_CIPHER_AES256_GCM && sa_ptr->ecs != CRYPTO_CIPHER_AES256_GCM_SIV) && arsn_valid == CRYPTO_TRUE) + if ((sa_ptr->ecs != CRYPTO_CIPHER_AES256_GCM && sa_ptr->ecs != CRYPTO_CIPHER_AES256_GCM_SIV) && + arsn_valid == CRYPTO_TRUE) { memcpy(sa_ptr->arsn, arsn, sa_ptr->arsn_len); } - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { // Log error if it happened mc_if->mc_log(status); @@ -1057,59 +1063,59 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t* sa_ptr, uint8_t* arsn, u } /** -* @brief: Function: Crypto_Get_ECS_Algo_Keylen -* For a given ECS algorithm, return the associated key length in bytes -* @param algo: uint8_t -* @return int32: Key Length -**/ + * @brief: Function: Crypto_Get_ECS_Algo_Keylen + * For a given ECS algorithm, return the associated key length in bytes + * @param algo: uint8_t + * @return int32: Key Length + **/ int32_t Crypto_Get_ECS_Algo_Keylen(uint8_t algo) { int32_t retval = -1; switch (algo) { - case CRYPTO_CIPHER_AES256_GCM: - retval = AES256_GCM_KEYLEN; - break; - case CRYPTO_CIPHER_AES256_GCM_SIV: - retval = AES256_GCM_SIV_KEYLEN; - break; - case CRYPTO_CIPHER_AES256_CBC: - retval = AES256_CBC_KEYLEN; - break; - case CRYPTO_CIPHER_AES256_CCM: - retval = AES256_CCM_KEYLEN; - break; - default: - break; + case CRYPTO_CIPHER_AES256_GCM: + retval = AES256_GCM_KEYLEN; + break; + case CRYPTO_CIPHER_AES256_GCM_SIV: + retval = AES256_GCM_SIV_KEYLEN; + break; + case CRYPTO_CIPHER_AES256_CBC: + retval = AES256_CBC_KEYLEN; + break; + case CRYPTO_CIPHER_AES256_CCM: + retval = AES256_CCM_KEYLEN; + break; + default: + break; } return retval; } /** -* @brief: Function: Crypto_Get_ACS_Algo_Keylen -* For a given ACS algorithm, return the associated key length in bytes -* @param algo: uint8_t -* @return int32: Key Length -**/ + * @brief: Function: Crypto_Get_ACS_Algo_Keylen + * For a given ACS algorithm, return the associated key length in bytes + * @param algo: uint8_t + * @return int32: Key Length + **/ int32_t Crypto_Get_ACS_Algo_Keylen(uint8_t algo) { int32_t retval = -1; switch (algo) { - case CRYPTO_MAC_CMAC_AES256: - retval = CMAC_AES256_KEYLEN; - break; - case CRYPTO_MAC_HMAC_SHA256: - retval = HMAC_SHA256_KEYLEN; - break; - case CRYPTO_MAC_HMAC_SHA512: - retval = HMAC_SHA512_KEYLEN; - break; - default: - break; + case CRYPTO_MAC_CMAC_AES256: + retval = CMAC_AES256_KEYLEN; + break; + case CRYPTO_MAC_HMAC_SHA256: + retval = HMAC_SHA256_KEYLEN; + break; + case CRYPTO_MAC_HMAC_SHA512: + retval = HMAC_SHA512_KEYLEN; + break; + default: + break; } return retval; diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index a45bbcd6..50af7e82 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -28,10 +28,10 @@ * @param ingest: uint8_t* * @param len_ingest: int* * @return int32: Success/Failure - * + * * The AOS ApplySecurity Payload shall consist of the portion of the AOS Transfer Frame (see * reference [1]) from the first octet of the Transfer Frame Primary Header to the last octet of - * the Transfer Frame Data Field. + * the Transfer Frame Data Field. * NOTES * 1 The AOS Transfer Frame is the fixed-length protocol data unit of the AOS Space Data * Link Protocol. The length of any Transfer Frame transferred on a physical channel is @@ -40,25 +40,25 @@ * parameter includes the Security Header field. When the ApplySecurity Function is * called, the Security Header field is empty; i.e., the caller has not set any values in the * Security Header - **/ -int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) + **/ +int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer) { - int32_t status = CRYPTO_LIB_SUCCESS; - int mac_loc = 0; - uint8_t aad[1786]; - uint16_t aad_len = 0; - int i = 0; - uint16_t data_loc; - uint16_t idx = 0; - uint8_t sa_service_type = -1; - uint16_t pdu_len = -1; - uint32_t pkcs_padding = 0; - uint16_t new_fecf = 0x0000; - uint8_t ecs_is_aead_algorithm; - SecurityAssociation_t* sa_ptr = NULL; - uint8_t tfvn = 0; - uint16_t scid = 0; - uint16_t vcid = 0; + int32_t status = CRYPTO_LIB_SUCCESS; + int mac_loc = 0; + uint8_t aad[1786]; + uint16_t aad_len = 0; + int i = 0; + uint16_t data_loc; + uint16_t idx = 0; + uint8_t sa_service_type = -1; + uint16_t pdu_len = -1; + uint32_t pkcs_padding = 0; + uint16_t new_fecf = 0x0000; + uint8_t ecs_is_aead_algorithm; + SecurityAssociation_t *sa_ptr = NULL; + uint8_t tfvn = 0; + uint16_t scid = 0; + uint16_t vcid = 0; // Passed a null, return an error if (!pTfBuffer) @@ -71,7 +71,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) printf(KRED "ERROR: CryptoLib Configuration Not Set! -- CRYPTO_LIB_ERR_NO_CONFIG, Will Exit\n" RESET); status = CRYPTO_LIB_ERR_NO_CONFIG; // Can't mc_log since it's not configured - return status; // return immediately so a NULL crypto_config is not dereferenced later + return status; // return immediately so a NULL crypto_config is not dereferenced later } tfvn = ((uint8_t)pTfBuffer[0] & 0xC0) >> 6; @@ -83,10 +83,10 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) printf("The following GVCID parameters will be used:\n"); printf("\tTVFN: 0x%04X\t", tfvn); printf("\tSCID: 0x%04X", scid); - printf("\tVCID: 0x%04X",vcid); + printf("\tVCID: 0x%04X", vcid); printf("\tMAP: %d\n", 0); printf("\tPriHdr as follows:\n\t\t"); - for (int i =0; i<6; i++) + for (int i = 0; i < 6; i++) { printf("%02X", (uint8_t)pTfBuffer[i]); } @@ -105,7 +105,8 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) return status; } - status = Crypto_Get_Managed_Parameters_For_Gvcid(tfvn, scid, vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = Crypto_Get_Managed_Parameters_For_Gvcid(tfvn, scid, vcid, gvcid_managed_parameters_array, + ¤t_managed_parameters_struct); // No managed parameters found if (status != CRYPTO_LIB_SUCCESS) @@ -119,7 +120,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) #ifdef AOS_DEBUG printf(KYEL "AOS BEFORE Apply Sec:\n\t" RESET); - for (int16_t i =0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int16_t i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { printf("%02X", pTfBuffer[i]); } @@ -167,18 +168,18 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) #ifdef AOS_DEBUG switch (sa_service_type) { - case SA_PLAINTEXT: - printf(KBLU "Creating a SDLS AOS - CLEAR!\n" RESET); - break; - case SA_AUTHENTICATION: - printf(KBLU "Creating a SDLS AOS - AUTHENTICATED!\n" RESET); - break; - case SA_ENCRYPTION: - printf(KBLU "Creating a SDLS AOS - ENCRYPTED!\n" RESET); - break; - case SA_AUTHENTICATED_ENCRYPTION: - printf(KBLU "Creating a SDLS AOS - AUTHENTICATED ENCRYPTION!\n" RESET); - break; + case SA_PLAINTEXT: + printf(KBLU "Creating a SDLS AOS - CLEAR!\n" RESET); + break; + case SA_AUTHENTICATION: + printf(KBLU "Creating a SDLS AOS - AUTHENTICATED!\n" RESET); + break; + case SA_ENCRYPTION: + printf(KBLU "Creating a SDLS AOS - ENCRYPTED!\n" RESET); + break; + case SA_AUTHENTICATED_ENCRYPTION: + printf(KBLU "Creating a SDLS AOS - AUTHENTICATED ENCRYPTION!\n" RESET); + break; } #endif @@ -186,13 +187,13 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) idx = 6; // Detect if optional 2 byte FHEC is present - if(current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) + if (current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) { idx += 2; } // Detect if optional variable length Insert Zone is present - if(current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) + if (current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) { idx += current_managed_parameters_struct.aos_iz_len; } @@ -205,7 +206,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) **/ // Set SPI - pTfBuffer[idx] = ((sa_ptr->spi & 0xFF00) >> 8); + pTfBuffer[idx] = ((sa_ptr->spi & 0xFF00) >> 8); pTfBuffer[idx + 1] = (sa_ptr->spi & 0x00FF); idx += 2; @@ -227,7 +228,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) printf("\n" RESET); } #endif - if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs_len == 0 && sa_ptr->acs_len == 0) + if (sa_service_type != SA_PLAINTEXT && sa_ptr->ecs_len == 0 && sa_ptr->acs_len == 0) { status = CRYPTO_LIB_ERR_NULL_CIPHERS; #ifdef AOS_DEBUG @@ -240,17 +241,18 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) return status; } - if(sa_ptr->est == 0 && sa_ptr->ast == 1) + if (sa_ptr->est == 0 && sa_ptr->ast == 1) { - if(sa_ptr->acs_len != 0) + if (sa_ptr->acs_len != 0) { - if((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && - sa_ptr->iv_len > 0 ) - { - status = CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; - mc_if->mc_log(status); - return status; - } + if ((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || + sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && + sa_ptr->iv_len > 0) + { + status = CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; + mc_if->mc_log(status); + return status; + } } } // Start index from the transmitted portion @@ -288,18 +290,18 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) **/ // TODO: Set this depending on crypto cipher used - if(pkcs_padding) + if (pkcs_padding) { - uint8_t hex_padding[3] = {0}; //TODO: Create #Define for the 3 - pkcs_padding = pkcs_padding & 0x00FFFFFF; // Truncate to be maxiumum of 3 bytes in size - + uint8_t hex_padding[3] = {0}; // TODO: Create #Define for the 3 + pkcs_padding = pkcs_padding & 0x00FFFFFF; // Truncate to be maxiumum of 3 bytes in size + // Byte Magic hex_padding[0] = (pkcs_padding >> 16) & 0xFF; - hex_padding[1] = (pkcs_padding >> 8) & 0xFF; - hex_padding[2] = (pkcs_padding) & 0xFF; - + hex_padding[1] = (pkcs_padding >> 8) & 0xFF; + hex_padding[2] = (pkcs_padding)&0xFF; + uint8_t padding_start = 0; - padding_start = 3 - sa_ptr->shplf_len; + padding_start = 3 - sa_ptr->shplf_len; for (i = 0; i < sa_ptr->shplf_len; i++) { @@ -307,21 +309,21 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) idx++; } } - + /** * End Security Header Fields **/ - //TODO: Padding handled here, or TO? - // for (uint32_t i = 0; i < pkcs_padding; i++) - // { - // /** 4.1.1.5.2 The Pad Length field shall contain the count of fill bytes used in the - // * cryptographic process, consisting of an integral number of octets. - CCSDS 3550b1 - // **/ - // // TODO: Set this depending on crypto cipher used - // * (p_new_enc_frame + index + i) = (uint8_t)pkcs_padding; // How much padding is needed? - // // index++; - // } + // TODO: Padding handled here, or TO? + // for (uint32_t i = 0; i < pkcs_padding; i++) + // { + // /** 4.1.1.5.2 The Pad Length field shall contain the count of fill bytes used in the + // * cryptographic process, consisting of an integral number of octets. - CCSDS 3550b1 + // **/ + // // TODO: Set this depending on crypto cipher used + // * (p_new_enc_frame + index + i) = (uint8_t)pkcs_padding; // How much padding is needed? + // // index++; + // } /** * ~~~Index currently at start of data field, AKA end of security header~~~ @@ -330,11 +332,11 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) // Calculate size of data to be encrypted pdu_len = current_managed_parameters_struct.max_frame_size - idx - sa_ptr->stmacf_len; // Check other managed parameter flags, subtract their lengths from data field if present - if(current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { pdu_len -= 4; } - if(current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { pdu_len -= 2; } @@ -343,12 +345,12 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) printf(KYEL "Data location starts at: %d\n" RESET, idx); printf(KYEL "Data size is: %d\n" RESET, pdu_len); printf(KYEL "Index at end of SPI is: %d\n", idx); - if(current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { // If OCF exists, comes immediately after MAC printf(KYEL "OCF Location is: %d" RESET, idx + pdu_len + sa_ptr->stmacf_len); } - if(current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { // If FECF exists, comes just before end of the frame printf(KYEL "FECF Location is: %d\n" RESET, current_managed_parameters_struct.max_frame_size - 2); @@ -356,8 +358,8 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) #endif // Get Key - crypto_key_t* ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); if (ekp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; @@ -365,8 +367,8 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) return status; } - crypto_key_t* akp = NULL; - akp = key_if->get_key(sa_ptr->akid); + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); if (akp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; @@ -384,7 +386,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) if (sa_service_type == SA_AUTHENTICATED_ENCRYPTION || sa_service_type == SA_AUTHENTICATION) { - mac_loc = idx+pdu_len; + mac_loc = idx + pdu_len; #ifdef MAC_DEBUG printf(KYEL "MAC location is: %d\n" RESET, mac_loc); printf(KYEL "MAC size is: %d\n" RESET, sa_ptr->stmacf_len); @@ -392,12 +394,13 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) // Prepare the Header AAD (CCSDS 335.0-B-2 4.2.3.4) aad_len = idx; // At the very least AAD includes the header - if (sa_service_type == SA_AUTHENTICATION) // auth only, we authenticate the payload as part of the AEAD encrypt call here + if (sa_service_type == + SA_AUTHENTICATION) // auth only, we authenticate the payload as part of the AEAD encrypt call here { aad_len += pdu_len; } #ifdef AOS_DEBUG - printf("Calculated AAD Length: %d\n",aad_len); + printf("Calculated AAD Length: %d\n", aad_len); #endif if (sa_ptr->abm_len < aad_len) { @@ -411,162 +414,167 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) } // AEAD Algorithm Logic - if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) + if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { - if(sa_service_type == SA_ENCRYPTION) + if (sa_service_type == SA_ENCRYPTION) { - status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles - (uint8_t*)(&pTfBuffer[data_loc]), // ciphertext output - (size_t) pdu_len, // length of data - (uint8_t*)(&pTfBuffer[data_loc]), // plaintext input - (size_t) pdu_len, // in data length - from start of frame to end of data - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - pkcs_padding, // authentication cipher - NULL); - } - if(sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + status = + cryptography_if + ->cryptography_encrypt( // Stub out data in/out as this is done in place and want to save cycles + (uint8_t *)(&pTfBuffer[data_loc]), // ciphertext output + (size_t)pdu_len, // length of data + (uint8_t *)(&pTfBuffer[data_loc]), // plaintext input + (size_t)pdu_len, // in data length - from start of frame to end of data + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + pkcs_padding, // authentication cipher + NULL); + } + if (sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - status = cryptography_if->cryptography_aead_encrypt((uint8_t*)(&pTfBuffer[data_loc]), // ciphertext output - (size_t) pdu_len, // length of data - (uint8_t*)(&pTfBuffer[data_loc]), // plaintext input - (size_t) pdu_len, // in data length - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &pTfBuffer[mac_loc], // tag output - sa_ptr->stmacf_len, // tag size - aad, // AAD Input - aad_len, // Length of AAD - (sa_ptr->est==1), - (sa_ptr->ast==1), - (sa_ptr->ast==1), - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher - NULL); + status = cryptography_if->cryptography_aead_encrypt( + (uint8_t *)(&pTfBuffer[data_loc]), // ciphertext output + (size_t)pdu_len, // length of data + (uint8_t *)(&pTfBuffer[data_loc]), // plaintext input + (size_t)pdu_len, // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &pTfBuffer[mac_loc], // tag output + sa_ptr->stmacf_len, // tag size + aad, // AAD Input + aad_len, // Length of AAD + (sa_ptr->est == 1), (sa_ptr->ast == 1), (sa_ptr->ast == 1), + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher + NULL); } } - else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm + else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm + { + // TODO - implement non-AEAD algorithm logic + if (sa_service_type == SA_AUTHENTICATION) { - // TODO - implement non-AEAD algorithm logic - if(sa_service_type == SA_AUTHENTICATION) - { - status = cryptography_if->cryptography_authenticate(//Stub out data in/out as this is done in place and want to save cycles - (uint8_t*)(&pTfBuffer[0]), // ciphertext output - (size_t) 0, // length of data - (uint8_t*)(&pTfBuffer[0]), // plaintext input - (size_t)0, // in data length - from start of frame to end of data - &(akp->value[0]), // Key - Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &pTfBuffer[mac_loc], // tag output - sa_ptr->stmacf_len, // tag size - aad, // AAD Input - aad_len, // Length of AAD - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher - NULL); - } - else if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) - { - if (sa_service_type == SA_ENCRYPTION) - { - status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles - (uint8_t*)(&pTfBuffer[data_loc]), // ciphertext output - (size_t) pdu_len, // length of data - (uint8_t*)(&pTfBuffer[data_loc]), // plaintext input - (size_t) pdu_len, // in data length - from start of frame to end of data - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - pkcs_padding, // authentication cipher - NULL); - } - } - else if(sa_service_type == SA_PLAINTEXT) + status = cryptography_if->cryptography_authenticate( // Stub out data in/out as this is done in place and + // want to save cycles + (uint8_t *)(&pTfBuffer[0]), // ciphertext output + (size_t)0, // length of data + (uint8_t *)(&pTfBuffer[0]), // plaintext input + (size_t)0, // in data length - from start of frame to end of data + &(akp->value[0]), // Key + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &pTfBuffer[mac_loc], // tag output + sa_ptr->stmacf_len, // tag size + aad, // AAD Input + aad_len, // Length of AAD + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher + NULL); + } + else if (sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + { + if (sa_service_type == SA_ENCRYPTION) { - // Do nothing, SDLS fields were already copied into static frame in memory + status = + cryptography_if + ->cryptography_encrypt( // Stub out data in/out as this is done in place and want to save cycles + (uint8_t *)(&pTfBuffer[data_loc]), // ciphertext output + (size_t)pdu_len, // length of data + (uint8_t *)(&pTfBuffer[data_loc]), // plaintext input + (size_t)pdu_len, // in data length - from start of frame to end of data + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + pkcs_padding, // authentication cipher + NULL); } - else{ + } + else if (sa_service_type == SA_PLAINTEXT) + { + // Do nothing, SDLS fields were already copied into static frame in memory + } + else + { #ifdef AOS_DEBUG - printf(KRED "Service type reported as: %d\n" RESET, sa_service_type); - printf(KRED "ECS IS AEAD Value: %d\n" RESET, ecs_is_aead_algorithm); + printf(KRED "Service type reported as: %d\n" RESET, sa_service_type); + printf(KRED "ECS IS AEAD Value: %d\n" RESET, ecs_is_aead_algorithm); #endif - status = CRYPTO_LIB_ERR_UNSUPPORTED_MODE; - } + status = CRYPTO_LIB_ERR_UNSUPPORTED_MODE; } + } - if (status != CRYPTO_LIB_SUCCESS) - { - return status; // Cryptography IF call failed, return. - } + if (status != CRYPTO_LIB_SUCCESS) + { + return status; // Cryptography IF call failed, return. + } - if (sa_service_type != SA_PLAINTEXT) - { + if (sa_service_type != SA_PLAINTEXT) + { #ifdef INCREMENT - if (crypto_config.crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) - { - if (sa_ptr->shivf_len > 0 && sa_ptr->iv_len != 0) - { - Crypto_increment(sa_ptr->iv, sa_ptr->iv_len); - } - } - else // SA_INCREMENT_NONTRANSMITTED_IV_FALSE + if (crypto_config.crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) + { + if (sa_ptr->shivf_len > 0 && sa_ptr->iv_len != 0) { - // Only increment the transmitted portion - if (sa_ptr->shivf_len > 0 && sa_ptr->iv_len != 0) - { - Crypto_increment(sa_ptr->iv + (sa_ptr->iv_len - sa_ptr->shivf_len), sa_ptr->shivf_len); - } + Crypto_increment(sa_ptr->iv, sa_ptr->iv_len); } - if (sa_ptr->shsnf_len > 0) + } + else // SA_INCREMENT_NONTRANSMITTED_IV_FALSE + { + // Only increment the transmitted portion + if (sa_ptr->shivf_len > 0 && sa_ptr->iv_len != 0) { - Crypto_increment(sa_ptr->arsn, sa_ptr->arsn_len); + Crypto_increment(sa_ptr->iv + (sa_ptr->iv_len - sa_ptr->shivf_len), sa_ptr->shivf_len); } + } + if (sa_ptr->shsnf_len > 0) + { + Crypto_increment(sa_ptr->arsn, sa_ptr->arsn_len); + } #ifdef SA_DEBUG - if (sa_ptr->iv_len > 0) - { - printf(KYEL "Next IV value is:\n\t"); - for (i = 0; i < sa_ptr->iv_len; i++) - { - printf("%02x", *(sa_ptr->iv + i)); - } - printf("\n" RESET); - printf(KYEL "Next transmitted IV value is:\n\t"); - for (i = sa_ptr->iv_len - sa_ptr->shivf_len; i < sa_ptr->iv_len; i++) - { - printf("%02x", *(sa_ptr->iv + i)); - } - printf("\n" RESET); - } - printf(KYEL "Next ARSN value is:\n\t"); - for (i = 0; i < sa_ptr->arsn_len; i++) + if (sa_ptr->iv_len > 0) + { + printf(KYEL "Next IV value is:\n\t"); + for (i = 0; i < sa_ptr->iv_len; i++) { - printf("%02x", *(sa_ptr->arsn + i)); + printf("%02x", *(sa_ptr->iv + i)); } printf("\n" RESET); - printf(KYEL "Next transmitted ARSN value is:\n\t"); - for (i = sa_ptr->arsn_len - sa_ptr->shsnf_len; i < sa_ptr->arsn_len; i++) + printf(KYEL "Next transmitted IV value is:\n\t"); + for (i = sa_ptr->iv_len - sa_ptr->shivf_len; i < sa_ptr->iv_len; i++) { - printf("%02x", *(sa_ptr->arsn + i)); + printf("%02x", *(sa_ptr->iv + i)); } printf("\n" RESET); + } + printf(KYEL "Next ARSN value is:\n\t"); + for (i = 0; i < sa_ptr->arsn_len; i++) + { + printf("%02x", *(sa_ptr->arsn + i)); + } + printf("\n" RESET); + printf(KYEL "Next transmitted ARSN value is:\n\t"); + for (i = sa_ptr->arsn_len - sa_ptr->shsnf_len; i < sa_ptr->arsn_len; i++) + { + printf("%02x", *(sa_ptr->arsn + i)); + } + printf("\n" RESET); #endif #endif - } + } // Move idx to mac location idx += pdu_len; @@ -583,7 +591,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) } #endif -//TODO OCF - ? Here, elsewhere? + // TODO OCF - ? Here, elsewhere? /** * End Authentication / Encryption @@ -597,7 +605,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) #endif if (crypto_config.crypto_create_fecf == CRYPTO_AOS_CREATE_FECF_TRUE) { - new_fecf = Crypto_Calc_FECF((uint8_t*)pTfBuffer, current_managed_parameters_struct.max_frame_size - 2); + new_fecf = Crypto_Calc_FECF((uint8_t *)pTfBuffer, current_managed_parameters_struct.max_frame_size - 2); pTfBuffer[current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)((new_fecf & 0xFF00) >> 8); pTfBuffer[current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)(new_fecf & 0x00FF); } @@ -611,7 +619,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) #ifdef AOS_DEBUG printf(KYEL "Printing new AOS frame:\n\t"); - for(int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { printf("%02X", pTfBuffer[i]); } @@ -819,11 +827,10 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) &(aad[0]), // AAD Input location sa_ptr->abm_len, // AAD is size of ABM in this case CRYPTO_TRUE, // Encrypt - CRYPTO_FALSE, // Authenticate // TODO -- Set to SA value, manually setting to false here so existing tests pass. Existing data was generated with authenticate then encrypt, when it should have been encrypt then authenticate. - CRYPTO_TRUE, // Use AAD - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher - NULL // cam_cookies (not supported in AOS functions yet) + CRYPTO_FALSE, // Authenticate // TODO -- Set to SA value, +manually setting to false here so existing tests pass. Existing data was generated with authenticate then encrypt, when +it should have been encrypt then authenticate. CRYPTO_TRUE, // Use AAD sa_ptr->ecs, // encryption cipher sa_ptr->acs, // +authentication cipher NULL // cam_cookies (not supported in AOS functions yet) ); @@ -876,23 +883,24 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) * @param ingest: uint8_t* * @param len_ingest: int* * @return int32: Success/Failure - **/ -int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length) + **/ +int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame, + uint16_t *p_decrypted_length) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t aad[1786]; - uint16_t aad_len = 0; - uint16_t byte_idx = 0; - uint8_t ecs_is_aead_algorithm; - uint32_t encryption_cipher = 0; - uint8_t iv_loc; - int mac_loc = 0; - uint16_t pdu_len = 1; - uint8_t* p_new_dec_frame = NULL; - SecurityAssociation_t* sa_ptr = NULL; - uint8_t sa_service_type = -1; - uint8_t spi = -1; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t aad[1786]; + uint16_t aad_len = 0; + uint16_t byte_idx = 0; + uint8_t ecs_is_aead_algorithm; + uint32_t encryption_cipher = 0; + uint8_t iv_loc; + int mac_loc = 0; + uint16_t pdu_len = 1; + uint8_t *p_new_dec_frame = NULL; + SecurityAssociation_t *sa_ptr = NULL; + uint8_t sa_service_type = -1; + uint8_t spi = -1; // Bit math to give concise access to values in the ingest aos_frame_pri_hdr.tfvn = ((uint8_t)p_ingest[0] & 0xC0) >> 6; @@ -934,13 +942,14 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 #ifdef AOS_DEBUG printf(KGRN "AOS Process Using following parameters:\n\t" RESET); - printf(KGRN "tvfn: %d\t scid: %d\t vcid: %d\n" RESET, aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid ); + printf(KGRN "tvfn: %d\t scid: %d\t vcid: %d\n" RESET, aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, + aos_frame_pri_hdr.vcid); #endif // Lookup-retrieve managed parameters for frame via gvcid: - status = Crypto_Get_Managed_Parameters_For_Gvcid( - aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); if (status != CRYPTO_LIB_SUCCESS) { @@ -982,8 +991,8 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 } #ifdef SA_DEBUG - printf(KYEL "DEBUG - Printing SA Entry for current frame.\n" RESET); - Crypto_saPrint(sa_ptr); + printf(KYEL "DEBUG - Printing SA Entry for current frame.\n" RESET); + Crypto_saPrint(sa_ptr); #endif // Determine SA Service Type if ((sa_ptr->est == 0) && (sa_ptr->ast == 0)) @@ -1032,7 +1041,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(encryption_cipher); } - if ( encryption_cipher == CRYPTO_CIPHER_NONE && sa_ptr->est == 1) + if (encryption_cipher == CRYPTO_CIPHER_NONE && sa_ptr->est == 1) { status = CRYPTO_LIB_ERR_NO_ECS_SET_FOR_ENCRYPTION_MODE; mc_if->mc_log(status); @@ -1042,18 +1051,18 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 #ifdef AOS_DEBUG switch (sa_service_type) { - case SA_PLAINTEXT: - printf(KBLU "Processing a AOS - CLEAR!\n" RESET); - break; - case SA_AUTHENTICATION: - printf(KBLU "Processing a AOS - AUTHENTICATED!\n" RESET); - break; - case SA_ENCRYPTION: - printf(KBLU "Processing a AOS - ENCRYPTED!\n" RESET); - break; - case SA_AUTHENTICATED_ENCRYPTION: - printf(KBLU "Processing a AOS - AUTHENTICATED ENCRYPTION!\n" RESET); - break; + case SA_PLAINTEXT: + printf(KBLU "Processing a AOS - CLEAR!\n" RESET); + break; + case SA_AUTHENTICATION: + printf(KBLU "Processing a AOS - AUTHENTICATED!\n" RESET); + break; + case SA_ENCRYPTION: + printf(KBLU "Processing a AOS - ENCRYPTED!\n" RESET); + break; + case SA_AUTHENTICATED_ENCRYPTION: + printf(KBLU "Processing a AOS - AUTHENTICATED ENCRYPTION!\n" RESET); + break; } #endif @@ -1061,7 +1070,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { uint16_t received_fecf = (((p_ingest[current_managed_parameters_struct.max_frame_size - 2] << 8) & 0xFF00) | - (p_ingest[current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); + (p_ingest[current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); if (crypto_config.crypto_check_fecf == AOS_CHECK_FECF_TRUE) { @@ -1074,7 +1083,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 #ifdef FECF_DEBUG printf("Received FECF is 0x%04X\n", received_fecf); printf("Calculated FECF is 0x%04X\n", calculated_fecf); - printf("FECF was Calced over %d bytes\n", len_ingest-2); + printf("FECF was Calced over %d bytes\n", len_ingest - 2); #endif status = CRYPTO_LIB_ERR_INVALID_FECF; mc_if->mc_log(status); @@ -1094,9 +1103,9 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 else if (current_managed_parameters_struct.has_fecf != AOS_NO_FECF) { #ifdef AOS_DEBUG - printf(KRED "AOS_Process Error...tfvn: %d scid: 0x%04X vcid: 0x%02X fecf_enum: %d\n" RESET, - current_managed_parameters_struct.tfvn, current_managed_parameters_struct.scid, - current_managed_parameters_struct.vcid, current_managed_parameters_struct.has_fecf); + printf(KRED "AOS_Process Error...tfvn: %d scid: 0x%04X vcid: 0x%02X fecf_enum: %d\n" RESET, + current_managed_parameters_struct.tfvn, current_managed_parameters_struct.scid, + current_managed_parameters_struct.vcid, current_managed_parameters_struct.has_fecf); #endif status = CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_AOS_CONFIG; mc_if->mc_log(status); @@ -1104,7 +1113,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 } // Accio buffer - p_new_dec_frame = (uint8_t*)calloc(1, (len_ingest) * sizeof(uint8_t)); + p_new_dec_frame = (uint8_t *)calloc(1, (len_ingest) * sizeof(uint8_t)); if (!p_new_dec_frame) { #ifdef DEBUG @@ -1121,12 +1130,12 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 // Copy over insert zone data, if it exists if (current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) { - memcpy(p_new_dec_frame+6, &p_ingest[6], current_managed_parameters_struct.aos_iz_len); + memcpy(p_new_dec_frame + 6, &p_ingest[6], current_managed_parameters_struct.aos_iz_len); #ifdef AOS_DEBUG printf("Copied over the following:\n\t"); - for (int i=0; i < current_managed_parameters_struct.aos_iz_len;i++) + for (int i = 0; i < current_managed_parameters_struct.aos_iz_len; i++) { - printf("%02X",p_ingest[6+i]); + printf("%02X", p_ingest[6 + i]); } printf("\n"); #endif @@ -1156,13 +1165,13 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 **/ // Calculate size of the protocol data unit - // NOTE: This size itself is not the length for authentication - pdu_len = current_managed_parameters_struct.max_frame_size - (byte_idx) - sa_ptr->stmacf_len; - if(current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + // NOTE: This size itself is not the length for authentication + pdu_len = current_managed_parameters_struct.max_frame_size - (byte_idx)-sa_ptr->stmacf_len; + if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { pdu_len -= 4; } - if(current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { pdu_len -= 2; } @@ -1176,12 +1185,12 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 #ifdef AOS_DEBUG printf(KYEL "Index / data location starts at: %d\n" RESET, byte_idx); printf(KYEL "Data size is: %d\n" RESET, pdu_len); - if(current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { // If OCF exists, comes immediately after MAC printf(KYEL "OCF Location is: %d" RESET, byte_idx + pdu_len + sa_ptr->stmacf_len); } - if(current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { // If FECF exists, comes just before end of the frame printf(KYEL "FECF Location is: %d\n" RESET, current_managed_parameters_struct.max_frame_size - 2); @@ -1189,8 +1198,8 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 #endif // Get Key - crypto_key_t* ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); if (ekp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; @@ -1198,8 +1207,8 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 return status; } - crypto_key_t* akp = NULL; - akp = key_if->get_key(sa_ptr->akid); + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); if (akp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; @@ -1213,9 +1222,9 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 // if(sa_service_type != SA_PLAINTEXT) // { - // status = CRYPTO_LIB_ERR_NULL_CIPHERS; - // mc_if->mc_log(status); - // return status; + // status = CRYPTO_LIB_ERR_NULL_CIPHERS; + // mc_if->mc_log(status); + // return status; // } // Parse MAC, prepare AAD @@ -1223,7 +1232,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 { #ifdef MAC_DEBUG printf("MAC Parsed from Frame:\n\t"); - Crypto_hexprint(p_ingest+mac_loc,sa_ptr->stmacf_len); + Crypto_hexprint(p_ingest + mac_loc, sa_ptr->stmacf_len); #endif if (sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { @@ -1244,13 +1253,12 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 #ifdef MAC_DEBUG printf("AAD Debug:\n\tAAD Length is %d\n\t AAD is: ", aad_len); - for (int i = 0; icryptography_decrypt(p_new_dec_frame+byte_idx, // plaintext output - pdu_len, // length of data - p_ingest+byte_idx, // ciphertext input - pdu_len, // in data length - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA for key reference - p_ingest+iv_loc, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher - NULL); + status = cryptography_if->cryptography_decrypt(p_new_dec_frame + byte_idx, // plaintext output + pdu_len, // length of data + p_ingest + byte_idx, // ciphertext input + pdu_len, // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), + sa_ptr, // SA for key reference + p_ingest + iv_loc, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher + NULL); } - if(sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + if (sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - status = cryptography_if->cryptography_aead_decrypt(p_new_dec_frame+byte_idx, // plaintext output - pdu_len, // length of data - p_ingest+byte_idx, // ciphertext input - pdu_len, // in data length - &(ekp->value[0]), // Key + status = cryptography_if->cryptography_aead_decrypt(p_new_dec_frame + byte_idx, // plaintext output + pdu_len, // length of data + p_ingest + byte_idx, // ciphertext input + pdu_len, // in data length + &(ekp->value[0]), // Key Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA for key reference - p_ingest+iv_loc, // IV. - sa_ptr->iv_len, // IV Length - p_ingest+mac_loc, // Frame Expected Tag + sa_ptr, // SA for key reference + p_ingest + iv_loc, // IV. + sa_ptr->iv_len, // IV Length + p_ingest + mac_loc, // Frame Expected Tag sa_ptr->stmacf_len, // tag size - aad, // additional authenticated data - aad_len, // length of AAD - (sa_ptr->est), // Decryption Bool - (sa_ptr->ast), // Authentication Bool - (sa_ptr->ast), // AAD Bool - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher + aad, // additional authenticated data + aad_len, // length of AAD + (sa_ptr->est), // Decryption Bool + (sa_ptr->ast), // Authentication Bool + (sa_ptr->ast), // AAD Bool + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher NULL); } - } else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) { // TODO - implement non-AEAD algorithm logic - if(sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + if (sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - status = cryptography_if->cryptography_validate_authentication(p_new_dec_frame+byte_idx, // plaintext output - pdu_len, // length of data - p_ingest+byte_idx, // ciphertext input - pdu_len, // in data length - &(akp->value[0]), // Key - Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), - sa_ptr, // SA for key reference - p_ingest+iv_loc, // IV - sa_ptr->iv_len, // IV Length - p_ingest+mac_loc, // Frame Expected Tag - sa_ptr->stmacf_len, // tag size - aad, // additional authenticated data - aad_len, // length of AAD - CRYPTO_CIPHER_NONE, // encryption cipher - sa_ptr->acs, // authentication cipher - NULL); // cam cookies - + status = + cryptography_if->cryptography_validate_authentication(p_new_dec_frame + byte_idx, // plaintext output + pdu_len, // length of data + p_ingest + byte_idx, // ciphertext input + pdu_len, // in data length + &(akp->value[0]), // Key + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), + sa_ptr, // SA for key reference + p_ingest + iv_loc, // IV + sa_ptr->iv_len, // IV Length + p_ingest + mac_loc, // Frame Expected Tag + sa_ptr->stmacf_len, // tag size + aad, // additional authenticated data + aad_len, // length of AAD + CRYPTO_CIPHER_NONE, // encryption cipher + sa_ptr->acs, // authentication cipher + NULL); // cam cookies } - if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + if (sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { // Check that key length to be used emets the algorithm requirement - if((int32_t) ekp->key_len != Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs)) + if ((int32_t)ekp->key_len != Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs)) { // free(aad); - non-heap object status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -1339,48 +1346,48 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8 return status; } - status = cryptography_if->cryptography_decrypt(p_new_dec_frame+byte_idx, // plaintext output - pdu_len, // length of data - p_ingest+byte_idx, // ciphertext input - pdu_len, // in data length - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA for key reference - p_ingest+iv_loc, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher - NULL); - - // //Handle Padding Removal - // if(sa_ptr->shplf_len != 0) - // { - // int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + - // sa_ptr->shsnf_len; - // uint16_t padding_amount = 0; - // // Get Padding Amount from ingest frame - // padding_amount = (int)ingest[padding_location]; - // // Remove Padding from final decrypted portion - // tc_sdls_processed_frame->tc_pdu_len -= padding_amount; - // } + status = cryptography_if->cryptography_decrypt(p_new_dec_frame + byte_idx, // plaintext output + pdu_len, // length of data + p_ingest + byte_idx, // ciphertext input + pdu_len, // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), + sa_ptr, // SA for key reference + p_ingest + iv_loc, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher + NULL); + + // //Handle Padding Removal + // if(sa_ptr->shplf_len != 0) + // { + // int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + + // sa_ptr->shsnf_len; + // uint16_t padding_amount = 0; + // // Get Padding Amount from ingest frame + // padding_amount = (int)ingest[padding_location]; + // // Remove Padding from final decrypted portion + // tc_sdls_processed_frame->tc_pdu_len -= padding_amount; + // } } } - // If plaintext, copy byte by byte - else if(sa_service_type == SA_PLAINTEXT) + // If plaintext, copy byte by byte + else if (sa_service_type == SA_PLAINTEXT) { - memcpy(p_new_dec_frame+byte_idx, &(p_ingest[byte_idx]), pdu_len); + memcpy(p_new_dec_frame + byte_idx, &(p_ingest[byte_idx]), pdu_len); byte_idx += pdu_len; } #ifdef AOS_DEBUG printf(KYEL "\nPrinting received frame:\n\t" RESET); - for( int i=0; imc_log(status); - return status; - } + mc_if->mc_log(status); + return status; +} /** * @brief Function: Crypto_Get_aosLength * Returns the total length of the current aos_frame in BYTES! * @param len: int * @return int32_t Length of AOS - **/ + **/ int32_t Crypto_Get_aosLength(int len) { #ifdef FILL len = AOS_FILL_SIZE; #else - len = AOS_FRAME_PRIMARYHEADER_SIZE + AOS_FRAME_SECHEADER_SIZE + len + AOS_FRAME_SECTRAILER_SIZE + AOS_FRAME_CLCW_SIZE; + len = + AOS_FRAME_PRIMARYHEADER_SIZE + AOS_FRAME_SECHEADER_SIZE + len + AOS_FRAME_SECTRAILER_SIZE + AOS_FRAME_CLCW_SIZE; #endif return len; @@ -1420,7 +1428,7 @@ int32_t Crypto_Get_aosLength(int len) * Update the Telemetry Payload Data Unit * @param ingest: uint8_t* * @param len_ingest: int - **/ + **/ /** void Crypto_AOS_updatePDU(uint8_t* ingest, int len_ingest) { // Copy ingest to PDU @@ -1429,8 +1437,8 @@ void Crypto_AOS_updatePDU(uint8_t* ingest, int len_ingest) // int fill_size = 0; SecurityAssociation_t* sa_ptr; - // Consider a helper function here, or elsewhere, to do all the 'math' in one spot as a global accessible list of variables - if (sa_if->sa_get_from_spi(tm_frame[0], &sa_ptr) != CRYPTO_LIB_SUCCESS) // modify + // Consider a helper function here, or elsewhere, to do all the 'math' in one spot as a global accessible list of +variables if (sa_if->sa_get_from_spi(tm_frame[0], &sa_ptr) != CRYPTO_LIB_SUCCESS) // modify { // TODO - Error handling printf(KRED"Update PDU Error!\n"); @@ -1568,7 +1576,7 @@ void Crypto_AOS_updatePDU(uint8_t* ingest, int len_ingest) /** * @brief Function: Crypto_AOS_updateOCF * Update the AOS OCF - **/ + **/ /** void Crypto_AOS_updateOCF(void) { @@ -1612,11 +1620,11 @@ void Crypto_AOS_updateOCF(void) * @param abm_buffer: uint8_t* * @param aad: uint8_t* * @return status: uint32_t - **/ -uint32_t Crypto_Prepare_AOS_AAD(const uint8_t* buffer, uint16_t len_aad, const uint8_t* abm_buffer, uint8_t* aad) + **/ +uint32_t Crypto_Prepare_AOS_AAD(const uint8_t *buffer, uint16_t len_aad, const uint8_t *abm_buffer, uint8_t *aad) { uint32_t status = CRYPTO_LIB_SUCCESS; - int i; + int i; for (i = 0; i < len_aad; i++) { diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 1ebffd8b..f6a9ceb4 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -26,24 +26,24 @@ ** Global Variables */ CryptographyInterface cryptography_if = NULL; -KeyInterface key_if = NULL; -McInterface mc_if = NULL; -SaInterface sa_if = NULL; +KeyInterface key_if = NULL; +McInterface mc_if = NULL; +SaInterface sa_if = NULL; -SadbMariaDBConfig_t* sa_mariadb_config = NULL; +SadbMariaDBConfig_t *sa_mariadb_config = NULL; CryptoConfig_t crypto_config; -CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config = NULL; -CamConfig_t* cam_config = NULL; +CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config = NULL; +CamConfig_t *cam_config = NULL; -GvcidManagedParameters_t gvcid_managed_parameters_array[GVCID_MAN_PARAM_SIZE]; -int gvcid_counter = 0; -GvcidManagedParameters_t gvcid_null_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +GvcidManagedParameters_t gvcid_managed_parameters_array[GVCID_MAN_PARAM_SIZE]; +int gvcid_counter = 0; +GvcidManagedParameters_t gvcid_null_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; GvcidManagedParameters_t current_managed_parameters_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; -//GvcidManagedParameters_t* gvcid_managed_parameters = NULL; -// GvcidManagedParameters_t* current_managed_parameters = NULL; +// GvcidManagedParameters_t* gvcid_managed_parameters = NULL; +// GvcidManagedParameters_t* current_managed_parameters = NULL; // Free all configuration structs int32_t crypto_free_config_structs(void); @@ -59,23 +59,27 @@ int32_t crypto_free_config_structs(void); int32_t Crypto_SC_Init(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, - TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, - TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, - SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TC - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); TC_UT_Managed_Parameters.vcid = 4; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); // TM - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_HAS_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x0003, 1, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_HAS_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_HAS_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x0003, 1, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_HAS_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); status = Crypto_Init(); return status; @@ -88,21 +92,23 @@ int32_t Crypto_SC_Init(void) int32_t Crypto_Init_TC_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, - TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, - TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, - SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TC Tests - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 4; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); return status; } @@ -114,22 +120,26 @@ int32_t Crypto_Init_TC_Unit_Test(void) int32_t Crypto_Init_TM_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x0003, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x0003, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - TM_UT_Managed_Parameters.scid = 0x002c; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + TM_UT_Managed_Parameters.scid = 0x002c; TM_UT_Managed_Parameters.has_fecf = TM_NO_FECF; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0042, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, TM_HAS_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - TM_UT_Managed_Parameters.scid = 0x0042; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0042, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, TM_HAS_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + TM_UT_Managed_Parameters.scid = 0x0042; TM_UT_Managed_Parameters.has_ocf = TM_HAS_OCF; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); @@ -144,22 +154,26 @@ int32_t Crypto_Init_TM_Unit_Test(void) int32_t Crypto_Init_AOS_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_NO_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - AOS_UT_Managed_Parameters.scid = 0x002c; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_NO_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + AOS_UT_Managed_Parameters.scid = 0x002c; AOS_UT_Managed_Parameters.has_fecf = AOS_NO_FECF; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0042, 0, AOS_NO_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - AOS_UT_Managed_Parameters.scid = 0x0042; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0042, 0, AOS_NO_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + AOS_UT_Managed_Parameters.scid = 0x0042; AOS_UT_Managed_Parameters.has_ocf = AOS_HAS_OCF; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); @@ -173,19 +187,20 @@ int32_t Crypto_Init_AOS_Unit_Test(void) * @param sa_mariadb_config_p: SadbMariaDBConfig_t* * @return int32: Success/Failure **/ -int32_t Crypto_Init_With_Configs(CryptoConfig_t* crypto_config_p, GvcidManagedParameters_t* gvcid_managed_parameters_p, - SadbMariaDBConfig_t* sa_mariadb_config_p, CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config_p) +int32_t Crypto_Init_With_Configs(CryptoConfig_t *crypto_config_p, GvcidManagedParameters_t *gvcid_managed_parameters_p, + SadbMariaDBConfig_t *sa_mariadb_config_p, + CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config_p) { int32_t status = CRYPTO_LIB_SUCCESS; - if(crypto_config_p != NULL) + if (crypto_config_p != NULL) { memcpy(&crypto_config, crypto_config_p, CRYPTO_CONFIG_SIZE); crypto_config.init_status = INITIALIZED; } gvcid_managed_parameters_array[0] = *gvcid_managed_parameters_p; - sa_mariadb_config = sa_mariadb_config_p; - cryptography_kmc_crypto_config = cryptography_kmc_crypto_config_p; - status = Crypto_Init(); + sa_mariadb_config = sa_mariadb_config_p; + cryptography_kmc_crypto_config = cryptography_kmc_crypto_config_p; + status = Crypto_Init(); return status; } @@ -210,11 +225,12 @@ int32_t Crypto_Init(void) return status; // No Managed Parameter configuration set -- return! } -// #ifdef TC_DEBUG + // #ifdef TC_DEBUG // Crypto_mpPrint(gvcid_managed_parameters, 1); -// #endif + // #endif /* Key Interface */ - if (key_if == NULL) { + if (key_if == NULL) + { if (crypto_config.key_type == KEY_TYPE_CUSTOM) { key_if = get_key_interface_custom(); @@ -231,7 +247,8 @@ int32_t Crypto_Init(void) key_if->key_init(); // TODO: Check and return status on error /* MC Interface */ - if (mc_if == NULL) { + if (mc_if == NULL) + { if (crypto_config.mc_type == MC_TYPE_CUSTOM) { mc_if = get_mc_interface_custom(); @@ -248,7 +265,8 @@ int32_t Crypto_Init(void) mc_if->mc_initialize(); // TODO: Check and return status on error /* SA Interface */ - if (sa_if == NULL) { + if (sa_if == NULL) + { // Prepare SA type from config if (crypto_config.sa_type == SA_TYPE_CUSTOM) { @@ -289,7 +307,7 @@ int32_t Crypto_Init(void) cryptography_if = get_cryptography_interface_custom(); } if (cryptography_if == NULL) - { // Note this needs to be the last option in the chain due to addition configuration required + { // Note this needs to be the last option in the chain due to addition configuration required if (cryptography_kmc_crypto_config != NULL) { cryptography_if = get_cryptography_interface_kmc_crypto_service(); @@ -304,31 +322,33 @@ int32_t Crypto_Init(void) } } - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { // Initialize the cryptography library. status = cryptography_if->cryptography_init(); - if(status != CRYPTO_LIB_SUCCESS){ + if (status != CRYPTO_LIB_SUCCESS) + { #ifdef DEBUG fprintf(stderr, "Fatal Error: Unable to initialize Cryptography Interface.\n"); #endif } - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { // Configure the cryptography library. status = cryptography_if->cryptography_config(); } - if(status != CRYPTO_LIB_SUCCESS){ + if (status != CRYPTO_LIB_SUCCESS) + { #ifdef DEBUG fprintf(stderr, "Fatal Error: Unable to configure Cryptography Interface.\n"); #endif } - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { // Init Security Associations status = sa_if->sa_init(); - if (status==CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { status = sa_if->sa_config(); @@ -343,15 +363,15 @@ int32_t Crypto_Init(void) // cFS Standard Initialized Message #ifdef DEBUG printf(KBLU "Crypto Lib Intialized. Version %d.%d.%d.%d\n" RESET, CRYPTO_LIB_MAJOR_VERSION, - CRYPTO_LIB_MINOR_VERSION, CRYPTO_LIB_REVISION, CRYPTO_LIB_MISSION_REV); + CRYPTO_LIB_MINOR_VERSION, CRYPTO_LIB_REVISION, CRYPTO_LIB_MISSION_REV); #endif } else { - #ifdef DEBUG - printf(KBLU "Error, Crypto Lib NOT Intialized, sa_init() returned error:%d. Version .%d.%d.%d\n" RESET, CRYPTO_LIB_MAJOR_VERSION, - CRYPTO_LIB_MINOR_VERSION, CRYPTO_LIB_REVISION, CRYPTO_LIB_MISSION_REV); - #endif +#ifdef DEBUG + printf(KBLU "Error, Crypto Lib NOT Intialized, sa_init() returned error:%d. Version .%d.%d.%d\n" RESET, + CRYPTO_LIB_MAJOR_VERSION, CRYPTO_LIB_MINOR_VERSION, CRYPTO_LIB_REVISION, CRYPTO_LIB_MISSION_REV); +#endif } } } @@ -370,28 +390,28 @@ int32_t Crypto_Shutdown(void) crypto_free_config_structs(); - //current_managed_parameters = NULL; + // current_managed_parameters = NULL; current_managed_parameters_struct = gvcid_null_struct; - for(int i = 0; i <= gvcid_counter; i++) + for (int i = 0; i <= gvcid_counter; i++) { gvcid_managed_parameters_array[i] = gvcid_null_struct; } - + gvcid_counter = 0; - if(key_if != NULL) + if (key_if != NULL) { key_if->key_shutdown(); - key_if=NULL; + key_if = NULL; } - if(mc_if != NULL) + if (mc_if != NULL) { mc_if->mc_shutdown(); - mc_if=NULL; + mc_if = NULL; } - if (sa_if != NULL) + if (sa_if != NULL) { sa_if->sa_close(); sa_if = NULL; @@ -421,26 +441,27 @@ int32_t Crypto_Shutdown(void) * @param vcid_bitmask: uint8 * @return int32: Success/Failure **/ -int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t mc_type, uint8_t sa_type, uint8_t cryptography_type, +int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t mc_type, uint8_t sa_type, uint8_t cryptography_type, uint8_t iv_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, - uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, uint8_t crypto_increment_nontransmitted_iv) + uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, + uint8_t crypto_increment_nontransmitted_iv) { - int32_t status = CRYPTO_LIB_SUCCESS; - crypto_config.init_status = INITIALIZED; - crypto_config.key_type = key_type; - crypto_config.mc_type = mc_type; - crypto_config.sa_type = sa_type; - crypto_config.cryptography_type = cryptography_type; - crypto_config.iv_type = iv_type; - crypto_config.crypto_create_fecf = crypto_create_fecf; - crypto_config.process_sdls_pdus = process_sdls_pdus; - crypto_config.has_pus_hdr = has_pus_hdr; - crypto_config.ignore_sa_state = ignore_sa_state; - crypto_config.ignore_anti_replay = ignore_anti_replay; - crypto_config.unique_sa_per_mapid = unique_sa_per_mapid; - crypto_config.crypto_check_fecf = crypto_check_fecf; - crypto_config.vcid_bitmask = vcid_bitmask; + int32_t status = CRYPTO_LIB_SUCCESS; + crypto_config.init_status = INITIALIZED; + crypto_config.key_type = key_type; + crypto_config.mc_type = mc_type; + crypto_config.sa_type = sa_type; + crypto_config.cryptography_type = cryptography_type; + crypto_config.iv_type = iv_type; + crypto_config.crypto_create_fecf = crypto_create_fecf; + crypto_config.process_sdls_pdus = process_sdls_pdus; + crypto_config.has_pus_hdr = has_pus_hdr; + crypto_config.ignore_sa_state = ignore_sa_state; + crypto_config.ignore_anti_replay = ignore_anti_replay; + crypto_config.unique_sa_per_mapid = unique_sa_per_mapid; + crypto_config.crypto_check_fecf = crypto_check_fecf; + crypto_config.vcid_bitmask = vcid_bitmask; crypto_config.crypto_increment_nontransmitted_iv = crypto_increment_nontransmitted_iv; return status; } @@ -452,62 +473,66 @@ int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t mc_type, uint8_t sa_ty * @param mysql_hostname: char* * @param mysql_database: char* * @param mysql_port: uint16 - * @return int32: Success/Failure + * @return int32: Success/Failure **/ /*set parameters for an encrypted TLS connection*/ -int32_t Crypto_Config_MariaDB(char* mysql_hostname, char* mysql_database, uint16_t mysql_port, +int32_t Crypto_Config_MariaDB(char *mysql_hostname, char *mysql_database, uint16_t mysql_port, uint8_t mysql_require_secure_transport, uint8_t mysql_tls_verify_server, - char* mysql_tls_ca, char* mysql_tls_capath, char* mysql_mtls_cert, char* mysql_mtls_key, - char* mysql_mtls_client_key_password, char* mysql_username, char* mysql_password) + char *mysql_tls_ca, char *mysql_tls_capath, char *mysql_mtls_cert, char *mysql_mtls_key, + char *mysql_mtls_client_key_password, char *mysql_username, char *mysql_password) { - int32_t status = CRYPTO_LIB_ERROR; - sa_mariadb_config = (SadbMariaDBConfig_t*)calloc(1, SADB_MARIADB_CONFIG_SIZE); + int32_t status = CRYPTO_LIB_ERROR; + sa_mariadb_config = (SadbMariaDBConfig_t *)calloc(1, SADB_MARIADB_CONFIG_SIZE); if (sa_mariadb_config != NULL) { - sa_mariadb_config->mysql_username=crypto_deep_copy_string(mysql_username); - sa_mariadb_config->mysql_password=crypto_deep_copy_string(mysql_password); - sa_mariadb_config->mysql_hostname=crypto_deep_copy_string(mysql_hostname); - sa_mariadb_config->mysql_database=crypto_deep_copy_string(mysql_database); - sa_mariadb_config->mysql_port=mysql_port; + sa_mariadb_config->mysql_username = crypto_deep_copy_string(mysql_username); + sa_mariadb_config->mysql_password = crypto_deep_copy_string(mysql_password); + sa_mariadb_config->mysql_hostname = crypto_deep_copy_string(mysql_hostname); + sa_mariadb_config->mysql_database = crypto_deep_copy_string(mysql_database); + sa_mariadb_config->mysql_port = mysql_port; /*start - encrypted connection related parameters*/ - sa_mariadb_config->mysql_mtls_cert = crypto_deep_copy_string(mysql_mtls_cert); - sa_mariadb_config->mysql_mtls_key = crypto_deep_copy_string(mysql_mtls_key); - sa_mariadb_config->mysql_mtls_ca = crypto_deep_copy_string(mysql_tls_ca); - sa_mariadb_config->mysql_mtls_capath = crypto_deep_copy_string(mysql_tls_capath); - sa_mariadb_config->mysql_tls_verify_server = mysql_tls_verify_server; + sa_mariadb_config->mysql_mtls_cert = crypto_deep_copy_string(mysql_mtls_cert); + sa_mariadb_config->mysql_mtls_key = crypto_deep_copy_string(mysql_mtls_key); + sa_mariadb_config->mysql_mtls_ca = crypto_deep_copy_string(mysql_tls_ca); + sa_mariadb_config->mysql_mtls_capath = crypto_deep_copy_string(mysql_tls_capath); + sa_mariadb_config->mysql_tls_verify_server = mysql_tls_verify_server; sa_mariadb_config->mysql_mtls_client_key_password = crypto_deep_copy_string(mysql_mtls_client_key_password); sa_mariadb_config->mysql_require_secure_transport = mysql_require_secure_transport; /*end - encrypted connection related parameters*/ - status = CRYPTO_LIB_SUCCESS; + status = CRYPTO_LIB_SUCCESS; } return status; } -int32_t Crypto_Config_Kmc_Crypto_Service(char* protocol, char* kmc_crypto_hostname, uint16_t kmc_crypto_port, - char* kmc_crypto_app, char* kmc_tls_ca_bundle, char* kmc_tls_ca_path, - uint8_t kmc_ignore_ssl_hostname_validation, char* mtls_client_cert_path, - char* mtls_client_cert_type, char* mtls_client_key_path, - char* mtls_client_key_pass, char* mtls_issuer_cert) +int32_t Crypto_Config_Kmc_Crypto_Service(char *protocol, char *kmc_crypto_hostname, uint16_t kmc_crypto_port, + char *kmc_crypto_app, char *kmc_tls_ca_bundle, char *kmc_tls_ca_path, + uint8_t kmc_ignore_ssl_hostname_validation, char *mtls_client_cert_path, + char *mtls_client_cert_type, char *mtls_client_key_path, + char *mtls_client_key_pass, char *mtls_issuer_cert) { int32_t status = CRYPTO_LIB_SUCCESS; - cryptography_kmc_crypto_config = (CryptographyKmcCryptoServiceConfig_t* )calloc(1, CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIG_SIZE); - cryptography_kmc_crypto_config->protocol = crypto_deep_copy_string(protocol); + cryptography_kmc_crypto_config = + (CryptographyKmcCryptoServiceConfig_t *)calloc(1, CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIG_SIZE); + cryptography_kmc_crypto_config->protocol = crypto_deep_copy_string(protocol); cryptography_kmc_crypto_config->kmc_crypto_hostname = crypto_deep_copy_string(kmc_crypto_hostname); - cryptography_kmc_crypto_config->kmc_crypto_port = kmc_crypto_port; - if(kmc_crypto_app != NULL){ + cryptography_kmc_crypto_config->kmc_crypto_port = kmc_crypto_port; + if (kmc_crypto_app != NULL) + { cryptography_kmc_crypto_config->kmc_crypto_app_uri = crypto_deep_copy_string(kmc_crypto_app); - } else{ - char* crypto_service_tmp = (char*) "crypto-service"; + } + else + { + char *crypto_service_tmp = (char *)"crypto-service"; cryptography_kmc_crypto_config->kmc_crypto_app_uri = crypto_deep_copy_string(crypto_service_tmp); } - cryptography_kmc_crypto_config->mtls_client_cert_path = crypto_deep_copy_string(mtls_client_cert_path); - cryptography_kmc_crypto_config->mtls_client_cert_type = crypto_deep_copy_string(mtls_client_cert_type); - cryptography_kmc_crypto_config->mtls_client_key_path = crypto_deep_copy_string(mtls_client_key_path); - cryptography_kmc_crypto_config->mtls_client_key_pass = crypto_deep_copy_string(mtls_client_key_pass); - cryptography_kmc_crypto_config->mtls_ca_bundle = crypto_deep_copy_string(kmc_tls_ca_bundle); - cryptography_kmc_crypto_config->mtls_ca_path = crypto_deep_copy_string(kmc_tls_ca_path); - cryptography_kmc_crypto_config->mtls_issuer_cert = crypto_deep_copy_string(mtls_issuer_cert); + cryptography_kmc_crypto_config->mtls_client_cert_path = crypto_deep_copy_string(mtls_client_cert_path); + cryptography_kmc_crypto_config->mtls_client_cert_type = crypto_deep_copy_string(mtls_client_cert_type); + cryptography_kmc_crypto_config->mtls_client_key_path = crypto_deep_copy_string(mtls_client_key_path); + cryptography_kmc_crypto_config->mtls_client_key_pass = crypto_deep_copy_string(mtls_client_key_pass); + cryptography_kmc_crypto_config->mtls_ca_bundle = crypto_deep_copy_string(kmc_tls_ca_bundle); + cryptography_kmc_crypto_config->mtls_ca_path = crypto_deep_copy_string(kmc_tls_ca_path); + cryptography_kmc_crypto_config->mtls_issuer_cert = crypto_deep_copy_string(mtls_issuer_cert); cryptography_kmc_crypto_config->ignore_ssl_hostname_validation = kmc_ignore_ssl_hostname_validation; return status; } @@ -519,24 +544,23 @@ int32_t Crypto_Config_Kmc_Crypto_Service(char* protocol, char* kmc_crypto_hostna * @param keytab_file_path: char* * @param login_method: uint8_t * @return int32_t: Success/Failure -**/ -int32_t Crypto_Config_Cam(uint8_t cam_enabled, char* cookie_file_path, char* keytab_file_path, uint8_t login_method, char* access_manager_uri, char* username, char* cam_home) + **/ +int32_t Crypto_Config_Cam(uint8_t cam_enabled, char *cookie_file_path, char *keytab_file_path, uint8_t login_method, + char *access_manager_uri, char *username, char *cam_home) { - int32_t status = CRYPTO_LIB_SUCCESS; - cam_config = (CamConfig_t*)calloc(1,CAM_CONFIG_SIZE); - cam_config->cam_enabled = cam_enabled; - cam_config->cookie_file_path = crypto_deep_copy_string(cookie_file_path); - cam_config->keytab_file_path = crypto_deep_copy_string(keytab_file_path); - cam_config->login_method = login_method; + int32_t status = CRYPTO_LIB_SUCCESS; + cam_config = (CamConfig_t *)calloc(1, CAM_CONFIG_SIZE); + cam_config->cam_enabled = cam_enabled; + cam_config->cookie_file_path = crypto_deep_copy_string(cookie_file_path); + cam_config->keytab_file_path = crypto_deep_copy_string(keytab_file_path); + cam_config->login_method = login_method; cam_config->access_manager_uri = crypto_deep_copy_string(access_manager_uri); - cam_config->username = crypto_deep_copy_string(username); - cam_config->cam_home = crypto_deep_copy_string(cam_home); + cam_config->username = crypto_deep_copy_string(username); + cam_config->cam_home = crypto_deep_copy_string(cam_home); return status; } - - int32_t Crypto_Config_Add_Gvcid_Managed_Parameters(GvcidManagedParameters_t gvcid_managed_parameters_struct) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -547,10 +571,10 @@ int32_t Crypto_Config_Add_Gvcid_Managed_Parameters(GvcidManagedParameters_t gvci else { gvcid_managed_parameters_array[gvcid_counter] = gvcid_managed_parameters_struct; - gvcid_counter++; + gvcid_counter++; } - - return status; + + return status; } /** @@ -568,8 +592,9 @@ int32_t Crypto_Config_Add_Gvcid_Managed_Parameters(GvcidManagedParameters_t gvci * @return int32: Success/Failure **/ // int32_t Crypto_Config_Add_Gvcid_Managed_Parameter(uint8_t tfvn, uint16_t scid, uint8_t vcid, uint8_t has_fecf, -// uint8_t has_segmentation_hdr, uint8_t has_ocf, uint16_t max_frame_size, uint8_t aos_has_fhec, -// uint8_t aos_has_iz, uint16_t aos_iz_len) +// uint8_t has_segmentation_hdr, uint8_t has_ocf, uint16_t +// max_frame_size, uint8_t aos_has_fhec, uint8_t aos_has_iz, uint16_t +// aos_iz_len) // { // int32_t status = CRYPTO_LIB_SUCCESS; @@ -600,9 +625,10 @@ int32_t Crypto_Config_Add_Gvcid_Managed_Parameters(GvcidManagedParameters_t gvci // } // else // { // Recurse through nodes and add at end -// return crypto_config_add_gvcid_managed_parameter_recursion(tfvn, scid, vcid, has_fecf, has_segmentation_hdr, has_ocf, -// max_frame_size, aos_has_fhec, aos_has_iz, aos_iz_len, -// gvcid_managed_parameters); +// return crypto_config_add_gvcid_managed_parameter_recursion(tfvn, scid, vcid, has_fecf, has_segmentation_hdr, +// has_ocf, +// max_frame_size, aos_has_fhec, aos_has_iz, +// aos_iz_len, gvcid_managed_parameters); // } // } @@ -610,11 +636,11 @@ int32_t crypto_free_config_structs(void) { int32_t status = CRYPTO_LIB_SUCCESS; - //free(crypto_config); //no strings in this struct, just free it. + // free(crypto_config); //no strings in this struct, just free it. crypto_config.init_status = UNITIALIZED; // Config structs with char* types that are malloc'd and must be freed individually. - if(sa_mariadb_config != NULL) + if (sa_mariadb_config != NULL) { free(sa_mariadb_config->mysql_username); free(sa_mariadb_config->mysql_password); @@ -626,9 +652,9 @@ int32_t crypto_free_config_structs(void) free(sa_mariadb_config->mysql_mtls_capath); free(sa_mariadb_config->mysql_mtls_client_key_password); free(sa_mariadb_config); - sa_mariadb_config=NULL; + sa_mariadb_config = NULL; } - if(cryptography_kmc_crypto_config != NULL) + if (cryptography_kmc_crypto_config != NULL) { free(cryptography_kmc_crypto_config->kmc_crypto_hostname); free(cryptography_kmc_crypto_config->protocol); @@ -641,9 +667,9 @@ int32_t crypto_free_config_structs(void) free(cryptography_kmc_crypto_config->mtls_ca_path); free(cryptography_kmc_crypto_config->mtls_issuer_cert); free(cryptography_kmc_crypto_config); - cryptography_kmc_crypto_config=NULL; + cryptography_kmc_crypto_config = NULL; } - if(cam_config != NULL) + if (cam_config != NULL) { free(cam_config->cookie_file_path); free(cam_config->keytab_file_path); @@ -651,7 +677,7 @@ int32_t crypto_free_config_structs(void) free(cam_config->username); free(cam_config->cam_home); free(cam_config); - cam_config=NULL; + cam_config = NULL; } return status; } @@ -663,15 +689,15 @@ int32_t crypto_free_config_structs(void) * @return char*: Pointer to locally-memory-managed string copy. **/ -char* crypto_deep_copy_string(char* src_string) +char *crypto_deep_copy_string(char *src_string) { - if(src_string == NULL) + if (src_string == NULL) { return NULL; } // Note that the strlen() function doesn't count the null character \0 while calculating the length. - char* deep_copied_str = malloc((strlen(src_string) + 1) * sizeof(char)); - memcpy(deep_copied_str,src_string,strlen(src_string)+1); + char *deep_copied_str = malloc((strlen(src_string) + 1) * sizeof(char)); + memcpy(deep_copied_str, src_string, strlen(src_string) + 1); return deep_copied_str; } @@ -686,14 +712,17 @@ char* crypto_deep_copy_string(char* src_string) * @param managed_parameter: GvcidManagedParameters_t* * @return int32: Success/Failure **/ -// int32_t crypto_config_add_gvcid_managed_parameter_recursion(uint8_t tfvn, uint16_t scid, uint8_t vcid, uint8_t has_fecf, -// uint8_t has_segmentation_hdr, uint8_t has_ocf, uint16_t max_frame_size, uint8_t aos_has_fhec, -// uint8_t aos_has_iz, uint16_t aos_iz_len, -// GvcidManagedParameters_t* managed_parameter) +// int32_t crypto_config_add_gvcid_managed_parameter_recursion(uint8_t tfvn, uint16_t scid, uint8_t vcid, uint8_t +// has_fecf, +// uint8_t has_segmentation_hdr, uint8_t has_ocf, uint16_t +// max_frame_size, uint8_t aos_has_fhec, uint8_t aos_has_iz, +// uint16_t aos_iz_len, GvcidManagedParameters_t* +// managed_parameter) // { // if (managed_parameter->next != NULL) // { -// return crypto_config_add_gvcid_managed_parameter_recursion(tfvn, scid, vcid, has_fecf, has_segmentation_hdr, has_ocf, +// return crypto_config_add_gvcid_managed_parameter_recursion(tfvn, scid, vcid, has_fecf, has_segmentation_hdr, +// has_ocf, // max_frame_size, aos_has_fhec, aos_has_iz, // aos_iz_len, managed_parameter->next); // } @@ -725,21 +754,21 @@ void Crypto_Local_Config(void) { // Initialize Log log_summary.num_se = 2; - log_summary.rs = LOG_SIZE; + log_summary.rs = LOG_SIZE; // Add a two messages to the log log_summary.rs--; - mc_log.blk[log_count].emt = STARTUP_EID; - mc_log.blk[log_count].emv[0] = 0x4E; - mc_log.blk[log_count].emv[1] = 0x41; - mc_log.blk[log_count].emv[2] = 0x53; - mc_log.blk[log_count].emv[3] = 0x41; + mc_log.blk[log_count].emt = STARTUP_EID; + mc_log.blk[log_count].emv[0] = 0x4E; + mc_log.blk[log_count].emv[1] = 0x41; + mc_log.blk[log_count].emv[2] = 0x53; + mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; log_summary.rs--; - mc_log.blk[log_count].emt = STARTUP_EID; - mc_log.blk[log_count].emv[0] = 0x4E; - mc_log.blk[log_count].emv[1] = 0x41; - mc_log.blk[log_count].emv[2] = 0x53; - mc_log.blk[log_count].emv[3] = 0x41; + mc_log.blk[log_count].emt = STARTUP_EID; + mc_log.blk[log_count].emv[0] = 0x4E; + mc_log.blk[log_count].emv[1] = 0x41; + mc_log.blk[log_count].emv[2] = 0x53; + mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; } } @@ -793,26 +822,26 @@ void Crypto_Local_Init(void) **/ // Initialize CLCW - clcw.cwt = 0; // Control Word Type "0" - clcw.cvn = 0; // CLCW Version Number "00" - clcw.sf = 0; // Status Field - clcw.cie = 1; // COP In Effect - clcw.vci = 0; // Virtual Channel Identification + clcw.cwt = 0; // Control Word Type "0" + clcw.cvn = 0; // CLCW Version Number "00" + clcw.sf = 0; // Status Field + clcw.cie = 1; // COP In Effect + clcw.vci = 0; // Virtual Channel Identification clcw.spare0 = 0; // Reserved Spare - clcw.nrfa = 0; // No RF Avaliable Flag - clcw.nbl = 0; // No Bit Lock Flag - clcw.lo = 0; // Lock-Out Flag - clcw.wait = 0; // Wait Flag - clcw.rt = 0; // Retransmit Flag - clcw.fbc = 0; // FARM-B Counter + clcw.nrfa = 0; // No RF Avaliable Flag + clcw.nbl = 0; // No Bit Lock Flag + clcw.lo = 0; // Lock-Out Flag + clcw.wait = 0; // Wait Flag + clcw.rt = 0; // Retransmit Flag + clcw.fbc = 0; // FARM-B Counter clcw.spare1 = 0; // Reserved Spare - clcw.rv = 0; // Report Value + clcw.rv = 0; // Report Value // Initialize Frame Security Report - report.cwt = 1; // Control Word Type "0b1"" - report.vnum = 4; // FSR Version "0b100"" - report.af = 0; // Alarm Field - report.bsnf = 0; // Bad SN Flag + report.cwt = 1; // Control Word Type "0b1"" + report.vnum = 4; // FSR Version "0b100"" + report.af = 0; // Alarm Field + report.bsnf = 0; // Bad SN Flag report.bmacf = 0; // Bad MAC Flag report.ispif = 0; // Invalid SPI Flag report.lspiu = 0; // Last SPI Used @@ -825,9 +854,9 @@ void Crypto_Local_Init(void) **/ void Crypto_Calc_CRC_Init_Table(void) { - uint16_t val; - uint32_t poly = 0xEDB88320; - uint32_t crc; + uint16_t val; + uint32_t poly = 0xEDB88320; + uint32_t crc; unsigned int i; unsigned int j; diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index b8366e97..c5dff512 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -19,155 +19,147 @@ #include "crypto_error.h" #include "crypto.h" -#define CRYPTO_UNDEFINED_ERROR (char*) "CRYPTO_UNDEFINED_ERROR_CODE" +#define CRYPTO_UNDEFINED_ERROR (char *)"CRYPTO_UNDEFINED_ERROR_CODE" -char *crypto_enum_errlist_core[] = -{ - (char*) "CRYPTO_LIB_SUCCESS", - (char*) "CRYPTO_LIB_ERROR", - (char*) "CRYPTO_LIB_ERR_NO_INIT", - (char*) "CRYPTO_LIB_ERR_INVALID_TFVN", - (char*) "CRYPTO_LIB_ERR_INVALID_SCID", - (char*) "CRYPTO_LIB_ERR_INVALID_VCID", - (char*) "CRYPTO_LIB_ERR_INVALID_MAPID", - (char*) "CRYPTO_LIB_ERR_INVALID_CC_FLAG", - (char*) "CRYPTO_LIB_ERR_NO_OPERATIONAL_SA", - (char*) "CRYPTO_LIB_ERR_NULL_BUFFER", - (char*) "CRYPTO_LIB_ERR_UT_BYTE_MISMATCH", - (char*) "CRYPTO_LIB_ERR_NO_CONFIG", - (char*) "CRYPTO_LIB_ERR_INVALID_FECF", - (char*) "CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW", - (char*) "CRYPTO_LIB_ERR_LIBGCRYPT_ERROR", - (char*) "CRYPTO_LIB_ERR_AUTHENTICATION_ERROR", - (char*) "CRYPTO_LIB_ERR_NULL_IV", - (char*) "CRYPTO_LIB_ERR_NULL_ABM", - (char*) "CRYPTO_LIB_ERR_DECRYPT_ERROR", - (char*) "CRYPTO_LIB_ERR_ABM_TOO_SHORT_FOR_AAD", - (char*) "CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR", - (char*) "CRYPTO_LIB_ERR_MAC_VALIDATION_ERROR", - (char*) "CRYPTO_LIB_ERR_INVALID_HEADER", - (char*) "CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW", - (char*) "CRYPTO_LIB_ERR_NULL_ARSN", - (char*) "CRYPTO_LIB_ERR_NULL_SA", - (char*) "CRYPTO_LIB_ERR_UNSUPPORTED_ACS", - (char*) "CRYPTO_LIB_ERR_ENCRYPTION_ERROR", - (char*) "CRYPTO_LIB_ERR_INVALID_SA_CONFIGURATION", - (char*) "CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_MANAGED_PARAM_MAX_LIMIT", - (char*) "CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_SPEC_LIMIT", - (char*) "CRYPTO_LIB_ERR_UNSUPPORTED_ECS", - (char*) "CRYPTO_LIB_ERR_KEY_LENGTH_ERROR", - (char*) "CRYPTO_LIB_ERR_NULL_ECS_PTR", - (char*) "CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO", - (char*) "CRYPTO_LIB_ERR_NULL_CIPHERS", - (char*) "CRYPTO_LIB_ERR_NO_ECS_SET_FOR_ENCRYPTION_MODE", - (char*) "CRYPTO_LIB_ERR_IV_LEN_SHORTER_THAN_SEC_HEADER_LENGTH", - (char*) "CRYPTO_LIB_ERR_ARSN_LEN_SHORTER_THAN_SEC_HEADER_LENGTH", - (char*) "CRYPTO_LIB_ERR_FRAME_COUNTER_DOESNT_MATCH_SA", - (char*) "CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TC_STANDARD", - (char*) "CRYPTO_LIB_ERR_INPUT_FRAME_LENGTH_SHORTER_THAN_FRAME_HEADERS_LENGTH", - (char*) "CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE", - (char*) "CRYPTO_LIB_ERR_NULL_MODE_PTR", - (char*) "CRYPTO_LIB_ERR_UNSUPPORTED_MODE", - (char*) "CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TM_STANDARD", - (char*) "CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG", - (char*) "CRYPTO_LIB_ERR_KEY_ID_ERROR", - (char*) "CRYPTO_LIB_ERR_MC_INIT", - (char*) "CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_AOS_STANDARD", - (char*) "CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_AOS_CONFIG", - (char*) "CRYPTO_LIB_ERR_INVALID_SA_SERVICE_TYPE", - (char*) "CRYPTO_LIB_ERR_FAIL_SA_SAVE", - (char*) "CRYPTO_LIB_ERR_FAIL_SA_LOAD", - (char*) "CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT", - (char*) "CRYPTO_LIB_ERR_KEY_VALIDATION", - (char*) "CRYPTO_LIB_ERR_SPI_INDEX_OOB", - (char*) "CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL", - (char*) "CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH", - (char*) "CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR" -}; +char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", + (char *)"CRYPTO_LIB_ERROR", + (char *)"CRYPTO_LIB_ERR_NO_INIT", + (char *)"CRYPTO_LIB_ERR_INVALID_TFVN", + (char *)"CRYPTO_LIB_ERR_INVALID_SCID", + (char *)"CRYPTO_LIB_ERR_INVALID_VCID", + (char *)"CRYPTO_LIB_ERR_INVALID_MAPID", + (char *)"CRYPTO_LIB_ERR_INVALID_CC_FLAG", + (char *)"CRYPTO_LIB_ERR_NO_OPERATIONAL_SA", + (char *)"CRYPTO_LIB_ERR_NULL_BUFFER", + (char *)"CRYPTO_LIB_ERR_UT_BYTE_MISMATCH", + (char *)"CRYPTO_LIB_ERR_NO_CONFIG", + (char *)"CRYPTO_LIB_ERR_INVALID_FECF", + (char *)"CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW", + (char *)"CRYPTO_LIB_ERR_LIBGCRYPT_ERROR", + (char *)"CRYPTO_LIB_ERR_AUTHENTICATION_ERROR", + (char *)"CRYPTO_LIB_ERR_NULL_IV", + (char *)"CRYPTO_LIB_ERR_NULL_ABM", + (char *)"CRYPTO_LIB_ERR_DECRYPT_ERROR", + (char *)"CRYPTO_LIB_ERR_ABM_TOO_SHORT_FOR_AAD", + (char *)"CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR", + (char *)"CRYPTO_LIB_ERR_MAC_VALIDATION_ERROR", + (char *)"CRYPTO_LIB_ERR_INVALID_HEADER", + (char *)"CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW", + (char *)"CRYPTO_LIB_ERR_NULL_ARSN", + (char *)"CRYPTO_LIB_ERR_NULL_SA", + (char *)"CRYPTO_LIB_ERR_UNSUPPORTED_ACS", + (char *)"CRYPTO_LIB_ERR_ENCRYPTION_ERROR", + (char *)"CRYPTO_LIB_ERR_INVALID_SA_CONFIGURATION", + (char *)"CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_MANAGED_PARAM_MAX_LIMIT", + (char *)"CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_SPEC_LIMIT", + (char *)"CRYPTO_LIB_ERR_UNSUPPORTED_ECS", + (char *)"CRYPTO_LIB_ERR_KEY_LENGTH_ERROR", + (char *)"CRYPTO_LIB_ERR_NULL_ECS_PTR", + (char *)"CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO", + (char *)"CRYPTO_LIB_ERR_NULL_CIPHERS", + (char *)"CRYPTO_LIB_ERR_NO_ECS_SET_FOR_ENCRYPTION_MODE", + (char *)"CRYPTO_LIB_ERR_IV_LEN_SHORTER_THAN_SEC_HEADER_LENGTH", + (char *)"CRYPTO_LIB_ERR_ARSN_LEN_SHORTER_THAN_SEC_HEADER_LENGTH", + (char *)"CRYPTO_LIB_ERR_FRAME_COUNTER_DOESNT_MATCH_SA", + (char *)"CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TC_STANDARD", + (char *)"CRYPTO_LIB_ERR_INPUT_FRAME_LENGTH_SHORTER_THAN_FRAME_HEADERS_LENGTH", + (char *)"CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE", + (char *)"CRYPTO_LIB_ERR_NULL_MODE_PTR", + (char *)"CRYPTO_LIB_ERR_UNSUPPORTED_MODE", + (char *)"CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TM_STANDARD", + (char *)"CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG", + (char *)"CRYPTO_LIB_ERR_KEY_ID_ERROR", + (char *)"CRYPTO_LIB_ERR_MC_INIT", + (char *)"CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_AOS_STANDARD", + (char *)"CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_AOS_CONFIG", + (char *)"CRYPTO_LIB_ERR_INVALID_SA_SERVICE_TYPE", + (char *)"CRYPTO_LIB_ERR_FAIL_SA_SAVE", + (char *)"CRYPTO_LIB_ERR_FAIL_SA_LOAD", + (char *)"CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT", + (char *)"CRYPTO_LIB_ERR_KEY_VALIDATION", + (char *)"CRYPTO_LIB_ERR_SPI_INDEX_OOB", + (char *)"CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL", + (char *)"CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH", + (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR"}; -char *crypto_enum_errlist_config[] = -{ - (char*) "CRYPTO_CONFIGURATION_NOT_COMPLETE", - (char*) "CRYPTO_MANAGED_PARAM_CONFIGURATION_NOT_COMPLETE", - (char*) "CRYPTO_MARIADB_CONFIGURATION_NOT_COMPLETE", - (char*) "MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND", +char *crypto_enum_errlist_config[] = { + (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", + (char *)"CRYPTO_MANAGED_PARAM_CONFIGURATION_NOT_COMPLETE", + (char *)"CRYPTO_MARIADB_CONFIGURATION_NOT_COMPLETE", + (char *)"MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND", }; -char *crypto_enum_errlist_sa_if[] = -{ - (char*) "SADB_INVALID_SADB_TYPE", - (char*) "SADB_NULL_SA_USED", +char *crypto_enum_errlist_sa_if[] = { + (char *)"SADB_INVALID_SADB_TYPE", + (char *)"SADB_NULL_SA_USED", }; -char *crypto_enum_errlist_sa_mariadb[] = -{ - (char*) "SADB_MARIADB_CONNECTION_FAILED", - (char*) "SADB_QUERY_FAILED", - (char*) "SADB_QUERY_EMPTY_RESULTS", - (char*) "SADB_INSERT_FAILED", +char *crypto_enum_errlist_sa_mariadb[] = { + (char *)"SADB_MARIADB_CONNECTION_FAILED", + (char *)"SADB_QUERY_FAILED", + (char *)"SADB_QUERY_EMPTY_RESULTS", + (char *)"SADB_INSERT_FAILED", }; -char *crypto_enum_errlist_crypto_if[] = -{ - (char*) "CRYPTOGRAPHY_INVALID_CRYPTO_INTERFACE_TYPE", - (char*) "CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING", - (char*) "CRYPTOGRAPHY_LIBRARY_INITIALIZIATION_ERROR", +char *crypto_enum_errlist_crypto_if[] = { + (char *)"CRYPTOGRAPHY_INVALID_CRYPTO_INTERFACE_TYPE", + (char *)"CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING", + (char *)"CRYPTOGRAPHY_LIBRARY_INITIALIZIATION_ERROR", }; -char *crypto_enum_errlist_crypto_kmc[] = -{ - (char*) "CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIGURATION_NOT_COMPLETE", - (char*) "CRYPTOGRAPHY_KMC_CURL_INITIALIZATION_FAILURE", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_CONNECTION_ERROR", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AEAD_ENCRYPT_ERROR", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AEAD_DECRYPT_ERROR", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR", - (char*) "CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AUTHENTICATION_ERROR", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_MAC_VALIDATION_ERROR", - (char*) "CRYPTOGRAHPY_KMC_ICV_NOT_FOUND_IN_JSON_RESPONSE", - (char*) "CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA", - (char*) "CRYPTOGRAHPY_KMC_NULL_AUTHENTICATION_KEY_REFERENCE_IN_SA", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR", - (char*) "CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR", +char *crypto_enum_errlist_crypto_kmc[] = { + (char *)"CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIGURATION_NOT_COMPLETE", + (char *)"CRYPTOGRAPHY_KMC_CURL_INITIALIZATION_FAILURE", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_CONNECTION_ERROR", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AEAD_ENCRYPT_ERROR", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AEAD_DECRYPT_ERROR", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR", + (char *)"CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_AUTHENTICATION_ERROR", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_MAC_VALIDATION_ERROR", + (char *)"CRYPTOGRAHPY_KMC_ICV_NOT_FOUND_IN_JSON_RESPONSE", + (char *)"CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA", + (char *)"CRYPTOGRAHPY_KMC_NULL_AUTHENTICATION_KEY_REFERENCE_IN_SA", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR", + (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR", }; -char *crypto_enum_errlist_crypto_cam[] = -{ - (char*) "CAM_CONFIG_NOT_SUPPORTED_ERROR", - (char*) "CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL", - (char*) "CAM_AUTHENTICATION_FAILURE_REDIRECT", - (char*) "CAM_AUTHENTICATION_REQUIRED", - (char*) "CAM_GET_SSO_TOKEN_FAILURE", - (char*) "CAM_INVALID_CONFIGURATION_ACCESS_MANAGER_URI_NULL", - (char*) "CAM_INVALID_CONFIGURATION_KEYTAB_FILE_PATH_NULL", - (char*) "CAM_INVALID_CONFIGURATION_KEYTAB_FILE_USERNAME_NULL", - (char*) "CAM_KEYTAB_FILE_KINIT_FAILURE", - (char*) "CAM_KERBEROS_REQUEST_TIME_OUT", - (char*) "CAM_MAX_AUTH_RETRIES_REACHED", +char *crypto_enum_errlist_crypto_cam[] = { + (char *)"CAM_CONFIG_NOT_SUPPORTED_ERROR", + (char *)"CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL", + (char *)"CAM_AUTHENTICATION_FAILURE_REDIRECT", + (char *)"CAM_AUTHENTICATION_REQUIRED", + (char *)"CAM_GET_SSO_TOKEN_FAILURE", + (char *)"CAM_INVALID_CONFIGURATION_ACCESS_MANAGER_URI_NULL", + (char *)"CAM_INVALID_CONFIGURATION_KEYTAB_FILE_PATH_NULL", + (char *)"CAM_INVALID_CONFIGURATION_KEYTAB_FILE_USERNAME_NULL", + (char *)"CAM_KEYTAB_FILE_KINIT_FAILURE", + (char *)"CAM_KERBEROS_REQUEST_TIME_OUT", + (char *)"CAM_MAX_AUTH_RETRIES_REACHED", }; /* ** @brief: Helper Function. Get specific error code, given code, allowable max, and valid string expansion ** @param: int32_t, int32_t, char* - * @return: char* +* @return: char* */ -char* Crypto_Get_Crypto_Error_Code_String(int32_t crypto_error_code, int32_t crypto_error_code_max, char* valid_output_string) +char *Crypto_Get_Crypto_Error_Code_String(int32_t crypto_error_code, int32_t crypto_error_code_max, + char *valid_output_string) { - if(crypto_error_code < crypto_error_code_max) + if (crypto_error_code < crypto_error_code_max) { return CRYPTO_UNDEFINED_ERROR; } - return valid_output_string; + return valid_output_string; } /* ** @brief: Helper Function. Get specific error code, given code, allowable max, and valid string expansion ** @param: int32_t, int32_t, char* - * @return: char* +* @return: char* */ -char* Crypto_Get_Error_Code_String(int32_t crypto_error_code, int32_t crypto_error_code_max, char* valid_output_string) +char *Crypto_Get_Error_Code_String(int32_t crypto_error_code, int32_t crypto_error_code_max, char *valid_output_string) { - if(crypto_error_code > crypto_error_code_max) + if (crypto_error_code > crypto_error_code_max) { return CRYPTO_UNDEFINED_ERROR; } @@ -177,38 +169,51 @@ char* Crypto_Get_Error_Code_String(int32_t crypto_error_code, int32_t crypto_err /* ** @brief: For a given crypto error code, return the associated error code enum string ** @param: int32_t - * @return: char* +* @return: char* */ -char* Crypto_Get_Error_Code_Enum_String(int32_t crypto_error_code) +char *Crypto_Get_Error_Code_Enum_String(int32_t crypto_error_code) { - char* return_string = CRYPTO_UNDEFINED_ERROR; - if(crypto_error_code >= CAM_ERROR_CODES) // CAM Error Codes + char *return_string = CRYPTO_UNDEFINED_ERROR; + if (crypto_error_code >= CAM_ERROR_CODES) // CAM Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, CAM_ERROR_CODES_MAX, crypto_enum_errlist_crypto_cam[crypto_error_code - CAM_ERROR_CODES]); + return_string = + Crypto_Get_Error_Code_String(crypto_error_code, CAM_ERROR_CODES_MAX, + crypto_enum_errlist_crypto_cam[crypto_error_code - CAM_ERROR_CODES]); } - else if(crypto_error_code >= KMC_ERROR_CODES) // KMC Error Codes + else if (crypto_error_code >= KMC_ERROR_CODES) // KMC Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, KMC_ERROR_CODES_MAX, crypto_enum_errlist_crypto_kmc[crypto_error_code - KMC_ERROR_CODES]); + return_string = + Crypto_Get_Error_Code_String(crypto_error_code, KMC_ERROR_CODES_MAX, + crypto_enum_errlist_crypto_kmc[crypto_error_code - KMC_ERROR_CODES]); } - else if(crypto_error_code >= CRYPTO_INTERFACE_ERROR_CODES) // Crypto Interface Error Codes + else if (crypto_error_code >= CRYPTO_INTERFACE_ERROR_CODES) // Crypto Interface Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, CRYPTO_INTERFACE_ERROR_CODES_MAX, crypto_enum_errlist_crypto_if[crypto_error_code - CRYPTO_INTERFACE_ERROR_CODES]); + return_string = Crypto_Get_Error_Code_String( + crypto_error_code, CRYPTO_INTERFACE_ERROR_CODES_MAX, + crypto_enum_errlist_crypto_if[crypto_error_code - CRYPTO_INTERFACE_ERROR_CODES]); } - else if(crypto_error_code >= SADB_ERROR_CODES) // SADB MariadDB Error Codes + else if (crypto_error_code >= SADB_ERROR_CODES) // SADB MariadDB Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, SADB_ERROR_CODES_MAX, crypto_enum_errlist_sa_mariadb[crypto_error_code - SADB_ERROR_CODES]); + return_string = + Crypto_Get_Error_Code_String(crypto_error_code, SADB_ERROR_CODES_MAX, + crypto_enum_errlist_sa_mariadb[crypto_error_code - SADB_ERROR_CODES]); } - else if(crypto_error_code >= SADB_ERROR_CODES) // SADB Interface Error Codes + else if (crypto_error_code >= SADB_ERROR_CODES) // SADB Interface Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, SADB_INTERFACE_ERROR_CODES_MAX, crypto_enum_errlist_sa_if[crypto_error_code - SADB_ERROR_CODES]); + return_string = Crypto_Get_Error_Code_String(crypto_error_code, SADB_INTERFACE_ERROR_CODES_MAX, + crypto_enum_errlist_sa_if[crypto_error_code - SADB_ERROR_CODES]); } - else if(crypto_error_code >= CONFIGURATION_ERROR_CODES) // Configuration Error Codes + else if (crypto_error_code >= CONFIGURATION_ERROR_CODES) // Configuration Error Codes { - return_string = Crypto_Get_Error_Code_String(crypto_error_code, CONFIGURATION_ERROR_CODES_MAX, crypto_enum_errlist_config[crypto_error_code - CONFIGURATION_ERROR_CODES]); + return_string = + Crypto_Get_Error_Code_String(crypto_error_code, CONFIGURATION_ERROR_CODES_MAX, + crypto_enum_errlist_config[crypto_error_code - CONFIGURATION_ERROR_CODES]); } - else if(crypto_error_code <= 0) // Cryptolib Core Error Codes + else if (crypto_error_code <= 0) // Cryptolib Core Error Codes { - return_string = Crypto_Get_Crypto_Error_Code_String(crypto_error_code, CRYPTO_CORE_ERROR_CODES_MAX, crypto_enum_errlist_core[(crypto_error_code * (-1))]); //Cryptolib uses negative error return codes. + return_string = Crypto_Get_Crypto_Error_Code_String( + crypto_error_code, CRYPTO_CORE_ERROR_CODES_MAX, + crypto_enum_errlist_core[(crypto_error_code * (-1))]); // Cryptolib uses negative error return codes. } return return_string; } \ No newline at end of file diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index c0b8bdc4..1b86be2e 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -40,15 +40,15 @@ int32_t Crypto_Key_OTAR(void) { // Local variables SDLS_OTAR_t packet; - int count = 0; - int x = 0; - int y; - int32_t status = CRYPTO_LIB_SUCCESS; + int count = 0; + int x = 0; + int y; + int32_t status = CRYPTO_LIB_SUCCESS; // uint16_t pdu_len = (uint16_t) sdls_frame.pdu.hdr.pdu_len[1] << 8 | sdls_frame.pdu.hdr.pdu_len[0]; - int pdu_keys = (sdls_frame.pdu.hdr.pdu_len - 30) / (2 + 32); - int w; - crypto_key_t* ekp = NULL; - + int pdu_keys = (sdls_frame.pdu.hdr.pdu_len - 30) / (2 + 32); + int w; + crypto_key_t *ekp = NULL; + // Master Key ID packet.mkid = (sdls_frame.pdu.data[0] << 8) | (sdls_frame.pdu.data[1]); #ifdef DEBUG @@ -60,13 +60,13 @@ int32_t Crypto_Key_OTAR(void) report.af = 1; if (log_summary.rs > 0) { - Crypto_increment((uint8_t* )&log_summary.num_se, 4); + Crypto_increment((uint8_t *)&log_summary.num_se, 4); log_summary.rs--; - mc_log.blk[log_count].emt = MKID_INVALID_EID; - mc_log.blk[log_count].emv[0] = 0x4E; - mc_log.blk[log_count].emv[1] = 0x41; - mc_log.blk[log_count].emv[2] = 0x53; - mc_log.blk[log_count].emv[3] = 0x41; + mc_log.blk[log_count].emt = MKID_INVALID_EID; + mc_log.blk[log_count].emv[0] = 0x4E; + mc_log.blk[log_count].emv[1] = 0x41; + mc_log.blk[log_count].emv[2] = 0x53; + mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; } #ifdef DEBUG @@ -80,7 +80,7 @@ int32_t Crypto_Key_OTAR(void) { // Initialization Vector packet.iv[count - 2] = sdls_frame.pdu.data[count]; #ifdef DEBUG - printf("packet.iv[%d] = 0x%02x\n", count-2, packet.iv[count-2]); + printf("packet.iv[%d] = 0x%02x\n", count - 2, packet.iv[count - 2]); #endif } @@ -100,26 +100,26 @@ int32_t Crypto_Key_OTAR(void) } uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; - status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output - (size_t)(pdu_keys * (2 + SDLS_KEY_LEN)), // length of data - NULL, // in place decryption - 0, // in data length - &(ekp->value[0]), //key - ekp->key_len, //key length - NULL, //SA reference - &(packet.iv[0]), //IV - SDLS_IV_LEN, //IV length - &(packet.mac[0]), // tag input - MAC_SIZE, // tag size - NULL, // AAD - 0, // AAD Length - CRYPTO_TRUE, // decrypt - CRYPTO_TRUE, // authenticate - CRYPTO_FALSE, // AAD Bool - &ecs, // encryption cipher - NULL, // authentication cipher - NULL // cam_cookies - ); + status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output + (size_t)(pdu_keys * (2 + SDLS_KEY_LEN)), // length of data + NULL, // in place decryption + 0, // in data length + &(ekp->value[0]), // key + ekp->key_len, // key length + NULL, // SA reference + &(packet.iv[0]), // IV + SDLS_IV_LEN, // IV length + &(packet.mac[0]), // tag input + MAC_SIZE, // tag size + NULL, // AAD + 0, // AAD Length + CRYPTO_TRUE, // decrypt + CRYPTO_TRUE, // authenticate + CRYPTO_FALSE, // AAD Bool + &ecs, // encryption cipher + NULL, // authentication cipher + NULL // cam_cookies + ); // Read in Decrypted Data for (count = 14; x < pdu_keys; x++) @@ -130,13 +130,13 @@ int32_t Crypto_Key_OTAR(void) report.af = 1; if (log_summary.rs > 0) { - Crypto_increment((uint8_t* )&log_summary.num_se, 4); + Crypto_increment((uint8_t *)&log_summary.num_se, 4); log_summary.rs--; - mc_log.blk[log_count].emt = OTAR_MK_ERR_EID; - mc_log.blk[log_count].emv[0] = 0x4E; // N - mc_log.blk[log_count].emv[1] = 0x41; // A - mc_log.blk[log_count].emv[2] = 0x53; // S - mc_log.blk[log_count].emv[3] = 0x41; // A + mc_log.blk[log_count].emt = OTAR_MK_ERR_EID; + mc_log.blk[log_count].emv[0] = 0x4E; // N + mc_log.blk[log_count].emv[1] = 0x41; // A + mc_log.blk[log_count].emv[2] = 0x53; // S + mc_log.blk[log_count].emv[3] = 0x41; // A mc_log.blk[log_count++].em_len = 4; } #ifdef DEBUG @@ -152,10 +152,10 @@ int32_t Crypto_Key_OTAR(void) { return CRYPTO_LIB_ERR_KEY_ID_ERROR; } - + count = count + 2; for (y = count; y < (SDLS_KEY_LEN + count); y++) - { + { // Encrypted Key packet.EKB[x].ek[y - count] = sdls_frame.pdu.data[y]; #ifdef SA_DEBUG @@ -195,11 +195,11 @@ int32_t Crypto_Key_OTAR(void) int32_t Crypto_Key_update(uint8_t state) { // Local variables SDLS_KEY_BLK_t packet; - int count = 0; - int pdu_keys = sdls_frame.pdu.hdr.pdu_len / 2; - int32_t status; - crypto_key_t* ekp = NULL; - int x; + int count = 0; + int pdu_keys = sdls_frame.pdu.hdr.pdu_len / 2; + int32_t status; + crypto_key_t *ekp = NULL; + int x; if (key_if == NULL) { @@ -214,7 +214,7 @@ int32_t Crypto_Key_update(uint8_t state) for (x = 0; x < pdu_keys; x++) { packet.kblk[x].kid = (sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]); - count = count + 2; + count = count + 2; #ifdef PDU_DEBUG if (x != (pdu_keys - 1)) { @@ -230,24 +230,24 @@ int32_t Crypto_Key_update(uint8_t state) printf("changed to state "); switch (state) { - case KEY_PREACTIVE: - printf("PREACTIVE. \n"); - break; - case KEY_ACTIVE: - printf("ACTIVE. \n"); - break; - case KEY_DEACTIVATED: - printf("DEACTIVATED. \n"); - break; - case KEY_DESTROYED: - printf("DESTROYED. \n"); - break; - case KEY_CORRUPTED: - printf("CORRUPTED. \n"); - break; - default: - printf("ERROR. \n"); - break; + case KEY_PREACTIVE: + printf("PREACTIVE. \n"); + break; + case KEY_ACTIVE: + printf("ACTIVE. \n"); + break; + case KEY_DEACTIVATED: + printf("DEACTIVATED. \n"); + break; + case KEY_DESTROYED: + printf("DESTROYED. \n"); + break; + case KEY_CORRUPTED: + printf("CORRUPTED. \n"); + break; + default: + printf("ERROR. \n"); + break; } #endif // Update Key State @@ -258,13 +258,13 @@ int32_t Crypto_Key_update(uint8_t state) report.af = 1; if (log_summary.rs > 0) { - Crypto_increment((uint8_t* )&log_summary.num_se, 4); + Crypto_increment((uint8_t *)&log_summary.num_se, 4); log_summary.rs--; - mc_log.blk[log_count].emt = MKID_STATE_ERR_EID; - mc_log.blk[log_count].emv[0] = 0x4E; - mc_log.blk[log_count].emv[1] = 0x41; - mc_log.blk[log_count].emv[2] = 0x53; - mc_log.blk[log_count].emv[3] = 0x41; + mc_log.blk[log_count].emt = MKID_STATE_ERR_EID; + mc_log.blk[log_count].emv[0] = 0x4E; + mc_log.blk[log_count].emv[1] = 0x41; + mc_log.blk[log_count].emv[2] = 0x53; + mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; } #ifdef PDU_DEBUG @@ -287,13 +287,13 @@ int32_t Crypto_Key_update(uint8_t state) { if (log_summary.rs > 0) { - Crypto_increment((uint8_t* )&log_summary.num_se, 4); + Crypto_increment((uint8_t *)&log_summary.num_se, 4); log_summary.rs--; - mc_log.blk[log_count].emt = KEY_TRANSITION_ERR_EID; - mc_log.blk[log_count].emv[0] = 0x4E; - mc_log.blk[log_count].emv[1] = 0x41; - mc_log.blk[log_count].emv[2] = 0x53; - mc_log.blk[log_count].emv[3] = 0x41; + mc_log.blk[log_count].emt = KEY_TRANSITION_ERR_EID; + mc_log.blk[log_count].emv[0] = 0x4E; + mc_log.blk[log_count].emv[1] = 0x41; + mc_log.blk[log_count].emv[2] = 0x53; + mc_log.blk[log_count].emv[3] = 0x41; mc_log.blk[log_count++].em_len = 4; } #ifdef PDU_DEBUG @@ -310,15 +310,15 @@ int32_t Crypto_Key_update(uint8_t state) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_Key_inventory(uint8_t* ingest) +int32_t Crypto_Key_inventory(uint8_t *ingest) { // Local variables SDLS_KEY_INVENTORY_CMD_t packet; - uint16_t range = 0; - uint8_t count = 0; - int32_t status = CRYPTO_LIB_SUCCESS; - crypto_key_t* ekp = NULL; - uint16_t x; + uint16_t range = 0; + uint8_t count = 0; + int32_t status = CRYPTO_LIB_SUCCESS; + crypto_key_t *ekp = NULL; + uint16_t x; if ((key_if == NULL) || (ingest == NULL)) { @@ -328,20 +328,21 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) // Read in PDU packet.kid_first = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); - count = count + 2; - packet.kid_last = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); - count = count + 2; + count = count + 2; + packet.kid_last = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); + count = count + 2; // Prepare for Reply - range = packet.kid_last - packet.kid_first + 1; + range = packet.kid_last - packet.kid_first + 1; sdls_frame.pdu.hdr.pdu_len = (SDLS_KEY_INVENTORY_RPLY_SIZE * (range)) * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 2 + 9; // 2 = Num Keys Returned Field (2 Bytes) + sdls_frame.hdr.pkt_length = + (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 2 + 9; // 2 = Num Keys Returned Field (2 Bytes) count = Crypto_Prep_Reply(sdls_ep_reply, 128); - + sdls_ep_reply[count++] = ((range & 0xFF00) >> 8); sdls_ep_reply[count++] = (range & 0x00FF); for (x = packet.kid_first; x <= packet.kid_last; x++) - { + { // Key ID sdls_ep_reply[count++] = ((x & 0xFF00) >> 8); sdls_ep_reply[count++] = (x & 0x00FF); @@ -370,17 +371,17 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) * @param tc_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_Key_verify(TC_t* tc_frame) +int32_t Crypto_Key_verify(TC_t *tc_frame) { // Local variables SDLS_KEYV_CMD_t packet; - int pdu_keys = sdls_frame.pdu.hdr.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; - int x; - int y; - uint8_t count = 0; - int32_t status = CRYPTO_LIB_SUCCESS; - crypto_key_t* ekp = NULL; - tc_frame = tc_frame; + int pdu_keys = sdls_frame.pdu.hdr.pdu_len / SDLS_KEYV_CMD_BLK_SIZE; + int x; + int y; + uint8_t count = 0; + int32_t status = CRYPTO_LIB_SUCCESS; + crypto_key_t *ekp = NULL; + tc_frame = tc_frame; if (key_if == NULL) { @@ -391,7 +392,7 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) #ifdef PDU_DEBUG printf("Crypto_Key_verify: Requested %d key(s) to verify \n", pdu_keys); #endif - + // Read in PDU for (x = 0; x < pdu_keys; x++) { @@ -411,34 +412,36 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) printf("\n"); #endif } - + // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * 8; + sdls_frame.pdu.hdr.pdu_len = + pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * 8; // length = pdu_len + HDR + PUS - 1 (per CCSDS Convention) if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len/8) - 1 ; + sdls_frame.hdr.pkt_length = + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / 8) - 1; } else { - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len/8) - 1; + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / 8) - 1; } - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + count = Crypto_Prep_Reply(sdls_ep_reply, 128); uint16_t pdu_data_idx = count; for (x = 0; x < pdu_keys; x++) - { + { // Key ID sdls_ep_keyv_reply.blk[x].kid = packet.blk[x].kid; sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; - sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; + sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; pdu_data_idx += 1; - + sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); - sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); + sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); pdu_data_idx += 1; count += 2; @@ -452,39 +455,38 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) // Initialization Vector for (y = 0; y < SDLS_IV_LEN; y++) { - sdls_frame.pdu.data[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); - sdls_ep_keyv_reply.blk[x].iv[y] =0x00; //= *(tc_frame->tc_sec_header.iv + y); - sdls_ep_reply[pdu_data_idx] =0x00; //= *(tc_frame->tc_sec_header.iv + y); + sdls_frame.pdu.data[pdu_data_idx] = 0x00; //= *(tc_frame->tc_sec_header.iv + y); + sdls_ep_keyv_reply.blk[x].iv[y] = 0x00; //= *(tc_frame->tc_sec_header.iv + y); + sdls_ep_reply[pdu_data_idx] = 0x00; //= *(tc_frame->tc_sec_header.iv + y); pdu_data_idx += 1; count += 1; } // ***** This increments the lowest bytes of the IVs so they aren't identical - sdls_frame.pdu.data[pdu_data_idx-1] = sdls_frame.pdu.data[pdu_data_idx-1] + x + 1; - sdls_ep_keyv_reply.blk[x].iv[11] = sdls_ep_keyv_reply.blk[x].iv[SDLS_IV_LEN-1] + x + 1; - sdls_ep_reply[pdu_data_idx-1] = sdls_ep_reply[pdu_data_idx-1] + x + 1; + sdls_frame.pdu.data[pdu_data_idx - 1] = sdls_frame.pdu.data[pdu_data_idx - 1] + x + 1; + sdls_ep_keyv_reply.blk[x].iv[11] = sdls_ep_keyv_reply.blk[x].iv[SDLS_IV_LEN - 1] + x + 1; + sdls_ep_reply[pdu_data_idx - 1] = sdls_ep_reply[pdu_data_idx - 1] + x + 1; // Encrypt challenge uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; cryptography_if->cryptography_aead_encrypt(&(sdls_ep_keyv_reply.blk[x].challenged[0]), // ciphertext output - (size_t)CHALLENGE_SIZE, // length of data - &(packet.blk[x].challenge[0]), // plaintext input - (size_t)CHALLENGE_SIZE, // in data length - &(ekp->value[0]), // Key Index - SDLS_KEY_LEN, // Key Length - NULL, // SA Reference for key - &(sdls_ep_keyv_reply.blk[x].iv[0]), // IV - SDLS_IV_LEN, // IV Length - &(sdls_ep_keyv_reply.blk[x].mac[0]), // MAC - CHALLENGE_MAC_SIZE, // MAC Size - NULL, - 0, + (size_t)CHALLENGE_SIZE, // length of data + &(packet.blk[x].challenge[0]), // plaintext input + (size_t)CHALLENGE_SIZE, // in data length + &(ekp->value[0]), // Key Index + SDLS_KEY_LEN, // Key Length + NULL, // SA Reference for key + &(sdls_ep_keyv_reply.blk[x].iv[0]), // IV + SDLS_IV_LEN, // IV Length + &(sdls_ep_keyv_reply.blk[x].mac[0]), // MAC + CHALLENGE_MAC_SIZE, // MAC Size + NULL, 0, CRYPTO_TRUE, // Encrypt CRYPTO_TRUE, // Authenticate CRYPTO_FALSE, // AAD - &ecs, // encryption cipher - NULL, // authentication cipher - NULL // cam_cookies - ); + &ecs, // encryption cipher + NULL, // authentication cipher + NULL // cam_cookies + ); // Copy from the KEYV Blocks into the output PDU memcpy(&sdls_frame.pdu.data[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].challenged[0]), CHALLENGE_SIZE); @@ -499,28 +501,27 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) } #ifdef PDU_DEBUG - + /* Easy to read debug block for verified keys */ - for ( int i = 0; i < pdu_keys; i++) + for (int i = 0; i < pdu_keys; i++) { printf("\nKey Index %d Verification results:", i); printf("\n\tKID: %04X", sdls_ep_keyv_reply.blk[i].kid); printf("\n\tIV: "); - for (int j = 0; j < SDLS_KEY_LEN; j ++) + for (int j = 0; j < SDLS_KEY_LEN; j++) { printf("%02X", sdls_ep_keyv_reply.blk[i].iv[j]); } printf("\n\tChallenged: "); - for (int j = 0; j < CHALLENGE_SIZE; j ++) + for (int j = 0; j < CHALLENGE_SIZE; j++) { printf("%02X", sdls_ep_keyv_reply.blk[i].challenged[j]); } printf("\n\tMAC: "); - for (int j = 0; j < CHALLENGE_MAC_SIZE; j ++) + for (int j = 0; j < CHALLENGE_MAC_SIZE; j++) { printf("%02X", sdls_ep_keyv_reply.blk[i].mac[j]); } - } printf("\n\nCrypto_Key_Verify: Response is %d bytes \n", count); @@ -531,7 +532,6 @@ int32_t Crypto_Key_verify(TC_t* tc_frame) } printf("\n"); - #endif return status; diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index e562d6ff..51c9b5cc 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -29,16 +29,16 @@ * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_MC_ping(uint8_t* ingest) +int32_t Crypto_MC_ping(uint8_t *ingest) { uint8_t count = 0; - count = count; - ingest = ingest; + count = count; + ingest = ingest; // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = 0; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); #ifdef PDU_DEBUG printf("MC Ping Reply: \t 0x"); @@ -57,15 +57,16 @@ int32_t Crypto_MC_ping(uint8_t* ingest) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_MC_status(uint8_t* ingest) +int32_t Crypto_MC_status(uint8_t *ingest) { - if(ingest == NULL) return CRYPTO_LIB_ERROR; + if (ingest == NULL) + return CRYPTO_LIB_ERROR; uint8_t count = 0; // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> 8; count++; @@ -95,17 +96,18 @@ int32_t Crypto_MC_status(uint8_t* ingest) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_MC_dump(uint8_t* ingest) +int32_t Crypto_MC_dump(uint8_t *ingest) { - if(ingest == NULL) return CRYPTO_LIB_ERROR; + if (ingest == NULL) + return CRYPTO_LIB_ERROR; uint8_t count = 0; - int x; - int y; + int x; + int y; // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_DUMP_RPLY_SIZE * log_count) * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU for (x = 0; x < log_count; x++) { @@ -152,17 +154,18 @@ int32_t Crypto_MC_dump(uint8_t* ingest) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_MC_erase(uint8_t* ingest) +int32_t Crypto_MC_erase(uint8_t *ingest) { - if(ingest == NULL) return CRYPTO_LIB_ERROR; + if (ingest == NULL) + return CRYPTO_LIB_ERROR; uint8_t count = 0; - int x; - int y; + int x; + int y; // Zero Logs for (x = 0; x < LOG_SIZE; x++) { - mc_log.blk[x].emt = 0; + mc_log.blk[x].emt = 0; mc_log.blk[x].em_len = 0; for (y = 0; y < EMV_SIZE; y++) { @@ -171,14 +174,14 @@ int32_t Crypto_MC_erase(uint8_t* ingest) } // Compute Summary - log_count = 0; + log_count = 0; log_summary.num_se = 0; - log_summary.rs = LOG_SIZE; + log_summary.rs = LOG_SIZE; // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; // 4 - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> 8; count++; @@ -209,19 +212,20 @@ int32_t Crypto_MC_erase(uint8_t* ingest) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_MC_selftest(uint8_t* ingest) +int32_t Crypto_MC_selftest(uint8_t *ingest) { - if(ingest == NULL) return CRYPTO_LIB_ERROR; - uint8_t count = 0; + if (ingest == NULL) + return CRYPTO_LIB_ERROR; + uint8_t count = 0; uint8_t result = ST_OK; // TODO: Perform test // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_ST_RPLY_SIZE) * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + (SDLS_TLV_HDR_SIZE) + 9; - sdls_frame.pdu.data[0] = result; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_ST_RPLY_SIZE)*8; + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + (SDLS_TLV_HDR_SIZE) + 9; + sdls_frame.pdu.data[0] = result; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); sdls_ep_reply[count] = result; count++; @@ -243,21 +247,21 @@ int32_t Crypto_MC_selftest(uint8_t* ingest) * @param ingest: uint8_t* * @return int32: Success/Failure **/ -int32_t Crypto_SA_readARSN(uint8_t* ingest) +int32_t Crypto_SA_readARSN(uint8_t *ingest) { int32_t status = CRYPTO_LIB_SUCCESS; - if(ingest == NULL) + if (ingest == NULL) { status = CRYPTO_LIB_ERROR; } if (status == CRYPTO_LIB_SUCCESS) { - //uint8_t count = 0; - uint16_t spi = 0x0000; - SecurityAssociation_t* sa_ptr; - int x; + // uint8_t count = 0; + uint16_t spi = 0x0000; + SecurityAssociation_t *sa_ptr; + int x; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; @@ -272,8 +276,8 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest) { // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = (SPI_LEN + sa_ptr->arsn_len) * 8; // bits - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - uint8_t count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + uint8_t count = Crypto_Prep_Reply(sdls_ep_reply, 128); // Write SPI to reply sdls_ep_reply[count] = (spi & 0xFF00) >> 8; @@ -342,8 +346,8 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest) **/ int32_t Crypto_MC_resetalarm(void) { // Reset all alarm flags - report.af = 0; - report.bsnf = 0; + report.af = 0; + report.bsnf = 0; report.bmacf = 0; report.ispif = 0; return CRYPTO_LIB_SUCCESS; diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index 26c68dad..ccb4d6cc 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -30,7 +30,7 @@ * Prints the current TC in memory. * @param tc_frame: TC_t* **/ -void Crypto_tcPrint(TC_t* tc_frame) +void Crypto_tcPrint(TC_t *tc_frame) { printf("Current TC in memory is: \n"); printf("\t Header\n"); @@ -61,7 +61,7 @@ void Crypto_tcPrint(TC_t* tc_frame) * @param tm_frame: TM_t* **/ // TODO - START HERE WORK ON PRINT HERE -void Crypto_tmPrint(TM_t* tm_frame) +void Crypto_tmPrint(TM_t *tm_frame) { tm_frame = tm_frame; printf("Current TM in memory is: \n"); @@ -104,7 +104,7 @@ void Crypto_Print_Sdls_Ep_Reply(void) uint16_t pkt_length = 0; pkt_length = ((sdls_ep_reply[4] << 8) | sdls_ep_reply[5]) + 1; - + // Sanity check on length if (pkt_length > TC_MAX_FRAME_SIZE) { @@ -128,7 +128,7 @@ void Crypto_Print_Sdls_Ep_Reply(void) * Prints the current CLCW in memory. * @param clcw: Telemetry_Frame_Clcw_t* **/ -void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw) +void Crypto_clcwPrint(Telemetry_Frame_Clcw_t *clcw) { printf("Current CLCW in memory is: \n"); printf("\t cwt = 0x%01x \n", clcw->cwt); @@ -153,7 +153,7 @@ void Crypto_clcwPrint(Telemetry_Frame_Clcw_t* clcw) * Prints the current FSR in memory. * @param report: SDLS_FSR_t* **/ -void Crypto_fsrPrint(SDLS_FSR_t* report) +void Crypto_fsrPrint(SDLS_FSR_t *report) { printf("Current FSR in memory is: \n"); printf("\t cwt = 0x%01x \n", report->cwt); @@ -172,7 +172,7 @@ void Crypto_fsrPrint(SDLS_FSR_t* report) * Prints the current CCSDS in memory. * @param sdls_frame: CCSDS_t* **/ -void Crypto_ccsdsPrint(CCSDS_t* sdls_frame) +void Crypto_ccsdsPrint(CCSDS_t *sdls_frame) { printf("Current CCSDS in memory is: \n"); printf("\t Primary Header\n"); @@ -208,7 +208,7 @@ void Crypto_ccsdsPrint(CCSDS_t* sdls_frame) * Prints the current Security Association in memory. * @param sa: SecurityAssociation_t* **/ -void Crypto_saPrint(SecurityAssociation_t* sa) +void Crypto_saPrint(SecurityAssociation_t *sa) { int i; @@ -245,7 +245,8 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\t iv[%d] = 0x%02x \n", i, *(sa->iv + i)); } } - else{ + else + { printf("\t iv = %s \n", sa->iv); } printf("\t acs_len = %d \n", sa->acs_len); @@ -281,10 +282,10 @@ void Crypto_saPrint(SecurityAssociation_t* sa) * @param c: void*, The hex to be printed. * @param n: size_t, The size of the array to be printed. **/ -void Crypto_hexprint(const void* c, size_t n) +void Crypto_hexprint(const void *c, size_t n) { - const uint8_t* t = c; - size_t idx = 0; + const uint8_t *t = c; + size_t idx = 0; if (c == NULL) return; while (idx < n) @@ -301,15 +302,15 @@ void Crypto_hexprint(const void* c, size_t n) * @param c: void*, The binary array to be printed. * @param n: size_t, The size of the array to be printed. **/ -void Crypto_binprint(void* c, size_t n) +void Crypto_binprint(void *c, size_t n) { - uint8_t* t = c; - int q; + uint8_t *t = c; + int q; if (c == NULL) return; while (n > 0) - { + { --n; for (q = 0x80; q; q >>= 1) printf("%x", !!(t[n] & q)); @@ -317,7 +318,7 @@ void Crypto_binprint(void* c, size_t n) printf("\n"); } -void Crypto_mpPrint(GvcidManagedParameters_t* managed_parameters, uint8_t print_children) +void Crypto_mpPrint(GvcidManagedParameters_t *managed_parameters, uint8_t print_children) // Prints the currently configured Managed Parameters { print_children = print_children; diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 1e965ee2..fae2bb0f 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -24,8 +24,9 @@ #include // memcpy /* Helper functions */ -static int32_t crypto_tc_validate_sa(SecurityAssociation_t* sa); -static int32_t crypto_handle_incrementing_nontransmitted_counter(uint8_t* dest, uint8_t* src, int src_full_len, int transmitted_len, int window); +static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa); +static int32_t crypto_handle_incrementing_nontransmitted_counter(uint8_t *dest, uint8_t *src, int src_full_len, + int transmitted_len, int window); /** * @brief Function: Crypto_TC_Get_SA_Service_Type @@ -34,7 +35,7 @@ static int32_t crypto_handle_incrementing_nontransmitted_counter(uint8_t* dest, * @param sa_ptr: SecurityAssociation_t* * @return int32: ENUM - Service type **/ -int32_t Crypto_TC_Get_SA_Service_Type(uint8_t* sa_service_type, SecurityAssociation_t* sa_ptr) +int32_t Crypto_TC_Get_SA_Service_Type(uint8_t *sa_service_type, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -75,10 +76,11 @@ int32_t Crypto_TC_Get_SA_Service_Type(uint8_t* sa_service_type, SecurityAssociat * @param sa_ptr: SecurityAssociation_t* * @return int32: Cipher Mode or Error Enum **/ -int32_t Crypto_TC_Get_Ciper_Mode_TCA(uint8_t sa_service_type, uint32_t* encryption_cipher, uint8_t* ecs_is_aead_algorithm, SecurityAssociation_t* sa_ptr) +int32_t Crypto_TC_Get_Ciper_Mode_TCA(uint8_t sa_service_type, uint32_t *encryption_cipher, + uint8_t *ecs_is_aead_algorithm, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - + if (sa_service_type != SA_PLAINTEXT) { if (sa_ptr->ecs != CRYPTO_CIPHER_NONE) @@ -140,7 +142,8 @@ int32_t Crypto_TC_Validate_SA_Service_Type(uint8_t sa_service_type) { int32_t status = CRYPTO_LIB_SUCCESS; - if ((sa_service_type != SA_PLAINTEXT) && (sa_service_type != SA_AUTHENTICATED_ENCRYPTION) && (sa_service_type != SA_ENCRYPTION) && (sa_service_type != SA_AUTHENTICATION)) + if ((sa_service_type != SA_PLAINTEXT) && (sa_service_type != SA_AUTHENTICATED_ENCRYPTION) && + (sa_service_type != SA_ENCRYPTION) && (sa_service_type != SA_AUTHENTICATION)) { printf(KRED "Unknown SA Service Type Detected!\n" RESET); status = CRYPTO_LIB_ERR_INVALID_SA_SERVICE_TYPE; @@ -154,12 +157,14 @@ int32_t Crypto_TC_Validate_SA_Service_Type(uint8_t sa_service_type) * @param sa_service_type: uint8_t * @param pkcs_padding: uint32_t* * @param p_enc_frame_len: uint16_t* - * @param new_enc_frame_header_field_length: uint16_t* - * @param tf_payload_len: uint16_t - * @param sa_ptr: SecurityAssociation_t* + * @param new_enc_frame_header_field_length: uint16_t* + * @param tf_payload_len: uint16_t + * @param sa_ptr: SecurityAssociation_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Handle_Enc_Padding(uint8_t sa_service_type, uint32_t* pkcs_padding, uint16_t* p_enc_frame_len, uint16_t* new_enc_frame_header_field_length, uint16_t tf_payload_len, SecurityAssociation_t* sa_ptr) +int32_t Crypto_TC_Handle_Enc_Padding(uint8_t sa_service_type, uint32_t *pkcs_padding, uint16_t *p_enc_frame_len, + uint16_t *new_enc_frame_header_field_length, uint16_t tf_payload_len, + SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; if (sa_service_type == SA_ENCRYPTION) @@ -199,7 +204,7 @@ int32_t Crypto_TC_Handle_Enc_Padding(uint8_t sa_service_type, uint32_t* pkcs_pad * @param p_enc_frame_len: uint16_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Frame_Validation(uint16_t* p_enc_frame_len) +int32_t Crypto_TC_Frame_Validation(uint16_t *p_enc_frame_len) { int32_t status = CRYPTO_LIB_SUCCESS; if (*p_enc_frame_len > current_managed_parameters_struct.max_frame_size) @@ -232,10 +237,10 @@ int32_t Crypto_TC_Frame_Validation(uint16_t* p_enc_frame_len) * @param p_enc_frame_len: uint16_t* * @return int32: Creates Buffer, Returns Success/Failure **/ -int32_t Crypto_TC_Accio_Buffer(uint8_t** p_new_enc_frame, uint16_t* p_enc_frame_len) +int32_t Crypto_TC_Accio_Buffer(uint8_t **p_new_enc_frame, uint16_t *p_enc_frame_len) { - int32_t status = CRYPTO_LIB_SUCCESS; - *p_new_enc_frame = (uint8_t*)malloc((*p_enc_frame_len) * sizeof(uint8_t)); + int32_t status = CRYPTO_LIB_SUCCESS; + *p_new_enc_frame = (uint8_t *)malloc((*p_enc_frame_len) * sizeof(uint8_t)); if (!p_new_enc_frame) { printf(KRED "Error: Malloc for encrypted output buffer failed! \n" RESET); @@ -253,14 +258,15 @@ int32_t Crypto_TC_Accio_Buffer(uint8_t** p_new_enc_frame, uint16_t* p_enc_frame_ * @param sa_ptr: SecurityAssociation_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_ACS_Algo_Check(SecurityAssociation_t* sa_ptr) +int32_t Crypto_TC_ACS_Algo_Check(SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; if ((sa_ptr->est == 0) && (sa_ptr->ast == 1)) { if (sa_ptr->acs_len != 0) { - if ((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && + if ((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || + sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && sa_ptr->iv_len > 0) { status = CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; @@ -279,10 +285,10 @@ int32_t Crypto_TC_ACS_Algo_Check(SecurityAssociation_t* sa_ptr) * @param index: uint16_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Check_IV_Setup(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame, uint16_t *index) +int32_t Crypto_TC_Check_IV_Setup(SecurityAssociation_t *sa_ptr, uint8_t *p_new_enc_frame, uint16_t *index) { - int32_t status = CRYPTO_LIB_SUCCESS; - int i; + int32_t status = CRYPTO_LIB_SUCCESS; + int i; uint16_t index_temp = *index; if (crypto_config.iv_type == IV_INTERNAL) { @@ -316,7 +322,6 @@ int32_t Crypto_TC_Check_IV_Setup(SecurityAssociation_t* sa_ptr, uint8_t* p_new_e return status; } - /** * @brief Function: Crypto_TC_Do_Encrypt_PLAINTEXT * Handles Plaintext TC Encryption @@ -324,30 +329,34 @@ int32_t Crypto_TC_Check_IV_Setup(SecurityAssociation_t* sa_ptr, uint8_t* p_new_e * @param sa_ptr: SecurityAssociation_t* * @param mac_loc: uint16_t* * @param tf_payload_len: uint16_t - * @param segment_hdr_len: uint8_t - * @param p_new_enc_frame: uint8_t* - * @param ekp: crypto_key_t* + * @param segment_hdr_len: uint8_t + * @param p_new_enc_frame: uint8_t* + * @param ekp: crypto_key_t* * @param aad: uint8_t** - * @param ecs_is_aead_algorithm: uint8_t + * @param ecs_is_aead_algorithm: uint8_t * @param index_p: uint16_t* - * @param p_in_frame: const uint8_t* - * @param cam_cookies: char* - * @param pkcs_padding:uint32_t + * @param p_in_frame: const uint8_t* + * @param cam_cookies: char* + * @param pkcs_padding:uint32_t * @return int32: Success/Failure **/ -int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint16_t* mac_loc, uint16_t tf_payload_len, uint8_t segment_hdr_len, uint8_t* p_new_enc_frame, crypto_key_t* ekp, uint8_t** aad, uint8_t ecs_is_aead_algorithm, uint16_t *index_p, const uint8_t* p_in_frame, char* cam_cookies, uint32_t pkcs_padding) +int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint16_t *mac_loc, + uint16_t tf_payload_len, uint8_t segment_hdr_len, uint8_t *p_new_enc_frame, + crypto_key_t *ekp, uint8_t **aad, uint8_t ecs_is_aead_algorithm, + uint16_t *index_p, const uint8_t *p_in_frame, char *cam_cookies, + uint32_t pkcs_padding) { - int32_t status = CRYPTO_LIB_SUCCESS; - uint16_t index = *index_p; + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t index = *index_p; if (sa_service_type != SA_PLAINTEXT) { - uint8_t* mac_ptr = NULL; + uint8_t *mac_ptr = NULL; uint16_t aad_len = 0; if (sa_service_type == SA_AUTHENTICATED_ENCRYPTION || sa_service_type == SA_AUTHENTICATION) { *mac_loc = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + - sa_ptr->shplf_len + tf_payload_len; + sa_ptr->shplf_len + tf_payload_len; #ifdef MAC_DEBUG printf(KYEL "MAC location is: %d\n" RESET, *mac_loc); printf(KYEL "MAC size is: %d\n" RESET, sa_ptr->stmacf_len); @@ -355,9 +364,10 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat mac_ptr = &p_new_enc_frame[*mac_loc]; // Prepare the Header AAD (CCSDS 335.0-B-1 4.2.3.2.2.3) - aad_len = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + - sa_ptr->shsnf_len + sa_ptr->shplf_len; - if (sa_service_type == SA_AUTHENTICATION) // auth only, we authenticate the payload as part of the AEAD encrypt call here + aad_len = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + + sa_ptr->shplf_len; + if (sa_service_type == + SA_AUTHENTICATION) // auth only, we authenticate the payload as part of the AEAD encrypt call here { aad_len += tf_payload_len; } @@ -397,25 +407,24 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat return status; } - status = cryptography_if->cryptography_aead_encrypt(&p_new_enc_frame[index], // ciphertext output - (size_t)tf_payload_len, // length of data - (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input - (size_t)tf_payload_len, // in data length - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - mac_ptr, // tag output - sa_ptr->stmacf_len, // tag size - *aad, // AAD Input - aad_len, // Length of AAD - (sa_ptr->est == 1), - (sa_ptr->ast == 1), - (sa_ptr->ast == 1), - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher - cam_cookies); + status = cryptography_if->cryptography_aead_encrypt( + &p_new_enc_frame[index], // ciphertext output + (size_t)tf_payload_len, // length of data + (uint8_t *)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input + (size_t)tf_payload_len, // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + mac_ptr, // tag output + sa_ptr->stmacf_len, // tag size + *aad, // AAD Input + aad_len, // Length of AAD + (sa_ptr->est == 1), (sa_ptr->ast == 1), (sa_ptr->ast == 1), + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher + cam_cookies); } else // non aead algorithm { @@ -429,27 +438,27 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } - status = cryptography_if->cryptography_encrypt(&p_new_enc_frame[index], // ciphertext output - (size_t)tf_payload_len, - &p_new_enc_frame[index], // length of data - //(uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input - (size_t)tf_payload_len, // in data length - // new_frame_length, - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - pkcs_padding, - cam_cookies); + status = cryptography_if->cryptography_encrypt( + &p_new_enc_frame[index], // ciphertext output + (size_t)tf_payload_len, + &p_new_enc_frame[index], // length of data + //(uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input + (size_t)tf_payload_len, // in data length + // new_frame_length, + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + pkcs_padding, cam_cookies); } if (sa_service_type == SA_AUTHENTICATION) { /* Get Key */ - crypto_key_t* akp = NULL; - akp = key_if->get_key(sa_ptr->akid); + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); if (akp == NULL) { return CRYPTO_LIB_ERR_KEY_ID_ERROR; @@ -462,25 +471,25 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } - status = cryptography_if->cryptography_authenticate(&p_new_enc_frame[index], // ciphertext output - (size_t)tf_payload_len, // length of data - (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input - (size_t)tf_payload_len, // in data length - &(akp->value[0]), // Key - Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - mac_ptr, // tag output - sa_ptr->stmacf_len, // tag size - *aad, // AAD Input - aad_len, // Length of AAD - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher - cam_cookies); + status = cryptography_if->cryptography_authenticate( + &p_new_enc_frame[index], // ciphertext output + (size_t)tf_payload_len, // length of data + (uint8_t *)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input + (size_t)tf_payload_len, // in data length + &(akp->value[0]), // Key + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + mac_ptr, // tag output + sa_ptr->stmacf_len, // tag size + *aad, // AAD Input + aad_len, // Length of AAD + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher + cam_cookies); } - - } + } *index_p = index; if (status != CRYPTO_LIB_SUCCESS) { @@ -499,7 +508,7 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat * @param sa_ptr: SecurityAssociation_t* * @return int32: Success/Failure **/ -void Crypto_TC_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr) +void Crypto_TC_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr) { if (sa_service_type != SA_PLAINTEXT) { @@ -565,31 +574,37 @@ void Crypto_TC_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, SecurityAssociat * @param sa_ptr: SecurityAssociation_t* * @param mac_loc: uint16_t* * @param tf_payload_len: uint16_t - * @param segment_hdr_len: uint8_t - * @param p_new_enc_frame: uint8_t* - * @param ekp: crypto_key_t* + * @param segment_hdr_len: uint8_t + * @param p_new_enc_frame: uint8_t* + * @param ekp: crypto_key_t* * @param aad: uint8_t** - * @param ecs_is_aead_algorithm: uint8_t + * @param ecs_is_aead_algorithm: uint8_t * @param index_p: uint16_t* - * @param p_in_frame: const uint8_t* - * @param cam_cookies: char* - * @param pkcs_padding:uint32_t - * @param new_enc_frame_header_field_length: uint16_t + * @param p_in_frame: const uint8_t* + * @param cam_cookies: char* + * @param pkcs_padding:uint32_t + * @param new_enc_frame_header_field_length: uint16_t * @param new_fecf: uint16_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint16_t* mac_loc, uint16_t tf_payload_len, uint8_t segment_hdr_len, uint8_t* p_new_enc_frame, crypto_key_t* ekp, uint8_t** aad, uint8_t ecs_is_aead_algorithm, uint16_t *index_p, const uint8_t* p_in_frame, char* cam_cookies, uint32_t pkcs_padding, uint16_t new_enc_frame_header_field_length, uint16_t* new_fecf) +int32_t Crypto_TC_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint16_t *mac_loc, + uint16_t tf_payload_len, uint8_t segment_hdr_len, uint8_t *p_new_enc_frame, + crypto_key_t *ekp, uint8_t **aad, uint8_t ecs_is_aead_algorithm, uint16_t *index_p, + const uint8_t *p_in_frame, char *cam_cookies, uint32_t pkcs_padding, + uint16_t new_enc_frame_header_field_length, uint16_t *new_fecf) { - int32_t status = CRYPTO_LIB_SUCCESS; - uint16_t index = *index_p; - status = Crypto_TC_Do_Encrypt_PLAINTEXT(sa_service_type, sa_ptr, mac_loc, tf_payload_len, segment_hdr_len, p_new_enc_frame, ekp, aad, ecs_is_aead_algorithm, index_p, p_in_frame, cam_cookies, pkcs_padding); + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t index = *index_p; + status = Crypto_TC_Do_Encrypt_PLAINTEXT(sa_service_type, sa_ptr, mac_loc, tf_payload_len, segment_hdr_len, + p_new_enc_frame, ekp, aad, ecs_is_aead_algorithm, index_p, p_in_frame, + cam_cookies, pkcs_padding); if (status != CRYPTO_LIB_SUCCESS) { Crypto_TC_Safe_Free_Ptr(*aad); mc_if->mc_log(status); - return status; + return status; } - //TODO: Status? + // TODO: Status? Crypto_TC_Do_Encrypt_NONPLAINTEXT(sa_service_type, sa_ptr); /* ** End Authentication / Encryption @@ -605,12 +620,12 @@ int32_t Crypto_TC_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ { *new_fecf = Crypto_Calc_FECF(p_new_enc_frame, new_enc_frame_header_field_length - 1); *(p_new_enc_frame + new_enc_frame_header_field_length - 1) = (uint8_t)((*new_fecf & 0xFF00) >> 8); - *(p_new_enc_frame + new_enc_frame_header_field_length) = (uint8_t)(*new_fecf & 0x00FF); + *(p_new_enc_frame + new_enc_frame_header_field_length) = (uint8_t)(*new_fecf & 0x00FF); } else // CRYPTO_TC_CREATE_FECF_FALSE { *(p_new_enc_frame + new_enc_frame_header_field_length - 1) = (uint8_t)0x00; - *(p_new_enc_frame + new_enc_frame_header_field_length) = (uint8_t)0x00; + *(p_new_enc_frame + new_enc_frame_header_field_length) = (uint8_t)0x00; } index += 2; } @@ -653,8 +668,8 @@ int32_t Crypto_TC_Check_Init_Setup(uint16_t in_frame_length) * @param in_frame_length: const uint16_t * @return int32: Success/Failure **/ -int32_t Crypto_TC_Sanity_Setup(const uint8_t* p_in_frame, const uint16_t in_frame_length) -{ +int32_t Crypto_TC_Sanity_Setup(const uint8_t *p_in_frame, const uint16_t in_frame_length) +{ uint32_t status = CRYPTO_LIB_SUCCESS; if (p_in_frame == NULL) { @@ -670,13 +685,13 @@ int32_t Crypto_TC_Sanity_Setup(const uint8_t* p_in_frame, const uint16_t in_fram printf("DEBUG - "); for (i = 0; i < in_frame_length; i++) { - printf("%02X", ((uint8_t*)&*p_in_frame)[i]); + printf("%02X", ((uint8_t *)&*p_in_frame)[i]); } printf("\nPrinted %d bytes\n", in_frame_length); #else // TODO - Find another way to know this and remove this argument uint16_t tmp = in_frame_length; - tmp = tmp; + tmp = tmp; #endif status = Crypto_TC_Check_Init_Setup(in_frame_length); if (status != CRYPTO_LIB_SUCCESS) @@ -690,15 +705,17 @@ int32_t Crypto_TC_Sanity_Setup(const uint8_t* p_in_frame, const uint16_t in_fram /** * @brief Function: Crytpo_TC_Validate_TC_Temp_Header * TC Temp Header Validation - Sanity Check - * @param in_frame_length: const uint16_t - * @param temp_tc_header: TC_FramePrimaryHeader_t + * @param in_frame_length: const uint16_t + * @param temp_tc_header: TC_FramePrimaryHeader_t * @param p_in_frame: const uint8_t* * @param map_id: uint8_t* - * @param segmentation_hdr: uint8_t* + * @param segmentation_hdr: uint8_t* * @param sa_ptr: SecurityAssociation_t** * @return int32: Success/Failure **/ -int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_FramePrimaryHeader_t temp_tc_header, const uint8_t* p_in_frame, uint8_t* map_id, uint8_t* segmentation_hdr, SecurityAssociation_t** sa_ptr) +int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_FramePrimaryHeader_t temp_tc_header, + const uint8_t *p_in_frame, uint8_t *map_id, uint8_t *segmentation_hdr, + SecurityAssociation_t **sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; if (in_frame_length < temp_tc_header.fl + 1) // Specified frame length larger than provided frame! @@ -709,8 +726,9 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra } // Lookup-retrieve managed parameters for frame via gvcid: - status = Crypto_Get_Managed_Parameters_For_Gvcid(temp_tc_header.tfvn, temp_tc_header.scid, temp_tc_header.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(temp_tc_header.tfvn, temp_tc_header.scid, temp_tc_header.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); if (status != CRYPTO_LIB_SUCCESS) { @@ -721,7 +739,7 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra if (current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) { *segmentation_hdr = p_in_frame[5]; - *map_id = *segmentation_hdr & 0x3F; + *map_id = *segmentation_hdr & 0x3F; } // Check if command frame flag set status = Crypto_TC_Check_CMD_Frame_Flag(temp_tc_header.cc); @@ -730,8 +748,8 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra mc_if->mc_log(status); return status; } - status = sa_if->sa_get_operational_sa_from_gvcid(temp_tc_header.tfvn, temp_tc_header.scid, - temp_tc_header.vcid, *map_id, sa_ptr); + status = sa_if->sa_get_operational_sa_from_gvcid(temp_tc_header.tfvn, temp_tc_header.scid, temp_tc_header.vcid, + *map_id, sa_ptr); // If unable to get operational SA, can return if (status != CRYPTO_LIB_SUCCESS) { @@ -750,7 +768,7 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra return status; } - /** +/** * @brief Function: Crypto_TC_Finalize_Frame_Setup * Handles validation and setup of TC Frame * @param sa_service_type: uint8_t @@ -762,25 +780,28 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra * @param p_new_enc_frame: uint8_t** * @return int32: Success/Failure **/ -int32_t Crypto_TC_Finalize_Frame_Setup(uint8_t sa_service_type, uint32_t* pkcs_padding, uint16_t* p_enc_frame_len, uint16_t* new_enc_frame_header_field_length, uint16_t tf_payload_len, SecurityAssociation_t** sa_ptr, uint8_t** p_new_enc_frame) +int32_t Crypto_TC_Finalize_Frame_Setup(uint8_t sa_service_type, uint32_t *pkcs_padding, uint16_t *p_enc_frame_len, + uint16_t *new_enc_frame_header_field_length, uint16_t tf_payload_len, + SecurityAssociation_t **sa_ptr, uint8_t **p_new_enc_frame) { uint32_t status = CRYPTO_LIB_SUCCESS; - status = Crypto_TC_Handle_Enc_Padding(sa_service_type, pkcs_padding, p_enc_frame_len, new_enc_frame_header_field_length, tf_payload_len, *sa_ptr); - if(status == CRYPTO_LIB_SUCCESS) + status = Crypto_TC_Handle_Enc_Padding(sa_service_type, pkcs_padding, p_enc_frame_len, + new_enc_frame_header_field_length, tf_payload_len, *sa_ptr); + if (status == CRYPTO_LIB_SUCCESS) { status = Crypto_TC_Validate_SA_Service_Type(sa_service_type); } - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { // Ensure the frame to be created will not violate managed parameter maximum length status = Crypto_TC_Frame_Validation(p_enc_frame_len); } - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { // Accio buffer status = Crypto_TC_Accio_Buffer(p_new_enc_frame, p_enc_frame_len); } - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); } @@ -788,23 +809,24 @@ int32_t Crypto_TC_Finalize_Frame_Setup(uint8_t sa_service_type, uint32_t* pkcs_p return status; } -/** +/** * @brief Function: Crypto_TC_Handle_Padding * Handles Frame Padding if necessary: Depends on KMC vs Internal vs Algorithm etc - * @param pkcs_padding: uint32_t - * @param sa_ptr: SecurityAssociation_t* - * @param p_new_enc_frame: uint8_t* + * @param pkcs_padding: uint32_t + * @param sa_ptr: SecurityAssociation_t* + * @param p_new_enc_frame: uint8_t* * @param index: uint16_t* * @return int32: Success/Failure **/ -void Crypto_TC_Handle_Padding(uint32_t pkcs_padding, SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame, uint16_t* index) +void Crypto_TC_Handle_Padding(uint32_t pkcs_padding, SecurityAssociation_t *sa_ptr, uint8_t *p_new_enc_frame, + uint16_t *index) { - int i = 0; + int i = 0; uint16_t temp_index = *index; if (pkcs_padding) { - uint8_t hex_padding[3] = {0}; // TODO: Create #Define for the 3 - pkcs_padding = pkcs_padding & 0x00FFFFFF; // Truncate to be maxiumum of 3 bytes in size + uint8_t hex_padding[3] = {0}; // TODO: Create #Define for the 3 + pkcs_padding = pkcs_padding & 0x00FFFFFF; // Truncate to be maxiumum of 3 bytes in size // Byte Magic hex_padding[0] = (pkcs_padding >> 16) & 0xFF; @@ -812,7 +834,7 @@ void Crypto_TC_Handle_Padding(uint32_t pkcs_padding, SecurityAssociation_t* sa_p hex_padding[2] = (pkcs_padding)&0xFF; uint8_t padding_start = 0; - padding_start = 3 - sa_ptr->shplf_len; + padding_start = 3 - sa_ptr->shplf_len; for (i = 0; i < sa_ptr->shplf_len; i++) { @@ -823,18 +845,18 @@ void Crypto_TC_Handle_Padding(uint32_t pkcs_padding, SecurityAssociation_t* sa_p } } -/** +/** * @brief Function: Crypto_TC_Set_IV * Performs validation and setup of IV - * @param sa_ptr: SecurityAssociation_t* - * @param p_new_enc_frame: uint8_t* + * @param sa_ptr: SecurityAssociation_t* + * @param p_new_enc_frame: uint8_t* * @param index: uint16_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Set_IV(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame, uint16_t* index) +int32_t Crypto_TC_Set_IV(SecurityAssociation_t *sa_ptr, uint8_t *p_new_enc_frame, uint16_t *index) { uint32_t status = CRYPTO_LIB_SUCCESS; - #ifdef SA_DEBUG +#ifdef SA_DEBUG if (sa_ptr->shivf_len > 0) { int i = 0; @@ -853,12 +875,12 @@ int32_t Crypto_TC_Set_IV(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame } #endif status = Crypto_TC_ACS_Algo_Check(sa_ptr); - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { - status = Crypto_TC_Check_IV_Setup(sa_ptr, p_new_enc_frame, index); + status = Crypto_TC_Check_IV_Setup(sa_ptr, p_new_enc_frame, index); } - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); } @@ -874,8 +896,8 @@ int32_t Crypto_TC_Set_IV(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame * @param p_enc_frame_len: uint16 * @return int32: Success/Failure **/ -int32_t Crypto_TC_ApplySecurity(const uint8_t* p_in_frame, const uint16_t in_frame_length, uint8_t** pp_in_frame, - uint16_t* p_enc_frame_len) +int32_t Crypto_TC_ApplySecurity(const uint8_t *p_in_frame, const uint16_t in_frame_length, uint8_t **pp_in_frame, + uint16_t *p_enc_frame_len) { // Passthrough to maintain original function signature when CAM isn't used. return Crypto_TC_ApplySecurity_Cam(p_in_frame, in_frame_length, pp_in_frame, p_enc_frame_len, NULL); @@ -890,27 +912,27 @@ int32_t Crypto_TC_ApplySecurity(const uint8_t* p_in_frame, const uint16_t in_fra * @param cam_cookies: char* * @return int32: Success/Failure **/ -int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in_frame_length, uint8_t** pp_in_frame, - uint16_t* p_enc_frame_len, char* cam_cookies) +int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t *p_in_frame, const uint16_t in_frame_length, uint8_t **pp_in_frame, + uint16_t *p_enc_frame_len, char *cam_cookies) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; TC_FramePrimaryHeader_t temp_tc_header; - SecurityAssociation_t* sa_ptr = NULL; - uint8_t* p_new_enc_frame = NULL; - uint8_t sa_service_type = -1; - uint16_t mac_loc = 0; - uint16_t tf_payload_len = 0x0000; - uint16_t new_fecf = 0x0000; - uint8_t* aad = NULL; - uint16_t new_enc_frame_header_field_length = 0; - uint32_t encryption_cipher = 0; - uint8_t ecs_is_aead_algorithm; - int i; - uint32_t pkcs_padding = 0; - crypto_key_t* ekp = NULL; - uint8_t map_id = 0; - uint8_t segmentation_hdr = 0x00; + SecurityAssociation_t *sa_ptr = NULL; + uint8_t *p_new_enc_frame = NULL; + uint8_t sa_service_type = -1; + uint16_t mac_loc = 0; + uint16_t tf_payload_len = 0x0000; + uint16_t new_fecf = 0x0000; + uint8_t *aad = NULL; + uint16_t new_enc_frame_header_field_length = 0; + uint32_t encryption_cipher = 0; + uint8_t ecs_is_aead_algorithm; + int i; + uint32_t pkcs_padding = 0; + crypto_key_t *ekp = NULL; + uint8_t map_id = 0; + uint8_t segmentation_hdr = 0x00; #ifdef DEBUG printf(KYEL "\n----- Crypto_TC_ApplySecurity START -----\n" RESET); @@ -922,17 +944,18 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in return status; } // Primary Header - temp_tc_header.tfvn = ((uint8_t)p_in_frame[0] & 0xC0) >> 6; + temp_tc_header.tfvn = ((uint8_t)p_in_frame[0] & 0xC0) >> 6; temp_tc_header.bypass = ((uint8_t)p_in_frame[0] & 0x20) >> 5; - temp_tc_header.cc = ((uint8_t)p_in_frame[0] & 0x10) >> 4; - temp_tc_header.spare = ((uint8_t)p_in_frame[0] & 0x0C) >> 2; - temp_tc_header.scid = ((uint8_t)p_in_frame[0] & 0x03) << 8; - temp_tc_header.scid = temp_tc_header.scid | (uint8_t)p_in_frame[1]; - temp_tc_header.vcid = ((uint8_t)p_in_frame[2] & 0xFC) >> 2 & crypto_config.vcid_bitmask; - temp_tc_header.fl = ((uint8_t)p_in_frame[2] & 0x03) << 8; - temp_tc_header.fl = temp_tc_header.fl | (uint8_t)p_in_frame[3]; - temp_tc_header.fsn = (uint8_t)p_in_frame[4]; - status = Crytpo_TC_Validate_TC_Temp_Header(in_frame_length, temp_tc_header, p_in_frame, &map_id, &segmentation_hdr, &sa_ptr); + temp_tc_header.cc = ((uint8_t)p_in_frame[0] & 0x10) >> 4; + temp_tc_header.spare = ((uint8_t)p_in_frame[0] & 0x0C) >> 2; + temp_tc_header.scid = ((uint8_t)p_in_frame[0] & 0x03) << 8; + temp_tc_header.scid = temp_tc_header.scid | (uint8_t)p_in_frame[1]; + temp_tc_header.vcid = ((uint8_t)p_in_frame[2] & 0xFC) >> 2 & crypto_config.vcid_bitmask; + temp_tc_header.fl = ((uint8_t)p_in_frame[2] & 0x03) << 8; + temp_tc_header.fl = temp_tc_header.fl | (uint8_t)p_in_frame[3]; + temp_tc_header.fsn = (uint8_t)p_in_frame[4]; + status = Crytpo_TC_Validate_TC_Temp_Header(in_frame_length, temp_tc_header, p_in_frame, &map_id, &segmentation_hdr, + &sa_ptr); if (status != CRYPTO_LIB_SUCCESS) { return status; @@ -944,14 +967,14 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in #endif // Determine SA Service Type status = Crypto_TC_Get_SA_Service_Type(&sa_service_type, sa_ptr); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); return status; } // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly status = Crypto_TC_Get_Ciper_Mode_TCA(sa_service_type, &encryption_cipher, &ecs_is_aead_algorithm, sa_ptr); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); return status; @@ -959,24 +982,24 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in #ifdef TC_DEBUG switch (sa_service_type) { - case SA_PLAINTEXT: - printf(KBLU "Creating a TC - CLEAR!\n" RESET); - break; - case SA_AUTHENTICATION: - printf(KBLU "Creating a TC - AUTHENTICATED!\n" RESET); - break; - case SA_ENCRYPTION: - printf(KBLU "Creating a TC - ENCRYPTED!\n" RESET); - break; - case SA_AUTHENTICATED_ENCRYPTION: - printf(KBLU "Creating a TC - AUTHENTICATED ENCRYPTION!\n" RESET); - break; + case SA_PLAINTEXT: + printf(KBLU "Creating a TC - CLEAR!\n" RESET); + break; + case SA_AUTHENTICATION: + printf(KBLU "Creating a TC - AUTHENTICATED!\n" RESET); + break; + case SA_ENCRYPTION: + printf(KBLU "Creating a TC - ENCRYPTED!\n" RESET); + break; + case SA_AUTHENTICATED_ENCRYPTION: + printf(KBLU "Creating a TC - AUTHENTICATED ENCRYPTION!\n" RESET); + break; } #endif // Determine if segment header exists and FECF exists uint8_t segment_hdr_len = TC_SEGMENT_HDR_SIZE; - uint8_t fecf_len = FECF_SIZE; + uint8_t fecf_len = FECF_SIZE; Crypto_TC_Calc_Lengths(&fecf_len, &segment_hdr_len); // Calculate tf_payload length here to be used in other logic tf_payload_len = temp_tc_header.fl - TC_FRAME_HEADER_SIZE - segment_hdr_len - fecf_len + 1; @@ -994,18 +1017,20 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in */ // Calculate frame lengths based on SA fields - *p_enc_frame_len = temp_tc_header.fl + 1 + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len + sa_ptr->stmacf_len; + *p_enc_frame_len = + temp_tc_header.fl + 1 + 2 + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len + sa_ptr->stmacf_len; new_enc_frame_header_field_length = (*p_enc_frame_len) - 1; // Finalize frame setup - status = Crypto_TC_Finalize_Frame_Setup(sa_service_type, &pkcs_padding, p_enc_frame_len, &new_enc_frame_header_field_length, tf_payload_len, &sa_ptr, &p_new_enc_frame); - if(status != CRYPTO_LIB_SUCCESS) + status = + Crypto_TC_Finalize_Frame_Setup(sa_service_type, &pkcs_padding, p_enc_frame_len, + &new_enc_frame_header_field_length, tf_payload_len, &sa_ptr, &p_new_enc_frame); + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); return status; } - #ifdef TC_DEBUG printf(KYEL "DEBUG - Total TC Buffer to be malloced is: %d bytes\n" RESET, *p_enc_frame_len); printf(KYEL "\tlen of TF\t = %d\n" RESET, temp_tc_header.fl); @@ -1032,7 +1057,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in printf(KYEL "Printing updated TF Header:\n\t"); for (i = 0; i < TC_FRAME_HEADER_SIZE; i++) { - printf("%02X",*(p_new_enc_frame + i)); + printf("%02X", *(p_new_enc_frame + i)); } // Recall: The buffer length is 1 greater than the field value set in the TCTF printf("\n\tLength set to 0x%02X\n" RESET, new_enc_frame_header_field_length); @@ -1053,15 +1078,15 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in ** Reference CCSDS SDLP 3550b1 4.1.1.1.3 */ // Set SPI - *(p_new_enc_frame + index) = ((sa_ptr->spi & 0xFF00) >> 8); + *(p_new_enc_frame + index) = ((sa_ptr->spi & 0xFF00) >> 8); *(p_new_enc_frame + index + 1) = (sa_ptr->spi & 0x00FF); index += 2; // Set initialization vector if specified status = Crypto_TC_Set_IV(sa_ptr, p_new_enc_frame, &index); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); - return status; + return status; } // Set anti-replay sequence number if specified /* @@ -1115,19 +1140,20 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in /* ** Begin Authentication / Encryption */ - status = Crypto_TC_Do_Encrypt(sa_service_type, sa_ptr, &mac_loc, tf_payload_len, segment_hdr_len, p_new_enc_frame, ekp, &aad, ecs_is_aead_algorithm, &index, p_in_frame, cam_cookies, pkcs_padding, new_enc_frame_header_field_length, &new_fecf); - if(status != CRYPTO_LIB_SUCCESS) + status = Crypto_TC_Do_Encrypt(sa_service_type, sa_ptr, &mac_loc, tf_payload_len, segment_hdr_len, p_new_enc_frame, + ekp, &aad, ecs_is_aead_algorithm, &index, p_in_frame, cam_cookies, pkcs_padding, + new_enc_frame_header_field_length, &new_fecf); + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); - return status; + return status; } - #ifdef TC_DEBUG printf(KYEL "Printing new TC Frame of length %d:\n\t", *p_enc_frame_len); - for (i = 0; i <*p_enc_frame_len; i++) + for (i = 0; i < *p_enc_frame_len; i++) { - printf("%02X",*(p_new_enc_frame + i)); + printf("%02X", *(p_new_enc_frame + i)); } printf("\n\tThe returned length is: %d\n" RESET, new_enc_frame_header_field_length); #endif @@ -1151,28 +1177,29 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in * @param len_ingest: int* * @param tc_sdls_processed_frame: TC_t* * @return int32: Success/Failure -**/ -int32_t Crypto_TC_ProcessSecurity(uint8_t* ingest, int* len_ingest, TC_t* tc_sdls_processed_frame) + **/ +int32_t Crypto_TC_ProcessSecurity(uint8_t *ingest, int *len_ingest, TC_t *tc_sdls_processed_frame) { // Pass-through to maintain original function signature when CAM isn't used. return Crypto_TC_ProcessSecurity_Cam(ingest, len_ingest, tc_sdls_processed_frame, NULL); } -/** +/** * @brief Function: Crypto_TC_Parse_Check_FECF * Parses and validates frame FECF - * @param ingest: uint8_t* - * @param len_ingest: int* + * @param ingest: uint8_t* + * @param len_ingest: int* * @param tc_sdls_processed_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Parse_Check_FECF(uint8_t* ingest, int* len_ingest, TC_t* tc_sdls_processed_frame) +int32_t Crypto_TC_Parse_Check_FECF(uint8_t *ingest, int *len_ingest, TC_t *tc_sdls_processed_frame) { int32_t status = CRYPTO_LIB_SUCCESS; if (current_managed_parameters_struct.has_fecf == TC_HAS_FECF) { - tc_sdls_processed_frame->tc_sec_trailer.fecf = (((ingest[tc_sdls_processed_frame->tc_header.fl - 1] << 8) & 0xFF00) | - (ingest[tc_sdls_processed_frame->tc_header.fl] & 0x00FF)); + tc_sdls_processed_frame->tc_sec_trailer.fecf = + (((ingest[tc_sdls_processed_frame->tc_header.fl - 1] << 8) & 0xFF00) | + (ingest[tc_sdls_processed_frame->tc_header.fl] & 0x00FF)); if (crypto_config.crypto_check_fecf == TC_CHECK_FECF_TRUE) { @@ -1195,29 +1222,30 @@ int32_t Crypto_TC_Parse_Check_FECF(uint8_t* ingest, int* len_ingest, TC_t* tc_sd return status; } -/** +/** * @brief Function: Crypto_TC_Nontransmitted_IV_Increment * Handles increment of Nontransmitted portion of IV * @param sa_ptr: SecurityAssociation_t* - * @param tc_sdls_processed_frame: TC_t* + * @param tc_sdls_processed_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Nontransmitted_IV_Increment(SecurityAssociation_t* sa_ptr, TC_t* tc_sdls_processed_frame) +int32_t Crypto_TC_Nontransmitted_IV_Increment(SecurityAssociation_t *sa_ptr, TC_t *tc_sdls_processed_frame) { int32_t status = CRYPTO_LIB_SUCCESS; - if (sa_ptr->shivf_len < sa_ptr->iv_len && - crypto_config.ignore_anti_replay == TC_IGNORE_ANTI_REPLAY_FALSE && + if (sa_ptr->shivf_len < sa_ptr->iv_len && crypto_config.ignore_anti_replay == TC_IGNORE_ANTI_REPLAY_FALSE && crypto_config.crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) { - status = crypto_handle_incrementing_nontransmitted_counter(tc_sdls_processed_frame->tc_sec_header.iv, sa_ptr->iv, sa_ptr->iv_len, sa_ptr->shivf_len, sa_ptr->arsnw); + status = crypto_handle_incrementing_nontransmitted_counter( + tc_sdls_processed_frame->tc_sec_header.iv, sa_ptr->iv, sa_ptr->iv_len, sa_ptr->shivf_len, sa_ptr->arsnw); if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); return status; } } - else // Not checking IV ARSNW or only non-transmitted portion is static; Note, non-transmitted IV in SA must match frame or will fail MAC check. + else // Not checking IV ARSNW or only non-transmitted portion is static; Note, non-transmitted IV in SA must match + // frame or will fail MAC check. { // Retrieve non-transmitted portion of IV from SA (if applicable) memcpy(tc_sdls_processed_frame->tc_sec_header.iv, sa_ptr->iv, sa_ptr->iv_len - sa_ptr->shivf_len); @@ -1225,20 +1253,21 @@ int32_t Crypto_TC_Nontransmitted_IV_Increment(SecurityAssociation_t* sa_ptr, TC_ return status; } -/** +/** * @brief Function: Crypto_TC_Nontransmitted_SN_Increment * Handles increment of Nontransmitted portion of SN * @param sa_ptr: SecurityAssociation_t* - * @param tc_sdls_processed_frame: TC_t* + * @param tc_sdls_processed_frame: TC_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Nontransmitted_SN_Increment(SecurityAssociation_t* sa_ptr, TC_t* tc_sdls_processed_frame) +int32_t Crypto_TC_Nontransmitted_SN_Increment(SecurityAssociation_t *sa_ptr, TC_t *tc_sdls_processed_frame) { int32_t status = CRYPTO_LIB_SUCCESS; - if (sa_ptr->shsnf_len < sa_ptr->arsn_len && - crypto_config.ignore_anti_replay == TC_IGNORE_ANTI_REPLAY_FALSE) + if (sa_ptr->shsnf_len < sa_ptr->arsn_len && crypto_config.ignore_anti_replay == TC_IGNORE_ANTI_REPLAY_FALSE) { - status = crypto_handle_incrementing_nontransmitted_counter(tc_sdls_processed_frame->tc_sec_header.sn, sa_ptr->arsn, sa_ptr->arsn_len, sa_ptr->shsnf_len, sa_ptr->arsnw); + status = + crypto_handle_incrementing_nontransmitted_counter(tc_sdls_processed_frame->tc_sec_header.sn, sa_ptr->arsn, + sa_ptr->arsn_len, sa_ptr->shsnf_len, sa_ptr->arsnw); if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); @@ -1252,70 +1281,74 @@ int32_t Crypto_TC_Nontransmitted_SN_Increment(SecurityAssociation_t* sa_ptr, TC_ return status; } -/** +/** * @brief Function: Crypto_TC_Check_ACS_Keylen * Validates ACS Keylength * @param akp: crypto_key_t* - * @param sa_ptr: SecurityAssociation_t* + * @param sa_ptr: SecurityAssociation_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Check_ACS_Keylen(crypto_key_t* akp, SecurityAssociation_t* sa_ptr) +int32_t Crypto_TC_Check_ACS_Keylen(crypto_key_t *akp, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; if ((int32_t)akp->key_len != Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs)) { - status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; mc_if->mc_log(status); } return status; } -/** +/** * @brief Function: Crypto_TC_Check_ECS_Keylen * Validates ECS Keylength * @param ekp: crypto_key_t* - * @param sa_ptr: SecurityAssociation_t* + * @param sa_ptr: SecurityAssociation_t* * @return int32: Success/Failure **/ -int32_t Crypto_TC_Check_ECS_Keylen(crypto_key_t* ekp, SecurityAssociation_t* sa_ptr) +int32_t Crypto_TC_Check_ECS_Keylen(crypto_key_t *ekp, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; if ((int32_t)ekp->key_len != Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs)) { status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; mc_if->mc_log(status); - } + } return status; } -/** +/** * @brief Function: Crypto_TC_Safe_Free_Ptr * Pointer Safe Free * @param ptr: uint8_t* **/ -void Crypto_TC_Safe_Free_Ptr(uint8_t* ptr) -{ - if (!ptr) free(ptr); +void Crypto_TC_Safe_Free_Ptr(uint8_t *ptr) +{ + if (!ptr) + free(ptr); } -/** +/** * @brief Function: Crypto_TC_Do_Decrypt * Handles Frame Decryption * @param sa_service_type: uint8_t * @param ecs_is_aead_algorithm: uint8_t - * @param ekp: crypto_key_t* - * @param sa_ptr: SecurityAssociation_t* - * @param aad: uint8_t* - * @param tc_sdls_processed_frame: TC_t* - * @param ingest: uint8_t* - * @param tc_enc_payload_start_index: uint16_t - * @param aad_len: uint16_t - * @param cam_cookies: char* - * @param akp: crypto_key_t* - * @param segment_hdr_len: uint8_t + * @param ekp: crypto_key_t* + * @param sa_ptr: SecurityAssociation_t* + * @param aad: uint8_t* + * @param tc_sdls_processed_frame: TC_t* + * @param ingest: uint8_t* + * @param tc_enc_payload_start_index: uint16_t + * @param aad_len: uint16_t + * @param cam_cookies: char* + * @param akp: crypto_key_t* + * @param segment_hdr_len: uint8_t * @return int32_t: Success/Failure **/ -int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, crypto_key_t* ekp, SecurityAssociation_t* sa_ptr, uint8_t* aad, TC_t* tc_sdls_processed_frame, uint8_t* ingest, uint16_t tc_enc_payload_start_index, uint16_t aad_len, char* cam_cookies, crypto_key_t* akp, uint8_t segment_hdr_len) +int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, crypto_key_t *ekp, + SecurityAssociation_t *sa_ptr, uint8_t *aad, TC_t *tc_sdls_processed_frame, + uint8_t *ingest, uint16_t tc_enc_payload_start_index, uint16_t aad_len, char *cam_cookies, + crypto_key_t *akp, uint8_t segment_hdr_len) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -1324,7 +1357,8 @@ int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algori // Check that key length to be used meets the algorithm requirement status = Crypto_TC_Check_ECS_Keylen(ekp, sa_ptr); - if(status!= CRYPTO_LIB_SUCCESS){ + if (status != CRYPTO_LIB_SUCCESS) + { Crypto_TC_Safe_Free_Ptr(aad); return status; } @@ -1335,7 +1369,7 @@ int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algori &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV sa_ptr->iv_len, // IV Length @@ -1348,7 +1382,7 @@ int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algori (sa_ptr->ast), // AAD Bool &sa_ptr->ecs, // encryption cipher &sa_ptr->acs, // authentication cipher - cam_cookies // + cam_cookies // ); } else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm @@ -1358,7 +1392,7 @@ int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algori { // Check that key length to be used ets the algorithm requirement status = Crypto_TC_Check_ACS_Keylen(akp, sa_ptr); - if(status!= CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { Crypto_TC_Safe_Free_Ptr(aad); return status; @@ -1370,7 +1404,7 @@ int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algori &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length &(akp->value[0]), // Key - Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), // + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), // sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV sa_ptr->iv_len, // IV Length @@ -1380,7 +1414,7 @@ int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algori aad_len, // length of AAD CRYPTO_CIPHER_NONE, // encryption cipher sa_ptr->acs, // authentication cipher - cam_cookies // + cam_cookies // ); } if (sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) @@ -1389,31 +1423,31 @@ int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algori if ((int32_t)ekp->key_len != Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs)) { Crypto_TC_Safe_Free_Ptr(aad); - status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; mc_if->mc_log(status); return status; } - status = cryptography_if->cryptography_decrypt( - tc_sdls_processed_frame->tc_pdu, // plaintext output - (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data - &(ingest[tc_enc_payload_start_index]), // ciphertext input - (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // - sa_ptr, // SA for key reference - tc_sdls_processed_frame->tc_sec_header.iv, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher - cam_cookies // - ); + status = + cryptography_if->cryptography_decrypt(tc_sdls_processed_frame->tc_pdu, // plaintext output + (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data + &(ingest[tc_enc_payload_start_index]), // ciphertext input + (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // + sa_ptr, // SA for key reference + tc_sdls_processed_frame->tc_sec_header.iv, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher + cam_cookies // + ); // Handle Padding Removal if (sa_ptr->shplf_len != 0) { - int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + - sa_ptr->shsnf_len; + int padding_location = + TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len; uint16_t padding_amount = 0; // Get Padding Amount from ingest frame padding_amount = (int)ingest[padding_location]; @@ -1430,14 +1464,14 @@ int32_t Crypto_TC_Do_Decrypt(uint8_t sa_service_type, uint8_t ecs_is_aead_algori return status; } -/** +/** * @brief Function: Crypto_TC_Process_Sanity_Check * Validates Input Frame Length * @param len_ingest: int* * @return int32_t: Success/Failure **/ -int32_t Crypto_TC_Process_Sanity_Check(int* len_ingest) -{ +int32_t Crypto_TC_Process_Sanity_Check(int *len_ingest) +{ int32_t status = CRYPTO_LIB_SUCCESS; #ifdef DEBUG @@ -1450,7 +1484,8 @@ int32_t Crypto_TC_Process_Sanity_Check(int* len_ingest) status = CRYPTO_LIB_ERR_NO_CONFIG; mc_if->mc_log(status); } - if ((*len_ingest < 5) && (status == CRYPTO_LIB_SUCCESS)) // Frame length doesn't even have enough bytes for header -- error out. + if ((*len_ingest < 5) && + (status == CRYPTO_LIB_SUCCESS)) // Frame length doesn't even have enough bytes for header -- error out. { status = CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TC_STANDARD; mc_if->mc_log(status); @@ -1458,43 +1493,43 @@ int32_t Crypto_TC_Process_Sanity_Check(int* len_ingest) return status; } -/** +/** * @brief Function: Crypto_TC_Prep_AAD * Validates and Prepares AAD as necessary - * @param tc_sdls_processed_frame: TC_t* - * @param fecf_len: uint8_t - * @param sa_service_type: uint8_t - * @param ecs_is_aead_algorithm: uint8_t - * @param aad_len: uint16_t* - * @param sa_ptr: SecurityAssociation_t* - * @param segment_hdr_len: uint8_t - * @param ingest: uint8_t* - * @param aad: uint8_t** + * @param tc_sdls_processed_frame: TC_t* + * @param fecf_len: uint8_t + * @param sa_service_type: uint8_t + * @param ecs_is_aead_algorithm: uint8_t + * @param aad_len: uint16_t* + * @param sa_ptr: SecurityAssociation_t* + * @param segment_hdr_len: uint8_t + * @param ingest: uint8_t* + * @param aad: uint8_t** * @return int32_t: Success/Failure **/ -int32_t Crypto_TC_Prep_AAD(TC_t* tc_sdls_processed_frame, uint8_t fecf_len, uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, uint16_t* aad_len, SecurityAssociation_t* sa_ptr, uint8_t segment_hdr_len, uint8_t* ingest, uint8_t** aad) +int32_t Crypto_TC_Prep_AAD(TC_t *tc_sdls_processed_frame, uint8_t fecf_len, uint8_t sa_service_type, + uint8_t ecs_is_aead_algorithm, uint16_t *aad_len, SecurityAssociation_t *sa_ptr, + uint8_t segment_hdr_len, uint8_t *ingest, uint8_t **aad) { - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; uint16_t aad_len_temp = *aad_len; if ((sa_service_type == SA_AUTHENTICATION) || (sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) - { - uint16_t tc_mac_start_index = tc_sdls_processed_frame->tc_header.fl + 1 - fecf_len - sa_ptr->stmacf_len; + { + uint16_t tc_mac_start_index = tc_sdls_processed_frame->tc_header.fl + 1 - fecf_len - sa_ptr->stmacf_len; - // Parse the received MAC - memcpy((tc_sdls_processed_frame->tc_sec_trailer.mac), - &(ingest[tc_mac_start_index]), sa_ptr->stmacf_len); + // Parse the received MAC + memcpy((tc_sdls_processed_frame->tc_sec_trailer.mac), &(ingest[tc_mac_start_index]), sa_ptr->stmacf_len); #ifdef DEBUG printf("MAC Parsed from Frame:\n"); Crypto_hexprint(tc_sdls_processed_frame->tc_sec_trailer.mac, sa_ptr->stmacf_len); #endif - aad_len_temp = tc_mac_start_index; - + aad_len_temp = tc_mac_start_index; if ((sa_service_type == SA_AUTHENTICATED_ENCRYPTION) && (ecs_is_aead_algorithm == CRYPTO_TRUE)) { aad_len_temp = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + - sa_ptr->shplf_len; + sa_ptr->shplf_len; } if (sa_ptr->abm_len < aad_len_temp) { @@ -1502,14 +1537,14 @@ int32_t Crypto_TC_Prep_AAD(TC_t* tc_sdls_processed_frame, uint8_t fecf_len, uin mc_if->mc_log(status); return status; } - *aad = Crypto_Prepare_TC_AAD(ingest, aad_len_temp, sa_ptr->abm); + *aad = Crypto_Prepare_TC_AAD(ingest, aad_len_temp, sa_ptr->abm); *aad_len = aad_len_temp; - aad = aad; + aad = aad; } return status; } -/** +/** * @TODO: Possible Duplication * @brief Function: Crypto_TC_Get_Keys * Retreives EKP/AKP as necessary @@ -1518,18 +1553,18 @@ int32_t Crypto_TC_Prep_AAD(TC_t* tc_sdls_processed_frame, uint8_t fecf_len, uin * @param sa_ptr: SecurityAssociation_t* * @return int32_t: Success/Failure **/ -int32_t Crypto_TC_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssociation_t* sa_ptr) +int32_t Crypto_TC_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - *ekp = key_if->get_key(sa_ptr->ekid); - *akp = key_if->get_key(sa_ptr->akid); + *ekp = key_if->get_key(sa_ptr->ekid); + *akp = key_if->get_key(sa_ptr->akid); if (ekp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); } - + if ((akp == NULL) && (status == CRYPTO_LIB_SUCCESS)) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; @@ -1538,26 +1573,27 @@ int32_t Crypto_TC_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssoc return status; } -/** +/** * @brief Function: Crypto_TC_Check_IV_ARSN * Checks and validates Anti Replay * @param sa_ptr: SecurityAssociation_t* - * @param tc_sdls_processed_frame: TC_t* + * @param tc_sdls_processed_frame: TC_t* * @return int32_t: Success/Failure **/ -int32_t Crypto_TC_Check_IV_ARSN(SecurityAssociation_t* sa_ptr,TC_t* tc_sdls_processed_frame) +int32_t Crypto_TC_Check_IV_ARSN(SecurityAssociation_t *sa_ptr, TC_t *tc_sdls_processed_frame) { int32_t status = CRYPTO_LIB_SUCCESS; if (crypto_config.ignore_anti_replay == TC_IGNORE_ANTI_REPLAY_FALSE && status == CRYPTO_LIB_SUCCESS) { - status = Crypto_Check_Anti_Replay(sa_ptr, tc_sdls_processed_frame->tc_sec_header.sn, tc_sdls_processed_frame->tc_sec_header.iv); + status = Crypto_Check_Anti_Replay(sa_ptr, tc_sdls_processed_frame->tc_sec_header.sn, + tc_sdls_processed_frame->tc_sec_header.iv); if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); } - if(status == CRYPTO_LIB_SUCCESS) // else + if (status == CRYPTO_LIB_SUCCESS) // else { // Only save the SA (IV/ARSN) if checking the anti-replay counter; Otherwise we don't update. status = sa_if->sa_save_sa(sa_ptr); @@ -1565,7 +1601,7 @@ int32_t Crypto_TC_Check_IV_ARSN(SecurityAssociation_t* sa_ptr,TC_t* tc_sdls_proc { mc_if->mc_log(status); } - } + } } else { @@ -1581,25 +1617,25 @@ int32_t Crypto_TC_Check_IV_ARSN(SecurityAssociation_t* sa_ptr,TC_t* tc_sdls_proc return status; } -/** +/** * @brief Function: Crypto_TC_Sanity_Validations * Checks and validates SA as best as possible - * @param tc_sdls_processed_frame: TC_t* + * @param tc_sdls_processed_frame: TC_t* * @param sa_ptr: SecurityAssociation_t* * @return int32_t: Success/Failure **/ -uint32_t Crypto_TC_Sanity_Validations(TC_t* tc_sdls_processed_frame, SecurityAssociation_t** sa_ptr) +uint32_t Crypto_TC_Sanity_Validations(TC_t *tc_sdls_processed_frame, SecurityAssociation_t **sa_ptr) { uint32_t status = CRYPTO_LIB_SUCCESS; status = sa_if->sa_get_from_spi(tc_sdls_processed_frame->tc_sec_header.spi, sa_ptr); // If no valid SPI, return - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { // Try to assure SA is sane status = crypto_tc_validate_sa(*sa_ptr); } - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); } @@ -1607,30 +1643,31 @@ uint32_t Crypto_TC_Sanity_Validations(TC_t* tc_sdls_processed_frame, SecurityAss return status; } -/** +/** * @brief Function: Crypto_TC_Get_Ciper_Mode_TCP * Retrieves TC Process cipher mode - * @param sa_service_type: uint8_t - * @param encryption_cipher: uint32_t* - * @param ecs_is_aead_algorithm: uint8_t* + * @param sa_service_type: uint8_t + * @param encryption_cipher: uint32_t* + * @param ecs_is_aead_algorithm: uint8_t* * @param sa_ptr:SecurityAssociation_t* **/ -void Crypto_TC_Get_Ciper_Mode_TCP(uint8_t sa_service_type, uint32_t* encryption_cipher, uint8_t* ecs_is_aead_algorithm, SecurityAssociation_t* sa_ptr) +void Crypto_TC_Get_Ciper_Mode_TCP(uint8_t sa_service_type, uint32_t *encryption_cipher, uint8_t *ecs_is_aead_algorithm, + SecurityAssociation_t *sa_ptr) { if (sa_service_type != SA_PLAINTEXT) { - *encryption_cipher = sa_ptr->ecs; + *encryption_cipher = sa_ptr->ecs; *ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(*encryption_cipher); } } - /** +/** * @brief Function: Crypto_TC_Calc_Lengths * Sets fecf and segment header lengths as necessary * @param fecf_len: uint8_t * - * @param segment_hdr_len: uint8_t* + * @param segment_hdr_len: uint8_t* **/ -void Crypto_TC_Calc_Lengths(uint8_t* fecf_len, uint8_t* segment_hdr_len) +void Crypto_TC_Calc_Lengths(uint8_t *fecf_len, uint8_t *segment_hdr_len) { if (current_managed_parameters_struct.has_fecf == TC_NO_FECF) { @@ -1643,14 +1680,14 @@ void Crypto_TC_Calc_Lengths(uint8_t* fecf_len, uint8_t* segment_hdr_len) } } - /** +/** * @brief Function: Crypto_TC_Set_Segment_Header * Sets up TC Segment Header as necessary - * @param tc_sdls_processed_frame: TC_t* - * @param ingest: uint8_t* - * @param byte_idx: int* + * @param tc_sdls_processed_frame: TC_t* + * @param ingest: uint8_t* + * @param byte_idx: int* **/ -void Crypto_TC_Set_Segment_Header(TC_t* tc_sdls_processed_frame, uint8_t* ingest, int* byte_idx) +void Crypto_TC_Set_Segment_Header(TC_t *tc_sdls_processed_frame, uint8_t *ingest, int *byte_idx) { int byte_idx_tmp = *byte_idx; if (current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) @@ -1668,21 +1705,22 @@ void Crypto_TC_Set_Segment_Header(TC_t* tc_sdls_processed_frame, uint8_t* ingest * @param len_ingest: int* * @param tc_sdls_processed_frame: TC_t* * @return int32: Success/Failure -**/ -int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc_sdls_processed_frame, char* cam_cookies) + **/ +int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc_sdls_processed_frame, + char *cam_cookies) // Loads the ingest frame into the global tc_frame while performing decryption { // Local Variables - cam_cookies = cam_cookies; - int32_t status = CRYPTO_LIB_SUCCESS; - SecurityAssociation_t* sa_ptr = NULL; - uint8_t sa_service_type = -1; - uint8_t* aad = NULL; - uint16_t aad_len; - uint32_t encryption_cipher; - uint8_t ecs_is_aead_algorithm = -1; - crypto_key_t* ekp = NULL; - crypto_key_t* akp = NULL; + cam_cookies = cam_cookies; + int32_t status = CRYPTO_LIB_SUCCESS; + SecurityAssociation_t *sa_ptr = NULL; + uint8_t sa_service_type = -1; + uint8_t *aad = NULL; + uint16_t aad_len; + uint32_t encryption_cipher; + uint8_t ecs_is_aead_algorithm = -1; + crypto_key_t *ekp = NULL; + crypto_key_t *akp = NULL; int byte_idx = 0; @@ -1690,19 +1728,19 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc if (status != CRYPTO_LIB_SUCCESS) { return status; - } + } // Primary Header - tc_sdls_processed_frame->tc_header.tfvn = ((uint8_t)ingest[byte_idx] & 0xC0) >> 6; + tc_sdls_processed_frame->tc_header.tfvn = ((uint8_t)ingest[byte_idx] & 0xC0) >> 6; tc_sdls_processed_frame->tc_header.bypass = ((uint8_t)ingest[byte_idx] & 0x20) >> 5; - tc_sdls_processed_frame->tc_header.cc = ((uint8_t)ingest[byte_idx] & 0x10) >> 4; - tc_sdls_processed_frame->tc_header.spare = ((uint8_t)ingest[byte_idx] & 0x0C) >> 2; - tc_sdls_processed_frame->tc_header.scid = ((uint8_t)ingest[byte_idx] & 0x03) << 8; + tc_sdls_processed_frame->tc_header.cc = ((uint8_t)ingest[byte_idx] & 0x10) >> 4; + tc_sdls_processed_frame->tc_header.spare = ((uint8_t)ingest[byte_idx] & 0x0C) >> 2; + tc_sdls_processed_frame->tc_header.scid = ((uint8_t)ingest[byte_idx] & 0x03) << 8; byte_idx++; tc_sdls_processed_frame->tc_header.scid = tc_sdls_processed_frame->tc_header.scid | (uint8_t)ingest[byte_idx]; byte_idx++; tc_sdls_processed_frame->tc_header.vcid = (((uint8_t)ingest[byte_idx] & 0xFC) >> 2) & crypto_config.vcid_bitmask; - tc_sdls_processed_frame->tc_header.fl = ((uint8_t)ingest[byte_idx] & 0x03) << 8; + tc_sdls_processed_frame->tc_header.fl = ((uint8_t)ingest[byte_idx] & 0x03) << 8; byte_idx++; tc_sdls_processed_frame->tc_header.fl = tc_sdls_processed_frame->tc_header.fl | (uint8_t)ingest[byte_idx]; byte_idx++; @@ -1747,43 +1785,44 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc } // Allocate the necessary byte arrays within the security header + trailer given the SA - //tc_sdls_processed_frame->tc_sec_header.iv = calloc(1, sa_ptr->iv_len); - //tc_sdls_processed_frame->tc_sec_header.sn = calloc(1, sa_ptr->arsn_len); - //tc_sdls_processed_frame->tc_sec_header.pad = calloc(1, sa_ptr->shplf_len); - //tc_sdls_processed_frame->tc_sec_trailer.mac = calloc(1, sa_ptr->stmacf_len); - // Set tc_sec_header + trailer fields for actual lengths from the SA (downstream apps won't know this length otherwise since they don't access the SADB!). - tc_sdls_processed_frame->tc_sec_header.iv_field_len = sa_ptr->iv_len; - tc_sdls_processed_frame->tc_sec_header.sn_field_len = sa_ptr->arsn_len; + // tc_sdls_processed_frame->tc_sec_header.iv = calloc(1, sa_ptr->iv_len); + // tc_sdls_processed_frame->tc_sec_header.sn = calloc(1, sa_ptr->arsn_len); + // tc_sdls_processed_frame->tc_sec_header.pad = calloc(1, sa_ptr->shplf_len); + // tc_sdls_processed_frame->tc_sec_trailer.mac = calloc(1, sa_ptr->stmacf_len); + // Set tc_sec_header + trailer fields for actual lengths from the SA (downstream apps won't know this length + // otherwise since they don't access the SADB!). + tc_sdls_processed_frame->tc_sec_header.iv_field_len = sa_ptr->iv_len; + tc_sdls_processed_frame->tc_sec_header.sn_field_len = sa_ptr->arsn_len; tc_sdls_processed_frame->tc_sec_header.pad_field_len = sa_ptr->shplf_len; // sprintf(tc_sdls_processed_frame->tc_sec_header.pad, "%x", pkcs_padding); tc_sdls_processed_frame->tc_sec_trailer.mac_field_len = sa_ptr->stmacf_len; // Determine SA Service Type Crypto_TC_Get_SA_Service_Type(&sa_service_type, sa_ptr); - + // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly Crypto_TC_Get_Ciper_Mode_TCP(sa_service_type, &encryption_cipher, &ecs_is_aead_algorithm, sa_ptr); #ifdef TC_DEBUG switch (sa_service_type) { - case SA_PLAINTEXT: - printf(KBLU "Processing a TC - CLEAR!\n" RESET); - break; - case SA_AUTHENTICATION: - printf(KBLU "Processing a TC - AUTHENTICATED!\n" RESET); - break; - case SA_ENCRYPTION: - printf(KBLU "Processing a TC - ENCRYPTED!\n" RESET); - break; - case SA_AUTHENTICATED_ENCRYPTION: - printf(KBLU "Processing a TC - AUTHENTICATED ENCRYPTION!\n" RESET); - break; + case SA_PLAINTEXT: + printf(KBLU "Processing a TC - CLEAR!\n" RESET); + break; + case SA_AUTHENTICATION: + printf(KBLU "Processing a TC - AUTHENTICATED!\n" RESET); + break; + case SA_ENCRYPTION: + printf(KBLU "Processing a TC - ENCRYPTED!\n" RESET); + break; + case SA_AUTHENTICATED_ENCRYPTION: + printf(KBLU "Processing a TC - AUTHENTICATED ENCRYPTION!\n" RESET); + break; } #endif // TODO: Calculate lengths when needed - uint8_t fecf_len = FECF_SIZE; + uint8_t fecf_len = FECF_SIZE; uint8_t segment_hdr_len = TC_SEGMENT_HDR_SIZE; Crypto_TC_Calc_Lengths(&fecf_len, &segment_hdr_len); @@ -1791,10 +1830,9 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc // Parse & Check FECF Crypto_TC_Parse_Check_FECF(ingest, len_ingest, tc_sdls_processed_frame); - // Parse transmitted portion of IV from received frame (Will be Whole IV if iv_len==shivf_len) - memcpy((tc_sdls_processed_frame->tc_sec_header.iv + (sa_ptr->iv_len - sa_ptr->shivf_len)), &(ingest[TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN]), - sa_ptr->shivf_len); + memcpy((tc_sdls_processed_frame->tc_sec_header.iv + (sa_ptr->iv_len - sa_ptr->shivf_len)), + &(ingest[TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN]), sa_ptr->shivf_len); // Handle non-transmitted IV increment case (transmitted-portion roll-over) status = Crypto_TC_Nontransmitted_IV_Increment(sa_ptr, tc_sdls_processed_frame); @@ -1831,23 +1869,25 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc sa_ptr->shplf_len); // Parse MAC, prepare AAD - status = Crypto_TC_Prep_AAD(tc_sdls_processed_frame, fecf_len, sa_service_type, ecs_is_aead_algorithm, &aad_len, sa_ptr, segment_hdr_len, ingest, &aad); + status = Crypto_TC_Prep_AAD(tc_sdls_processed_frame, fecf_len, sa_service_type, ecs_is_aead_algorithm, &aad_len, + sa_ptr, segment_hdr_len, ingest, &aad); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); return status; } - - uint16_t tc_enc_payload_start_index = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + - sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t tc_enc_payload_start_index = + TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - // Todo -- if encrypt only, ignore stmacf_len entirely to avoid erroring on SA misconfiguration... Or just throw a warning/error indicating SA misconfiguration? + // Todo -- if encrypt only, ignore stmacf_len entirely to avoid erroring on SA misconfiguration... Or just throw a + // warning/error indicating SA misconfiguration? tc_sdls_processed_frame->tc_pdu_len = tc_sdls_processed_frame->tc_header.fl + 1 - tc_enc_payload_start_index - sa_ptr->stmacf_len - fecf_len; - if (tc_sdls_processed_frame->tc_pdu_len > tc_sdls_processed_frame->tc_header.fl) // invalid header parsed, sizes overflowed & make no sense! + if (tc_sdls_processed_frame->tc_pdu_len > + tc_sdls_processed_frame->tc_header.fl) // invalid header parsed, sizes overflowed & make no sense! { status = CRYPTO_LIB_ERR_INVALID_HEADER; mc_if->mc_log(status); @@ -1863,10 +1903,11 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); - return status; + return status; } - status = Crypto_TC_Do_Decrypt(sa_service_type, ecs_is_aead_algorithm, ekp, sa_ptr, aad, tc_sdls_processed_frame, ingest, tc_enc_payload_start_index, aad_len, cam_cookies, akp, segment_hdr_len); + status = Crypto_TC_Do_Decrypt(sa_service_type, ecs_is_aead_algorithm, ekp, sa_ptr, aad, tc_sdls_processed_frame, + ingest, tc_enc_payload_start_index, aad_len, cam_cookies, akp, segment_hdr_len); if (status != CRYPTO_LIB_SUCCESS) { Crypto_TC_Safe_Free_Ptr(aad); @@ -1888,7 +1929,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); } - + Crypto_TC_Safe_Free_Ptr(aad); mc_if->mc_log(status); @@ -1901,7 +1942,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc * @param tc_frame: TC_t* * @param sa_ptr: SecurityAssociation_t * @return int32, Length of TCPayload -**/ + **/ /* int32_t Crypto_Get_tcPayloadLength(TC_t* tc_frame, SecurityAssociation_t* sa_ptr) { @@ -1935,11 +1976,11 @@ fecf))); #endif * @param buffer: uint8_t* * @param len_aad: uint16_t * @param abm_buffer: uint8_t* -**/ -uint8_t* Crypto_Prepare_TC_AAD(uint8_t* buffer, uint16_t len_aad, uint8_t* abm_buffer) + **/ +uint8_t *Crypto_Prepare_TC_AAD(uint8_t *buffer, uint16_t len_aad, uint8_t *abm_buffer) { - uint8_t* aad = (uint8_t*)calloc(1, len_aad * sizeof(uint8_t)); - int i; + uint8_t *aad = (uint8_t *)calloc(1, len_aad * sizeof(uint8_t)); + int i; for (i = 0; i < len_aad; i++) { @@ -1974,14 +2015,15 @@ uint8_t* Crypto_Prepare_TC_AAD(uint8_t* buffer, uint16_t len_aad, uint8_t* abm_b * Helper function to assist with ensuring sane SA configurations * @param sa: SecurityAssociation_t* * @return int32: Success/Failure -**/ -static int32_t crypto_tc_validate_sa(SecurityAssociation_t* sa) + **/ +static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa) { if (sa->sa_state != SA_OPERATIONAL) { return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; } - if (sa->shivf_len > 0 && crypto_config.iv_type == IV_CRYPTO_MODULE && crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + if (sa->shivf_len > 0 && crypto_config.iv_type == IV_CRYPTO_MODULE && + crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) { return CRYPTO_LIB_ERR_NULL_IV; } @@ -1989,7 +2031,8 @@ static int32_t crypto_tc_validate_sa(SecurityAssociation_t* sa) { return CRYPTO_LIB_ERR_IV_LEN_SHORTER_THAN_SEC_HEADER_LENGTH; } - if (sa->iv_len > 0 && crypto_config.iv_type == IV_CRYPTO_MODULE && crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + if (sa->iv_len > 0 && crypto_config.iv_type == IV_CRYPTO_MODULE && + crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) { return CRYPTO_LIB_ERR_NULL_IV; } @@ -2008,18 +2051,19 @@ static int32_t crypto_tc_validate_sa(SecurityAssociation_t* sa) /** * @brief Function: crypto_handle_incrementing_nontransmitted_counter * Handles incrementing of nontransmitted counter - * @param dest: uint8_t* + * @param dest: uint8_t* * @param src: uint8_t* - * @param src_full_len: int - * @param transmitted_len: int + * @param src_full_len: int + * @param transmitted_len: int * @param window: int * @return int32: Success/Failure -**/ -static int32_t crypto_handle_incrementing_nontransmitted_counter(uint8_t* dest, uint8_t* src, int src_full_len, int transmitted_len, int window) + **/ +static int32_t crypto_handle_incrementing_nontransmitted_counter(uint8_t *dest, uint8_t *src, int src_full_len, + int transmitted_len, int window) { int32_t status = CRYPTO_LIB_SUCCESS; // Copy IV to temp - uint8_t* temp_counter = malloc(src_full_len); + uint8_t *temp_counter = malloc(src_full_len); memcpy(temp_counter, src, src_full_len); // Increment temp_counter Until Transmitted Portion Matches Frame. @@ -2060,6 +2104,7 @@ static int32_t crypto_handle_incrementing_nontransmitted_counter(uint8_t* dest, { status = CRYPTO_LIB_ERR_FRAME_COUNTER_DOESNT_MATCH_SA; } - if (!temp_counter) free(temp_counter); + if (!temp_counter) + free(temp_counter); return status; } diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 16244110..7ef3ca98 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -28,8 +28,8 @@ * Verify that needed buffers and settings are not null * @param pTfBuffer: uint8_t* * @return int32: Success/Failure -**/ -int32_t Crypto_TM_Sanity_Check(uint8_t* pTfBuffer) + **/ +int32_t Crypto_TM_Sanity_Check(uint8_t *pTfBuffer) { int32_t status = CRYPTO_LIB_SUCCESS; // Passed a null, return an error @@ -38,7 +38,8 @@ int32_t Crypto_TM_Sanity_Check(uint8_t* pTfBuffer) status = CRYPTO_LIB_ERR_NULL_BUFFER; } - if ((status == CRYPTO_LIB_SUCCESS) && ((crypto_config.init_status == UNITIALIZED) || (mc_if == NULL) || (sa_if == NULL))) + if ((status == CRYPTO_LIB_SUCCESS) && + ((crypto_config.init_status == UNITIALIZED) || (mc_if == NULL) || (sa_if == NULL))) { printf(KRED "ERROR: CryptoLib Configuration Not Set! -- CRYPTO_LIB_ERR_NO_CONFIG, Will Exit\n" RESET); status = CRYPTO_LIB_ERR_NO_CONFIG; @@ -53,8 +54,8 @@ int32_t Crypto_TM_Sanity_Check(uint8_t* pTfBuffer) * @param sa_service_type: uint8_t* * @param sa_ptr: SecurityAssociation_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Determine_SA_Service_Type(uint8_t* sa_service_type, SecurityAssociation_t* sa_ptr) + **/ +int32_t Crypto_TM_Determine_SA_Service_Type(uint8_t *sa_service_type, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; if ((sa_ptr->est == 0) && (sa_ptr->ast == 0)) @@ -80,7 +81,7 @@ int32_t Crypto_TM_Determine_SA_Service_Type(uint8_t* sa_service_type, SecurityAs printf(KRED "Error: SA Service Type is not defined! \n" RESET); status = CRYPTO_LIB_ERROR; } - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); } @@ -92,11 +93,11 @@ int32_t Crypto_TM_Determine_SA_Service_Type(uint8_t* sa_service_type, SecurityAs * Determines if a secondary header exists * @param pTfBuffer: uint8_t* * @param idx: uint16_t* -**/ -void Crypto_TM_Check_For_Secondary_Header(uint8_t* pTfBuffer, uint16_t* idx) + **/ +void Crypto_TM_Check_For_Secondary_Header(uint8_t *pTfBuffer, uint16_t *idx) { *idx = 4; - if((pTfBuffer[*idx] & 0x80) == 0x80) + if ((pTfBuffer[*idx] & 0x80) == 0x80) { #ifdef TM_DEBUG printf(KYEL "A TM Secondary Header flag is set!\n"); @@ -127,11 +128,11 @@ void Crypto_TM_Check_For_Secondary_Header(uint8_t* pTfBuffer, uint16_t* idx) * @param sa_service_type: uint8_t* * @param sa_ptr: SecurityAssociation_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_IV_Sanity_Check(uint8_t* sa_service_type, SecurityAssociation_t* sa_ptr) + **/ +int32_t Crypto_TM_IV_Sanity_Check(uint8_t *sa_service_type, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - #ifdef SA_DEBUG +#ifdef SA_DEBUG if (sa_ptr->shivf_len > 0) { printf(KYEL "Using IV value:\n\t"); @@ -148,7 +149,7 @@ int32_t Crypto_TM_IV_Sanity_Check(uint8_t* sa_service_type, SecurityAssociation_ printf("\n" RESET); } #endif - if(*sa_service_type != SA_PLAINTEXT && sa_ptr->ecs_len == 0 && sa_ptr->acs_len ==0) + if (*sa_service_type != SA_PLAINTEXT && sa_ptr->ecs_len == 0 && sa_ptr->acs_len == 0) { status = CRYPTO_LIB_ERR_NULL_CIPHERS; #ifdef TM_DEBUG @@ -158,17 +159,18 @@ int32_t Crypto_TM_IV_Sanity_Check(uint8_t* sa_service_type, SecurityAssociation_ return status; } - if(sa_ptr->est == 0 && sa_ptr->ast == 1) + if (sa_ptr->est == 0 && sa_ptr->ast == 1) { - if(sa_ptr->acs_len != 0) + if (sa_ptr->acs_len != 0) { - if((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && - sa_ptr->iv_len > 0 ) - { - status = CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; - mc_if->mc_log(status); - return status; - } + if ((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || + sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && + sa_ptr->iv_len > 0) + { + status = CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; + mc_if->mc_log(status); + return status; + } } } return status; @@ -181,22 +183,22 @@ int32_t Crypto_TM_IV_Sanity_Check(uint8_t* sa_service_type, SecurityAssociation_ * @param sa_ptr: SecurityAssociation_t* * @param pTfBuffer: uint8_t* * @param idx_p: uint16_t* -**/ -void Crypto_TM_PKCS_Padding(uint32_t* pkcs_padding, SecurityAssociation_t* sa_ptr, uint8_t* pTfBuffer, uint16_t* idx_p) + **/ +void Crypto_TM_PKCS_Padding(uint32_t *pkcs_padding, SecurityAssociation_t *sa_ptr, uint8_t *pTfBuffer, uint16_t *idx_p) { uint16_t idx = *idx_p; - if(*pkcs_padding) + if (*pkcs_padding) { - uint8_t hex_padding[3] = {0}; //TODO: Create #Define for the 3 - *pkcs_padding = *pkcs_padding & 0x00FFFFFF; // Truncate to be maxiumum of 3 bytes in size + uint8_t hex_padding[3] = {0}; // TODO: Create #Define for the 3 + *pkcs_padding = *pkcs_padding & 0x00FFFFFF; // Truncate to be maxiumum of 3 bytes in size // Byte Magic hex_padding[0] = (*pkcs_padding >> 16) & 0xFF; - hex_padding[1] = (*pkcs_padding >> 8) & 0xFF; - hex_padding[2] = (*pkcs_padding) & 0xFF; + hex_padding[1] = (*pkcs_padding >> 8) & 0xFF; + hex_padding[2] = (*pkcs_padding) & 0xFF; uint8_t padding_start = 0; - padding_start = 3 - sa_ptr->shplf_len; + padding_start = 3 - sa_ptr->shplf_len; for (int i = 0; i < sa_ptr->shplf_len; i++) { @@ -211,14 +213,14 @@ void Crypto_TM_PKCS_Padding(uint32_t* pkcs_padding, SecurityAssociation_t* sa_pt * @brief Function: Crypto_TM_Handle_Managed_Parameter_Flags * Handles pdu length while dealing with ocf/fecf * @param pdu_len: uint16_t* -**/ -void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t* pdu_len) + **/ +void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t *pdu_len) { - if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { *pdu_len -= 4; } - if(current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { *pdu_len -= 2; } @@ -231,17 +233,17 @@ void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t* pdu_len) * @param akp: crypto_key_t** * @param sa_ptr: SecurityAssociation_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssociation_t* sa_ptr) + **/ +int32_t Crypto_TM_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - *ekp = key_if->get_key(sa_ptr->ekid); + *ekp = key_if->get_key(sa_ptr->ekid); if (ekp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); } - + *akp = key_if->get_key(sa_ptr->akid); if (akp == NULL && status == CRYPTO_LIB_SUCCESS) { @@ -263,11 +265,13 @@ int32_t Crypto_TM_Get_Keys(crypto_key_t** ekp, crypto_key_t** akp, SecurityAssoc * @param aad: uint8_t* * @param sa_ptr: SecurityAssociation_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, uint16_t* aad_len, int* mac_loc, uint16_t* idx_p, uint16_t pdu_len, uint8_t* pTfBuffer, uint8_t* aad, SecurityAssociation_t* sa_ptr) + **/ +int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, uint16_t *aad_len, int *mac_loc, uint16_t *idx_p, + uint16_t pdu_len, uint8_t *pTfBuffer, uint8_t *aad, + SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - int16_t idx = *idx_p; + int16_t idx = *idx_p; if (sa_service_type != SA_PLAINTEXT) { @@ -283,12 +287,13 @@ int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, uint16_t* aad // Prepare the Header AAD (CCSDS 335.0-B-2 4.2.3.4) *aad_len = idx; // At the very least AAD includes the header - if (sa_service_type == SA_AUTHENTICATION) // auth only, we authenticate the payload as part of the AEAD encrypt call here + if (sa_service_type == + SA_AUTHENTICATION) // auth only, we authenticate the payload as part of the AEAD encrypt call here { *aad_len += pdu_len; } #ifdef TM_DEBUG - printf("Calculated AAD Length: %d\n",*aad_len); + printf("Calculated AAD Length: %d\n", *aad_len); #endif if (sa_ptr->abm_len < *aad_len) { @@ -298,8 +303,8 @@ int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, uint16_t* aad } if (status == CRYPTO_LIB_SUCCESS) { - status = Crypto_Prepare_TM_AAD(pTfBuffer, *aad_len, sa_ptr->abm, aad); - } + status = Crypto_Prepare_TM_AAD(pTfBuffer, *aad_len, sa_ptr->abm, aad); + } } } @@ -323,100 +328,109 @@ int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT(uint8_t sa_service_type, uint16_t* aad * @param aad: uint8_t* * @param sa_ptr: SecurityAssociation_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT_AEAD_Logic(uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, uint8_t* pTfBuffer, uint16_t pdu_len, uint16_t data_loc, crypto_key_t* ekp, crypto_key_t* akp, uint32_t pkcs_padding, int* mac_loc, uint16_t* aad_len, uint8_t* aad, SecurityAssociation_t* sa_ptr) + **/ +int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT_AEAD_Logic(uint8_t sa_service_type, uint8_t ecs_is_aead_algorithm, + uint8_t *pTfBuffer, uint16_t pdu_len, uint16_t data_loc, + crypto_key_t *ekp, crypto_key_t *akp, uint32_t pkcs_padding, + int *mac_loc, uint16_t *aad_len, uint8_t *aad, + SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) + if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { - if(sa_service_type == SA_ENCRYPTION) + if (sa_service_type == SA_ENCRYPTION) { - status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles - (uint8_t*)(&pTfBuffer[data_loc]), // ciphertext output - (size_t) pdu_len, // length of data - (uint8_t*)(&pTfBuffer[data_loc]), // plaintext input - (size_t) pdu_len, // in data length - from start of frame to end of data - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - pkcs_padding, // authentication cipher - NULL); - } - if(sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + status = + cryptography_if + ->cryptography_encrypt( // Stub out data in/out as this is done in place and want to save cycles + (uint8_t *)(&pTfBuffer[data_loc]), // ciphertext output + (size_t)pdu_len, // length of data + (uint8_t *)(&pTfBuffer[data_loc]), // plaintext input + (size_t)pdu_len, // in data length - from start of frame to end of data + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + pkcs_padding, // authentication cipher + NULL); + } + if (sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - status = cryptography_if->cryptography_aead_encrypt((uint8_t*)(&pTfBuffer[data_loc]), // ciphertext output - (size_t) pdu_len, // length of data - (uint8_t*)(&pTfBuffer[data_loc]), // plaintext input - (size_t) pdu_len, // in data length - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &pTfBuffer[*mac_loc], // tag output - sa_ptr->stmacf_len, // tag size - aad, // AAD Input - *aad_len, // Length of AAD - (sa_ptr->est==1), - (sa_ptr->ast==1), - (sa_ptr->ast==1), - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher - NULL); + status = cryptography_if->cryptography_aead_encrypt( + (uint8_t *)(&pTfBuffer[data_loc]), // ciphertext output + (size_t)pdu_len, // length of data + (uint8_t *)(&pTfBuffer[data_loc]), // plaintext input + (size_t)pdu_len, // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &pTfBuffer[*mac_loc], // tag output + sa_ptr->stmacf_len, // tag size + aad, // AAD Input + *aad_len, // Length of AAD + (sa_ptr->est == 1), (sa_ptr->ast == 1), (sa_ptr->ast == 1), + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher + NULL); } } else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm { // TODO - implement non-AEAD algorithm logic - if(sa_service_type == SA_AUTHENTICATION) + if (sa_service_type == SA_AUTHENTICATION) { - status = cryptography_if->cryptography_authenticate(//Stub out data in/out as this is done in place and want to save cycles - (uint8_t*)(&pTfBuffer[0]), // ciphertext output - (size_t) 0, // length of data - (uint8_t*)(&pTfBuffer[0]), // plaintext input - (size_t)0, // in data length - from start of frame to end of data - &(akp->value[0]), // Key - Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &pTfBuffer[*mac_loc], // tag output - sa_ptr->stmacf_len, // tag size - aad, // AAD Input - *aad_len, // Length of AAD - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher - NULL); + status = cryptography_if->cryptography_authenticate( // Stub out data in/out as this is done in place and + // want to save cycles + (uint8_t *)(&pTfBuffer[0]), // ciphertext output + (size_t)0, // length of data + (uint8_t *)(&pTfBuffer[0]), // plaintext input + (size_t)0, // in data length - from start of frame to end of data + &(akp->value[0]), // Key + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &pTfBuffer[*mac_loc], // tag output + sa_ptr->stmacf_len, // tag size + aad, // AAD Input + *aad_len, // Length of AAD + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher + NULL); } - else if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + else if (sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { if (sa_service_type == SA_ENCRYPTION) - { - status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles - (uint8_t*)(&pTfBuffer[data_loc]), // ciphertext output - (size_t) pdu_len, // length of data - (uint8_t*)(&pTfBuffer[data_loc]), // plaintext input - (size_t) pdu_len, // in data length - from start of frame to end of data - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - pkcs_padding, // authentication cipher - NULL); + { + status = + cryptography_if + ->cryptography_encrypt( // Stub out data in/out as this is done in place and want to save cycles + (uint8_t *)(&pTfBuffer[data_loc]), // ciphertext output + (size_t)pdu_len, // length of data + (uint8_t *)(&pTfBuffer[data_loc]), // plaintext input + (size_t)pdu_len, // in data length - from start of frame to end of data + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + pkcs_padding, // authentication cipher + NULL); } } - else if(sa_service_type == SA_PLAINTEXT) + else if (sa_service_type == SA_PLAINTEXT) { // Do nothing, SDLS fields were already copied into static frame in memory } - else{ + else + { #ifdef TM_DEBUG printf(KRED "Service type reported as: %d\n" RESET, sa_service_type); printf(KRED "ECS IS AEAD Value: %d\n" RESET, ecs_is_aead_algorithm); @@ -433,8 +447,8 @@ int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT_AEAD_Logic(uint8_t sa_service_type, ui * @param sa_service_type: uint8_t * @param sa_ptr: SecurityAssociation_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Do_Encrypt_Handle_Increment(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr) + **/ +int32_t Crypto_TM_Do_Encrypt_Handle_Increment(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; if (sa_service_type != SA_PLAINTEXT) @@ -512,23 +526,28 @@ int32_t Crypto_TM_Do_Encrypt_Handle_Increment(uint8_t sa_service_type, SecurityA * @param pkcs_padding: uint32_t * @param new_fecf: uint16_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint16_t* aad_len, int* mac_loc, uint16_t* idx_p, uint16_t pdu_len, uint8_t* pTfBuffer, uint8_t* aad, uint8_t ecs_is_aead_algorithm, uint16_t data_loc, crypto_key_t* ekp, crypto_key_t* akp, uint32_t pkcs_padding, uint16_t* new_fecf) -{ -/** - * Begin Authentication / Encryption **/ - uint16_t idx = *idx_p; - int32_t status = CRYPTO_LIB_SUCCESS; - status = Crypto_TM_Do_Encrypt_NONPLAINTEXT(sa_service_type, aad_len, mac_loc, idx_p, pdu_len, pTfBuffer, aad, sa_ptr); +int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint16_t *aad_len, int *mac_loc, + uint16_t *idx_p, uint16_t pdu_len, uint8_t *pTfBuffer, uint8_t *aad, + uint8_t ecs_is_aead_algorithm, uint16_t data_loc, crypto_key_t *ekp, crypto_key_t *akp, + uint32_t pkcs_padding, uint16_t *new_fecf) +{ + /** + * Begin Authentication / Encryption + **/ + uint16_t idx = *idx_p; + int32_t status = CRYPTO_LIB_SUCCESS; + status = + Crypto_TM_Do_Encrypt_NONPLAINTEXT(sa_service_type, aad_len, mac_loc, idx_p, pdu_len, pTfBuffer, aad, sa_ptr); -// AEAD Algorithm Logic + // AEAD Algorithm Logic if (status == CRYPTO_LIB_SUCCESS) { - status = Crypto_TM_Do_Encrypt_NONPLAINTEXT_AEAD_Logic(sa_service_type, ecs_is_aead_algorithm, pTfBuffer, pdu_len, data_loc, ekp, akp, pkcs_padding, mac_loc, aad_len, aad, sa_ptr); + status = Crypto_TM_Do_Encrypt_NONPLAINTEXT_AEAD_Logic(sa_service_type, ecs_is_aead_algorithm, pTfBuffer, + pdu_len, data_loc, ekp, akp, pkcs_padding, mac_loc, + aad_len, aad, sa_ptr); } - if (status == CRYPTO_LIB_SUCCESS) { status = Crypto_TM_Do_Encrypt_Handle_Increment(sa_service_type, sa_ptr); @@ -551,7 +570,7 @@ int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ } #endif - //TODO OCF - ? Here, elsewhere? + // TODO OCF - ? Here, elsewhere? /** * End Authentication / Encryption @@ -565,7 +584,8 @@ int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ #endif if (crypto_config.crypto_create_fecf == CRYPTO_TM_CREATE_FECF_TRUE) { - *new_fecf = Crypto_Calc_FECF((uint8_t*)pTfBuffer, current_managed_parameters_struct.max_frame_size - 2); + *new_fecf = + Crypto_Calc_FECF((uint8_t *)pTfBuffer, current_managed_parameters_struct.max_frame_size - 2); pTfBuffer[current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)((*new_fecf & 0xFF00) >> 8); pTfBuffer[current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)(*new_fecf & 0x00FF); } @@ -579,7 +599,7 @@ int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ #ifdef TM_DEBUG printf(KYEL "Printing new TM frame:\n\t"); - for(int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { printf("%02X", pTfBuffer[i]); } @@ -599,7 +619,6 @@ int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ return status; } - /** * @brief Function: Crypto_TM_ApplySecurity_Debug_Print * Simple Debug Print function for TM. Displays @@ -607,24 +626,24 @@ int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ * @param idx: uint16_t * @param pdu_len: uint16_t * @param sa_ptr: SecurityAssociation_t* -**/ -void Crypto_TM_ApplySecurity_Debug_Print(uint16_t idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) + **/ +void Crypto_TM_ApplySecurity_Debug_Print(uint16_t idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) { // Fix to ignore warnings - idx = idx; + idx = idx; pdu_len = pdu_len; - sa_ptr = sa_ptr; + sa_ptr = sa_ptr; - #ifdef TM_DEBUG +#ifdef TM_DEBUG printf(KYEL "Data location starts at: %d\n" RESET, idx); printf(KYEL "Data size is: %d\n" RESET, pdu_len); printf(KYEL "Index at end of SPI is: %d\n", idx); - if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { // If OCF exists, comes immediately after MAC printf(KYEL "OCF Location is: %d" RESET, idx + pdu_len + sa_ptr->stmacf_len); } - if(current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { // If FECF exists, comes just before end of the frame printf(KYEL "FECF Location is: %d\n" RESET, current_managed_parameters_struct.max_frame_size - 2); @@ -637,10 +656,10 @@ void Crypto_TM_ApplySecurity_Debug_Print(uint16_t idx, uint16_t pdu_len, Securit * @param ingest: uint8_t* * @param len_ingest: int* * @return int32: Success/Failure - * + * * The TM ApplySecurity Payload shall consist of the portion of the TM Transfer Frame (see * reference [1]) from the first octet of the Transfer Frame Primary Header to the last octet of - * the Transfer Frame Data Field. + * the Transfer Frame Data Field. * NOTES * 1 The TM Transfer Frame is the fixed-length protocol data unit of the TM Space Data * Link Protocol. The length of any Transfer Frame transferred on a physical channel is @@ -649,45 +668,45 @@ void Crypto_TM_ApplySecurity_Debug_Print(uint16_t idx, uint16_t pdu_len, Securit * parameter includes the Security Header field. When the ApplySecurity Function is * called, the Security Header field is empty; i.e., the caller has not set any values in the * Security Header - **/ -int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) + **/ +int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer) { - int32_t status = CRYPTO_LIB_SUCCESS; - int mac_loc = 0; - uint8_t aad[1786]; - uint16_t aad_len = 0; - int i = 0; - uint16_t data_loc; - uint16_t idx = 0; - uint8_t sa_service_type = -1; - uint16_t pdu_len = -1; - uint32_t pkcs_padding = 0; - uint16_t new_fecf = 0x0000; - uint8_t ecs_is_aead_algorithm; - SecurityAssociation_t* sa_ptr = NULL; - uint8_t tfvn = 0; - uint16_t scid = 0; - uint16_t vcid = 0; + int32_t status = CRYPTO_LIB_SUCCESS; + int mac_loc = 0; + uint8_t aad[1786]; + uint16_t aad_len = 0; + int i = 0; + uint16_t data_loc; + uint16_t idx = 0; + uint8_t sa_service_type = -1; + uint16_t pdu_len = -1; + uint32_t pkcs_padding = 0; + uint16_t new_fecf = 0x0000; + uint8_t ecs_is_aead_algorithm; + SecurityAssociation_t *sa_ptr = NULL; + uint8_t tfvn = 0; + uint16_t scid = 0; + uint16_t vcid = 0; status = Crypto_TM_Sanity_Check(pTfBuffer); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } tfvn = ((uint8_t)pTfBuffer[0] & 0xC0) >> 6; scid = (((uint16_t)pTfBuffer[0] & 0x3F) << 4) | (((uint16_t)pTfBuffer[1] & 0xF0) >> 4); - vcid = ((uint8_t) pTfBuffer[1] & 0x0E) >> 1; + vcid = ((uint8_t)pTfBuffer[1] & 0x0E) >> 1; #ifdef TM_DEBUG printf(KYEL "\n----- Crypto_TM_ApplySecurity START -----\n" RESET); printf("The following GVCID parameters will be used:\n"); printf("\tTVFN: 0x%04X\t", tfvn); printf("\tSCID: 0x%04X", scid); - printf("\tVCID: 0x%04X",vcid); + printf("\tVCID: 0x%04X", vcid); printf("\tMAP: %d\n", 0); printf("\tPriHdr as follows:\n\t\t"); - for (int i =0; i<6; i++) + for (int i = 0; i < 6; i++) { printf("%02X", (uint8_t)pTfBuffer[i]); } @@ -706,7 +725,8 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) return status; } - status = Crypto_Get_Managed_Parameters_For_Gvcid(tfvn, scid, vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = Crypto_Get_Managed_Parameters_For_Gvcid(tfvn, scid, vcid, gvcid_managed_parameters_array, + ¤t_managed_parameters_struct); // No managed parameters found if (status != CRYPTO_LIB_SUCCESS) @@ -718,9 +738,9 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) return status; } - #ifdef TM_DEBUG +#ifdef TM_DEBUG printf(KYEL "TM BEFORE Apply Sec:\n\t" RESET); - for (int16_t i =0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int16_t i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { printf("%02X", pTfBuffer[i]); } @@ -734,7 +754,8 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) // Determine SA Service Type status = Crypto_TM_Determine_SA_Service_Type(&sa_service_type, sa_ptr); - if(status != CRYPTO_LIB_SUCCESS) return status; + if (status != CRYPTO_LIB_SUCCESS) + return status; // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) @@ -745,23 +766,23 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) #ifdef TM_DEBUG switch (sa_service_type) { - case SA_PLAINTEXT: - printf(KBLU "Creating a SDLS TM - CLEAR!\n" RESET); - break; - case SA_AUTHENTICATION: - printf(KBLU "Creating a SDLS TM - AUTHENTICATED!\n" RESET); - break; - case SA_ENCRYPTION: - printf(KBLU "Creating a SDLS TM - ENCRYPTED!\n" RESET); - break; - case SA_AUTHENTICATED_ENCRYPTION: - printf(KBLU "Creating a SDLS TM - AUTHENTICATED ENCRYPTION!\n" RESET); - break; + case SA_PLAINTEXT: + printf(KBLU "Creating a SDLS TM - CLEAR!\n" RESET); + break; + case SA_AUTHENTICATION: + printf(KBLU "Creating a SDLS TM - AUTHENTICATED!\n" RESET); + break; + case SA_ENCRYPTION: + printf(KBLU "Creating a SDLS TM - ENCRYPTED!\n" RESET); + break; + case SA_AUTHENTICATED_ENCRYPTION: + printf(KBLU "Creating a SDLS TM - AUTHENTICATED ENCRYPTION!\n" RESET); + break; } #endif // Check if secondary header is present within frame - // Note: Secondary headers are static only for a mission phase, not guaranteed static + // Note: Secondary headers are static only for a mission phase, not guaranteed static // over the life of a mission Per CCSDS 132.0-B.3 Section 4.1.2.7.2.3 // Secondary Header flag is 1st bit of 5th byte (index 4) @@ -773,13 +794,14 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) **/ // Set SPI - pTfBuffer[idx] = ((sa_ptr->spi & 0xFF00) >> 8); + pTfBuffer[idx] = ((sa_ptr->spi & 0xFF00) >> 8); pTfBuffer[idx + 1] = (sa_ptr->spi & 0x00FF); idx += 2; // Set initialization vector if specified status = Crypto_TM_IV_Sanity_Check(&sa_service_type, sa_ptr); - if(status != CRYPTO_LIB_SUCCESS) return status; + if (status != CRYPTO_LIB_SUCCESS) + return status; // Start index from the transmitted portion for (i = sa_ptr->iv_len - sa_ptr->shivf_len; i < sa_ptr->iv_len; i++) @@ -817,21 +839,20 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) // TODO: Set this depending on crypto cipher used Crypto_TM_PKCS_Padding(&pkcs_padding, sa_ptr, pTfBuffer, &idx); - /** * End Security Header Fields **/ - //TODO: Padding handled here, or TO? - // for (uint32_t i = 0; i < pkcs_padding; i++) - // { - // /** 4.1.1.5.2 The Pad Length field shall contain the count of fill bytes used in the - // * cryptographic process, consisting of an integral number of octets. - CCSDS 3550b1 - // **/ - // // TODO: Set this depending on crypto cipher used - // * (p_new_enc_frame + index + i) = (uint8_t)pkcs_padding; // How much padding is needed? - // // index++; - // } + // TODO: Padding handled here, or TO? + // for (uint32_t i = 0; i < pkcs_padding; i++) + // { + // /** 4.1.1.5.2 The Pad Length field shall contain the count of fill bytes used in the + // * cryptographic process, consisting of an integral number of octets. - CCSDS 3550b1 + // **/ + // // TODO: Set this depending on crypto cipher used + // * (p_new_enc_frame + index + i) = (uint8_t)pkcs_padding; // How much padding is needed? + // // index++; + // } /** * ~~~Index currently at start of data field, AKA end of security header~~~ @@ -844,16 +865,17 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) Crypto_TM_ApplySecurity_Debug_Print(idx, pdu_len, sa_ptr); // Get Key - crypto_key_t* ekp = NULL; - crypto_key_t* akp = NULL; - status = Crypto_TM_Get_Keys(&ekp, &akp, sa_ptr); - if(status != CRYPTO_LIB_SUCCESS) + crypto_key_t *ekp = NULL; + crypto_key_t *akp = NULL; + status = Crypto_TM_Get_Keys(&ekp, &akp, sa_ptr); + if (status != CRYPTO_LIB_SUCCESS) { return status; } - status = Crypto_TM_Do_Encrypt(sa_service_type, sa_ptr, &aad_len, &mac_loc, &idx, pdu_len, pTfBuffer, aad, ecs_is_aead_algorithm, data_loc, ekp, akp, pkcs_padding, &new_fecf); - if(status != CRYPTO_LIB_SUCCESS) + status = Crypto_TM_Do_Encrypt(sa_service_type, sa_ptr, &aad_len, &mac_loc, &idx, pdu_len, pTfBuffer, aad, + ecs_is_aead_algorithm, data_loc, ekp, akp, pkcs_padding, &new_fecf); + if (status != CRYPTO_LIB_SUCCESS) { return status; } @@ -1054,11 +1076,10 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) &(aad[0]), // AAD Input location sa_ptr->abm_len, // AAD is size of ABM in this case CRYPTO_TRUE, // Encrypt - CRYPTO_FALSE, // Authenticate // TODO -- Set to SA value, manually setting to false here so existing tests pass. Existing data was generated with authenticate then encrypt, when it should have been encrypt then authenticate. - CRYPTO_TRUE, // Use AAD - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher - NULL // cam_cookies (not supported in TM functions yet) + CRYPTO_FALSE, // Authenticate // TODO -- Set to SA value, +manually setting to false here so existing tests pass. Existing data was generated with authenticate then encrypt, when +it should have been encrypt then authenticate. CRYPTO_TRUE, // Use AAD sa_ptr->ecs, // encryption cipher sa_ptr->acs, // +authentication cipher NULL // cam_cookies (not supported in TM functions yet) ); @@ -1106,18 +1127,17 @@ int32_t Crypto_TM_ApplySecurity(uint8_t* pTfBuffer) return status; } **/ - /** * @brief Function: Crypto_TM_Process_Setup - * Sets up TM Process Security. Verifies ingest length, verifies pointers are not null, + * Sets up TM Process Security. Verifies ingest length, verifies pointers are not null, * Retreives managed parameters, validates GVCID, and verifies the presence of Secondary Header * @param len_ingest: uint16_t * @param byte_idx: uint16_t* * @param p_ingest: uint8_t* * @param secondary_hdr_len: uint8_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t* byte_idx, uint8_t* p_ingest, uint8_t* secondary_hdr_len) + **/ +int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t *byte_idx, uint8_t *p_ingest, uint8_t *secondary_hdr_len) { int32_t status = CRYPTO_LIB_SUCCESS; #ifdef DEBUG @@ -1130,7 +1150,8 @@ int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t* byte_idx, uint8_t mc_if->mc_log(status); } - if ((status == CRYPTO_LIB_SUCCESS) && ((crypto_config.init_status == UNITIALIZED) || (mc_if == NULL) || (sa_if == NULL))) + if ((status == CRYPTO_LIB_SUCCESS) && + ((crypto_config.init_status == UNITIALIZED) || (mc_if == NULL) || (sa_if == NULL))) { #ifdef TM_DEBUG printf(KRED "ERROR: CryptoLib Configuration Not Set! -- CRYPTO_LIB_ERR_NO_CONFIG, Will Exit\n" RESET); @@ -1152,17 +1173,18 @@ int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t* byte_idx, uint8_t #ifdef TM_DEBUG printf(KGRN "TM Process Using following parameters:\n\t" RESET); - printf(KGRN "tvfn: %d\t scid: %d\t vcid: %d\n" RESET, tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid ); + printf(KGRN "tvfn: %d\t scid: %d\t vcid: %d\n" RESET, tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + tm_frame_pri_hdr.vcid); #endif // Lookup-retrieve managed parameters for frame via gvcid: if (status == CRYPTO_LIB_SUCCESS) { - status = Crypto_Get_Managed_Parameters_For_Gvcid( - tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); } - + if (status != CRYPTO_LIB_SUCCESS) { #ifdef TM_DEBUG @@ -1176,27 +1198,27 @@ int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t* byte_idx, uint8_t } // Unable to get necessary Managed Parameters for TM TF -- return with error. // Check if secondary header is present within frame - // Note: Secondary headers are static only for a mission phase, not guaranteed static + // Note: Secondary headers are static only for a mission phase, not guaranteed static // over the life of a mission Per CCSDS 132.0-B.3 Section 4.1.2.7.2.3 - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { // Secondary Header flag is 1st bit of 5th byte (index 4) - *byte_idx = 4; - if((p_ingest[*byte_idx] & 0x80) == 0x80) + *byte_idx = 4; + if ((p_ingest[*byte_idx] & 0x80) == 0x80) { - #ifdef TM_DEBUG +#ifdef TM_DEBUG printf(KYEL "A TM Secondary Header flag is set!\n"); - #endif +#endif // Secondary header is present *byte_idx = 6; // Determine length of secondary header // Length coded as total length of secondary header - 1 // Reference CCSDS 132.0-B-2 4.1.3.2.3 *secondary_hdr_len = (p_ingest[*byte_idx] & 0x3F) + 1; - #ifdef TM_DEBUG +#ifdef TM_DEBUG printf(KYEL "Secondary Header Length is decoded as: %d\n", *secondary_hdr_len); - #endif +#endif // Increment from current byte (1st byte of secondary header), // to where the SPI would start *byte_idx += *secondary_hdr_len; @@ -1213,14 +1235,15 @@ int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t* byte_idx, uint8_t /** * @brief Function: Crypto_TM_Determine_Cipher_Mode - * Determines Cipher mode and Algorithm type + * Determines Cipher mode and Algorithm type * @param sa_service_type: uint8_t * @param sa_ptr: SecurityAssociation_t* * @param encryption_cipher: uint32_t* * @param ecs_is_aead_algorithm: uint8_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Determine_Cipher_Mode(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint32_t* encryption_cipher, uint8_t* ecs_is_aead_algorithm) + **/ +int32_t Crypto_TM_Determine_Cipher_Mode(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, + uint32_t *encryption_cipher, uint8_t *ecs_is_aead_algorithm) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -1241,7 +1264,7 @@ int32_t Crypto_TM_Determine_Cipher_Mode(uint8_t sa_service_type, SecurityAssocia *ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(*encryption_cipher); } - if ( *encryption_cipher == CRYPTO_CIPHER_NONE && sa_ptr->est == 1) + if (*encryption_cipher == CRYPTO_CIPHER_NONE && sa_ptr->est == 1) { status = CRYPTO_LIB_ERR_NO_ECS_SET_FOR_ENCRYPTION_MODE; mc_if->mc_log(status); @@ -1256,15 +1279,15 @@ int32_t Crypto_TM_Determine_Cipher_Mode(uint8_t sa_service_type, SecurityAssocia * @param p_ingest: uint8_t* * @param len_ingest: uint16_t * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_FECF_Setup(uint8_t* p_ingest, uint16_t len_ingest) + **/ +int32_t Crypto_TM_FECF_Setup(uint8_t *p_ingest, uint16_t len_ingest) { int32_t status = CRYPTO_LIB_SUCCESS; if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { uint16_t received_fecf = (((p_ingest[current_managed_parameters_struct.max_frame_size - 2] << 8) & 0xFF00) | - (p_ingest[current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); + (p_ingest[current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); if (crypto_config.crypto_check_fecf == TM_CHECK_FECF_TRUE) { @@ -1277,7 +1300,7 @@ int32_t Crypto_TM_FECF_Setup(uint8_t* p_ingest, uint16_t len_ingest) #ifdef FECF_DEBUG printf("Received FECF is 0x%04X\n", received_fecf); printf("Calculated FECF is 0x%04X\n", calculated_fecf); - printf("FECF was Calced over %d bytes\n", len_ingest-2); + printf("FECF was Calced over %d bytes\n", len_ingest - 2); #endif status = CRYPTO_LIB_ERR_INVALID_FECF; mc_if->mc_log(status); @@ -1296,9 +1319,9 @@ int32_t Crypto_TM_FECF_Setup(uint8_t* p_ingest, uint16_t len_ingest) else if (current_managed_parameters_struct.has_fecf != TM_NO_FECF) { #ifdef TM_DEBUG - printf(KRED "TM_Process Error...tfvn: %d scid: 0x%04X vcid: 0x%02X fecf_enum: %d\n" RESET, - current_managed_parameters_struct.tfvn, current_managed_parameters_struct.scid, - current_managed_parameters_struct.vcid, current_managed_parameters_struct.has_fecf); + printf(KRED "TM_Process Error...tfvn: %d scid: 0x%04X vcid: 0x%02X fecf_enum: %d\n" RESET, + current_managed_parameters_struct.tfvn, current_managed_parameters_struct.scid, + current_managed_parameters_struct.vcid, current_managed_parameters_struct.has_fecf); #endif status = CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG; mc_if->mc_log(status); @@ -1317,15 +1340,16 @@ int32_t Crypto_TM_FECF_Setup(uint8_t* p_ingest, uint16_t len_ingest) * @param byte_idx: uint16_t * @param aad: uint8_t* * @return int32_t: Success/Failure -**/ -int32_t Crypto_TM_Parse_Mac_Prep_AAD(uint8_t sa_service_type, uint8_t* p_ingest, int mac_loc, SecurityAssociation_t* sa_ptr, uint16_t* aad_len, uint16_t byte_idx, uint8_t* aad) + **/ +int32_t Crypto_TM_Parse_Mac_Prep_AAD(uint8_t sa_service_type, uint8_t *p_ingest, int mac_loc, + SecurityAssociation_t *sa_ptr, uint16_t *aad_len, uint16_t byte_idx, uint8_t *aad) { int32_t status = CRYPTO_LIB_SUCCESS; if ((sa_service_type == SA_AUTHENTICATION) || (sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) { #ifdef MAC_DEBUG printf("MAC Parsed from Frame:\n"); - Crypto_hexprint(p_ingest+mac_loc,sa_ptr->stmacf_len); + Crypto_hexprint(p_ingest + mac_loc, sa_ptr->stmacf_len); #endif if (sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { @@ -1341,23 +1365,22 @@ int32_t Crypto_TM_Parse_Mac_Prep_AAD(uint8_t sa_service_type, uint8_t* p_ingest, mc_if->mc_log(status); } // Use ingest and abm to create aad - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { status = Crypto_Prepare_TM_AAD(p_ingest, *aad_len, sa_ptr->abm, aad); - } + } #ifdef MAC_DEBUG - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { printf("AAD Debug:\n\tAAD Length is %d\n\t AAD is: ", *aad_len); - for (int i = 0; i<*aad_len; i++) + for (int i = 0; i < *aad_len; i++) { printf("%02X", aad[i]); } printf("\n"); } #endif - } return status; } @@ -1377,45 +1400,47 @@ int32_t Crypto_TM_Parse_Mac_Prep_AAD(uint8_t sa_service_type, uint8_t* p_ingest, * @param aad_len: uint16_t * @param aad: uint8_t* * @return int32_t: Success/Failure -*/ -int32_t Crypto_TM_Do_Decrypt_AEAD(uint8_t sa_service_type, uint8_t* p_ingest, uint8_t* p_new_dec_frame, uint16_t byte_idx, uint16_t pdu_len, crypto_key_t* ekp, SecurityAssociation_t* sa_ptr, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad) + */ +int32_t Crypto_TM_Do_Decrypt_AEAD(uint8_t sa_service_type, uint8_t *p_ingest, uint8_t *p_new_dec_frame, + uint16_t byte_idx, uint16_t pdu_len, crypto_key_t *ekp, SecurityAssociation_t *sa_ptr, + uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t *aad) { int32_t status = CRYPTO_LIB_SUCCESS; - if(sa_service_type == SA_ENCRYPTION) - { - status = cryptography_if->cryptography_decrypt(p_new_dec_frame+byte_idx, // plaintext output - pdu_len, // length of data - p_ingest+byte_idx, // ciphertext input - pdu_len, // in data length - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA for key reference - p_ingest+iv_loc, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher - NULL); - } - if(sa_service_type == SA_AUTHENTICATED_ENCRYPTION) - { - status = cryptography_if->cryptography_aead_decrypt(p_new_dec_frame+byte_idx, // plaintext output - pdu_len, // length of data - p_ingest+byte_idx, // ciphertext input - pdu_len, // in data length - &(ekp->value[0]), // Key + if (sa_service_type == SA_ENCRYPTION) + { + status = cryptography_if->cryptography_decrypt(p_new_dec_frame + byte_idx, // plaintext output + pdu_len, // length of data + p_ingest + byte_idx, // ciphertext input + pdu_len, // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), + sa_ptr, // SA for key reference + p_ingest + iv_loc, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher + NULL); + } + if (sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + { + status = cryptography_if->cryptography_aead_decrypt(p_new_dec_frame + byte_idx, // plaintext output + pdu_len, // length of data + p_ingest + byte_idx, // ciphertext input + pdu_len, // in data length + &(ekp->value[0]), // Key Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA for key reference - p_ingest+iv_loc, // IV - sa_ptr->iv_len, // IV Length - p_ingest+mac_loc, // Frame Expected Tag + sa_ptr, // SA for key reference + p_ingest + iv_loc, // IV + sa_ptr->iv_len, // IV Length + p_ingest + mac_loc, // Frame Expected Tag sa_ptr->stmacf_len, // tag size - aad, // additional authenticated data - aad_len, // length of AAD - (sa_ptr->est), // Decryption Bool - (sa_ptr->ast), // Authentication Bool - (sa_ptr->ast), // AAD Bool - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher + aad, // additional authenticated data + aad_len, // length of AAD + (sa_ptr->est), // Decryption Bool + (sa_ptr->ast), // Authentication Bool + (sa_ptr->ast), // AAD Bool + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher NULL); } return status; @@ -1437,69 +1462,70 @@ int32_t Crypto_TM_Do_Decrypt_AEAD(uint8_t sa_service_type, uint8_t* p_ingest, ui * @param aad_len: uint16_t * @param aad: uint8_t * @return int32_t: Success/Failure -*/ -int32_t Crypto_TM_Do_Decrypt_NONAEAD(uint8_t sa_service_type, uint16_t pdu_len, uint8_t* p_new_dec_frame, uint16_t byte_idx, uint8_t* p_ingest, crypto_key_t* akp, crypto_key_t* ekp, SecurityAssociation_t* sa_ptr, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad) + */ +int32_t Crypto_TM_Do_Decrypt_NONAEAD(uint8_t sa_service_type, uint16_t pdu_len, uint8_t *p_new_dec_frame, + uint16_t byte_idx, uint8_t *p_ingest, crypto_key_t *akp, crypto_key_t *ekp, + SecurityAssociation_t *sa_ptr, uint8_t iv_loc, int mac_loc, uint16_t aad_len, + uint8_t *aad) { int32_t status = CRYPTO_LIB_SUCCESS; - if(sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) - { - status = cryptography_if->cryptography_validate_authentication(p_new_dec_frame+byte_idx, // plaintext output - pdu_len, // length of data - p_ingest+byte_idx, // ciphertext input - pdu_len, // in data length - &(akp->value[0]), // Key - Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), - sa_ptr, // SA for key reference - p_ingest+iv_loc, // IV - sa_ptr->iv_len, // IV Length - p_ingest+mac_loc, // Frame Expected Tag - sa_ptr->stmacf_len, // tag size - aad, // additional authenticated data - aad_len, // length of AAD - CRYPTO_CIPHER_NONE, // encryption cipher - sa_ptr->acs, // authentication cipher - NULL); // cam cookies - - } - if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + if (sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + { + status = cryptography_if->cryptography_validate_authentication(p_new_dec_frame + byte_idx, // plaintext output + pdu_len, // length of data + p_ingest + byte_idx, // ciphertext input + pdu_len, // in data length + &(akp->value[0]), // Key + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), + sa_ptr, // SA for key reference + p_ingest + iv_loc, // IV + sa_ptr->iv_len, // IV Length + p_ingest + mac_loc, // Frame Expected Tag + sa_ptr->stmacf_len, // tag size + aad, // additional authenticated data + aad_len, // length of AAD + CRYPTO_CIPHER_NONE, // encryption cipher + sa_ptr->acs, // authentication cipher + NULL); // cam cookies + } + if (sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { // Check that key length to be used meets the algorithm requirement - if((int32_t) ekp->key_len != Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs)) + if ((int32_t)ekp->key_len != Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs)) { // free(aad); - non-heap object status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; mc_if->mc_log(status); - //return status; + // return status; } - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { - status = cryptography_if->cryptography_decrypt(p_new_dec_frame+byte_idx, // plaintext output - pdu_len, // length of data - p_ingest+byte_idx, // ciphertext input - pdu_len, // in data length - &(ekp->value[0]), // Key - Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), - sa_ptr, // SA for key reference - p_ingest+iv_loc, // IV - sa_ptr->iv_len, // IV Length - &sa_ptr->ecs, // encryption cipher - &sa_ptr->acs, // authentication cipher - NULL); + status = cryptography_if->cryptography_decrypt(p_new_dec_frame + byte_idx, // plaintext output + pdu_len, // length of data + p_ingest + byte_idx, // ciphertext input + pdu_len, // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), + sa_ptr, // SA for key reference + p_ingest + iv_loc, // IV + sa_ptr->iv_len, // IV Length + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher + NULL); } - - // //Handle Padding Removal - // if(sa_ptr->shplf_len != 0) - // { - // int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + - // sa_ptr->shsnf_len; - // uint16_t padding_amount = 0; - // // Get Padding Amount from ingest frame - // padding_amount = (int)ingest[padding_location]; - // // Remove Padding from final decrypted portion - // tc_sdls_processed_frame->tc_pdu_len -= padding_amount; - // } + // //Handle Padding Removal + // if(sa_ptr->shplf_len != 0) + // { + // int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + + // sa_ptr->shsnf_len; + // uint16_t padding_amount = 0; + // // Get Padding Amount from ingest frame + // padding_amount = (int)ingest[padding_location]; + // // Remove Padding from final decrypted portion + // tc_sdls_processed_frame->tc_pdu_len -= padding_amount; + // } } return status; } @@ -1512,15 +1538,15 @@ int32_t Crypto_TM_Do_Decrypt_NONAEAD(uint8_t sa_service_type, uint16_t pdu_len, * @param sa_ptr: SecurityAssociation_t* * @param mac_loc: int* * @return int32_t: Success/Failure -*/ -void Crypto_TM_Calc_PDU_MAC(uint16_t* pdu_len, uint16_t byte_idx, SecurityAssociation_t* sa_ptr, int* mac_loc) + */ +void Crypto_TM_Calc_PDU_MAC(uint16_t *pdu_len, uint16_t byte_idx, SecurityAssociation_t *sa_ptr, int *mac_loc) { - *pdu_len = current_managed_parameters_struct.max_frame_size - (byte_idx) - sa_ptr->stmacf_len; - if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + *pdu_len = current_managed_parameters_struct.max_frame_size - (byte_idx)-sa_ptr->stmacf_len; + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { *pdu_len -= 4; } - if(current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { *pdu_len -= 2; } @@ -1551,36 +1577,41 @@ void Crypto_TM_Calc_PDU_MAC(uint16_t* pdu_len, uint16_t byte_idx, SecurityAssoci * @param pp_processed_frame: uint8_t** * @param p_decrypted_length: uint16_t* * @return int32_t: Success/Failure -*/ -int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ptr, uint8_t ecs_is_aead_algorithm, uint16_t byte_idx, uint8_t* p_new_dec_frame, uint16_t pdu_len, uint8_t* p_ingest, crypto_key_t* ekp, crypto_key_t* akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t* aad, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length) + */ +int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint8_t ecs_is_aead_algorithm, + uint16_t byte_idx, uint8_t *p_new_dec_frame, uint16_t pdu_len, uint8_t *p_ingest, + crypto_key_t *ekp, crypto_key_t *akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, + uint8_t *aad, uint8_t **pp_processed_frame, uint16_t *p_decrypted_length) { int32_t status = CRYPTO_LIB_SUCCESS; - if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) + if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { - status = Crypto_TM_Do_Decrypt_AEAD(sa_service_type, p_ingest, p_new_dec_frame, byte_idx, pdu_len, ekp, sa_ptr, iv_loc, mac_loc, aad_len, aad); + status = Crypto_TM_Do_Decrypt_AEAD(sa_service_type, p_ingest, p_new_dec_frame, byte_idx, pdu_len, ekp, sa_ptr, + iv_loc, mac_loc, aad_len, aad); } else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) { - status = Crypto_TM_Do_Decrypt_NONAEAD(sa_service_type, pdu_len, p_new_dec_frame, byte_idx, p_ingest, akp, ekp, sa_ptr, iv_loc, mac_loc, aad_len, aad); + status = Crypto_TM_Do_Decrypt_NONAEAD(sa_service_type, pdu_len, p_new_dec_frame, byte_idx, p_ingest, akp, ekp, + sa_ptr, iv_loc, mac_loc, aad_len, aad); // TODO - implement non-AEAD algorithm logic } - // If plaintext, copy byte by byte - else if(sa_service_type == SA_PLAINTEXT) + // If plaintext, copy byte by byte + else if (sa_service_type == SA_PLAINTEXT) { - memcpy(p_new_dec_frame+byte_idx, &(p_ingest[byte_idx]), pdu_len); + memcpy(p_new_dec_frame + byte_idx, &(p_ingest[byte_idx]), pdu_len); byte_idx += pdu_len; } #ifdef TM_DEBUG printf(KYEL "Printing received frame:\n\t" RESET); - for( int i=0; imc_log(status); } - + return status; } @@ -1609,27 +1640,27 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ * @param byte_idx: uint16_t * @param pdu_len: uint16_t * @param sa_ptr: SecurityAssociation_t* -*/ -void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) + */ +void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) { // Fix for variable warnings byte_idx = byte_idx; - pdu_len = pdu_len; - sa_ptr = sa_ptr; - #ifdef TM_DEBUG + pdu_len = pdu_len; + sa_ptr = sa_ptr; +#ifdef TM_DEBUG printf(KYEL "Index / data location starts at: %d\n" RESET, byte_idx); printf(KYEL "Data size is: %d\n" RESET, pdu_len); - if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { // If OCF exists, comes immediately after MAC printf(KYEL "OCF Location is: %d" RESET, byte_idx + pdu_len + sa_ptr->stmacf_len); } - if(current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { // If FECF exists, comes just before end of the frame printf(KYEL "FECF Location is: %d\n" RESET, current_managed_parameters_struct.max_frame_size - 2); } - #endif +#endif } /** @@ -1637,26 +1668,27 @@ void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, Security * @param ingest: uint8_t* * @param len_ingest: int* * @return int32: Success/Failure - **/ -int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length) + **/ +int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame, + uint16_t *p_decrypted_length) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t aad[1786]; - uint16_t aad_len = 0; - uint16_t byte_idx = 0; - uint8_t ecs_is_aead_algorithm; - uint32_t encryption_cipher = 0; - uint8_t iv_loc; - int mac_loc = 0; - uint16_t pdu_len = 1; - uint8_t* p_new_dec_frame = NULL; - SecurityAssociation_t* sa_ptr = NULL; - uint8_t sa_service_type = -1; - uint8_t secondary_hdr_len = 0; - uint8_t spi = -1; - crypto_key_t* ekp = NULL; - crypto_key_t* akp = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t aad[1786]; + uint16_t aad_len = 0; + uint16_t byte_idx = 0; + uint8_t ecs_is_aead_algorithm; + uint32_t encryption_cipher = 0; + uint8_t iv_loc; + int mac_loc = 0; + uint16_t pdu_len = 1; + uint8_t *p_new_dec_frame = NULL; + SecurityAssociation_t *sa_ptr = NULL; + uint8_t sa_service_type = -1; + uint8_t secondary_hdr_len = 0; + uint8_t spi = -1; + crypto_key_t *ekp = NULL; + crypto_key_t *akp = NULL; // Bit math to give concise access to values in the ingest tm_frame_pri_hdr.tfvn = ((uint8_t)p_ingest[0] & 0xC0) >> 6; @@ -1687,17 +1719,17 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ #endif // Determine SA Service Type status = Crypto_TM_Determine_SA_Service_Type(&sa_service_type, sa_ptr); - } - if (status == CRYPTO_LIB_SUCCESS) - { - // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly - status = Crypto_TM_Determine_Cipher_Mode(sa_service_type, sa_ptr, &encryption_cipher, &ecs_is_aead_algorithm); - } - if (status == CRYPTO_LIB_SUCCESS) + } + if (status == CRYPTO_LIB_SUCCESS) + { + // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly + status = Crypto_TM_Determine_Cipher_Mode(sa_service_type, sa_ptr, &encryption_cipher, &ecs_is_aead_algorithm); + } + if (status == CRYPTO_LIB_SUCCESS) + { +#ifdef TM_DEBUG + switch (sa_service_type) { - #ifdef TM_DEBUG - switch (sa_service_type) - { case SA_PLAINTEXT: printf(KBLU "Processing a TM - CLEAR!\n" RESET); break; @@ -1710,17 +1742,17 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ case SA_AUTHENTICATED_ENCRYPTION: printf(KBLU "Processing a TM - AUTHENTICATED ENCRYPTION!\n" RESET); break; - } - #endif + } +#endif // Parse & Check FECF, if present, and update fecf length status = Crypto_TM_FECF_Setup(p_ingest, len_ingest); } - - if (status == CRYPTO_LIB_SUCCESS) + + if (status == CRYPTO_LIB_SUCCESS) { // Accio buffer - p_new_dec_frame = (uint8_t*)calloc(1, (len_ingest) * sizeof(uint8_t)); + p_new_dec_frame = (uint8_t *)calloc(1, (len_ingest) * sizeof(uint8_t)); if (!p_new_dec_frame) { #ifdef DEBUG @@ -1747,12 +1779,12 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ byte_idx += (sa_ptr->arsn_len - sa_ptr->shsnf_len); byte_idx += sa_ptr->shplf_len; - #ifdef SA_DEBUG +#ifdef SA_DEBUG printf(KYEL "IV length of %d bytes\n" RESET, sa_ptr->shivf_len); printf(KYEL "ARSN length of %d bytes\n" RESET, sa_ptr->arsn_len - sa_ptr->shsnf_len); printf(KYEL "PAD length field of %d bytes\n" RESET, sa_ptr->shplf_len); printf(KYEL "First byte past Security Header is at index %d\n" RESET, byte_idx); - #endif +#endif /** * End Security Header Fields @@ -1760,7 +1792,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ **/ // Calculate size of the protocol data unit - // NOTE: This size itself is not the length for authentication + // NOTE: This size itself is not the length for authentication Crypto_TM_Calc_PDU_MAC(&pdu_len, byte_idx, sa_ptr, &mac_loc); Crypto_TM_Process_Debug_Print(byte_idx, pdu_len, sa_ptr); @@ -1769,11 +1801,11 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ // this will be over-written by decryption functions if necessary, // but not by authentication which requires - // Get Key + // Get Key status = Crypto_TM_Get_Keys(&ekp, &akp, sa_ptr); } - if (status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { /** * Begin Authentication / Encryption @@ -1781,9 +1813,9 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ // if(sa_service_type != SA_PLAINTEXT) // { - // status = CRYPTO_LIB_ERR_NULL_CIPHERS; - // mc_if->mc_log(status); - // return status; + // status = CRYPTO_LIB_ERR_NULL_CIPHERS; + // mc_if->mc_log(status); + // return status; // } // Parse MAC, prepare AAD @@ -1797,8 +1829,10 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; } - status = Crypto_TM_Do_Decrypt(sa_service_type, sa_ptr, ecs_is_aead_algorithm, byte_idx, p_new_dec_frame, pdu_len, p_ingest, ekp, akp, iv_loc, mac_loc, aad_len, aad, pp_processed_frame, p_decrypted_length); - } + status = Crypto_TM_Do_Decrypt(sa_service_type, sa_ptr, ecs_is_aead_algorithm, byte_idx, p_new_dec_frame, + pdu_len, p_ingest, ekp, akp, iv_loc, mac_loc, aad_len, aad, pp_processed_frame, + p_decrypted_length); + } return status; } @@ -1808,7 +1842,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_ * Returns the total length of the current tm_frame in BYTES! * @param len: int * @return int32_t Length of TM - **/ + **/ int32_t Crypto_Get_tmLength(int len) { #ifdef FILL @@ -1825,7 +1859,7 @@ int32_t Crypto_Get_tmLength(int len) * Update the Telemetry Payload Data Unit * @param ingest: uint8_t* * @param len_ingest: int - **/ + **/ /** void Crypto_TM_updatePDU(uint8_t* ingest, int len_ingest) { // Copy ingest to PDU @@ -1834,8 +1868,8 @@ void Crypto_TM_updatePDU(uint8_t* ingest, int len_ingest) // int fill_size = 0; SecurityAssociation_t* sa_ptr; - // Consider a helper function here, or elsewhere, to do all the 'math' in one spot as a global accessible list of variables - if (sa_if->sa_get_from_spi(tm_frame[0], &sa_ptr) != CRYPTO_LIB_SUCCESS) // modify + // Consider a helper function here, or elsewhere, to do all the 'math' in one spot as a global accessible list of +variables if (sa_if->sa_get_from_spi(tm_frame[0], &sa_ptr) != CRYPTO_LIB_SUCCESS) // modify { // TODO - Error handling printf(KRED"Update PDU Error!\n"); @@ -1973,7 +2007,7 @@ void Crypto_TM_updatePDU(uint8_t* ingest, int len_ingest) /** * @brief Function: Crypto_TM_updateOCF * Update the TM OCF - **/ + **/ /** void Crypto_TM_updateOCF(void) { @@ -2017,11 +2051,11 @@ void Crypto_TM_updateOCF(void) * @param abm_buffer: uint8_t* * @param aad: uint8_t* * @return status: uint32_t - **/ -uint32_t Crypto_Prepare_TM_AAD(const uint8_t* buffer, uint16_t len_aad, const uint8_t* abm_buffer, uint8_t* aad) + **/ +uint32_t Crypto_Prepare_TM_AAD(const uint8_t *buffer, uint16_t len_aad, const uint8_t *abm_buffer, uint8_t *aad) { uint32_t status = CRYPTO_LIB_SUCCESS; - int i; + int i; for (i = 0; i < len_aad; i++) { diff --git a/src/core/crypto_user.c b/src/core/crypto_user.c index 316a14c4..c4f56b01 100644 --- a/src/core/crypto_user.c +++ b/src/core/crypto_user.c @@ -26,14 +26,14 @@ * @param ingest: uint8_t* * @return int32: count **/ -int32_t Crypto_User_IdleTrigger(uint8_t* ingest) +int32_t Crypto_User_IdleTrigger(uint8_t *ingest) { uint8_t count = 0; // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = 0; - sdls_frame.hdr.pkt_length = sdls_frame.pdu.hdr.pdu_len + 9; - count = Crypto_Prep_Reply(ingest, 144); + sdls_frame.hdr.pkt_length = sdls_frame.pdu.hdr.pdu_len + 9; + count = Crypto_Prep_Reply(ingest, 144); return count; } @@ -122,9 +122,9 @@ int32_t Crypto_User_ModifyKey(void) { // Local variables uint16_t kid = ((uint8_t)sdls_frame.pdu.data[0] << 8) | ((uint8_t)sdls_frame.pdu.data[1]); - uint8_t mod = (uint8_t)sdls_frame.pdu.data[2]; + uint8_t mod = (uint8_t)sdls_frame.pdu.data[2]; - crypto_key_t* ekp = NULL; + crypto_key_t *ekp = NULL; ekp = key_if->get_key(kid); if (ekp == NULL) @@ -134,17 +134,17 @@ int32_t Crypto_User_ModifyKey(void) switch (mod) { - case 1: // Invalidate Key - ekp->value[KEY_SIZE - 1]++; - printf("Key %d value invalidated! \n", kid); - break; - case 2: // Modify key state - ekp->key_state = (uint8_t)sdls_frame.pdu.data[3] & 0x0F; - printf("Key %d state changed to %d! \n", kid, mod); - break; - default: - // Error - break; + case 1: // Invalidate Key + ekp->value[KEY_SIZE - 1]++; + printf("Key %d value invalidated! \n", kid); + break; + case 2: // Modify key state + ekp->key_state = (uint8_t)sdls_frame.pdu.data[3] & 0x0F; + printf("Key %d state changed to %d! \n", kid, mod); + break; + default: + // Error + break; } return CRYPTO_LIB_SUCCESS; @@ -171,9 +171,9 @@ int32_t Crypto_User_ModifyVCID(void) // tm_frame.tm_header.vcid = (uint8_t)sdls_frame.pdu.data[0]; // Check this tm_frame_pri_hdr.vcid = (uint8_t)sdls_frame.pdu.data[0]; - SecurityAssociation_t* sa_ptr; - int i; - int j; + SecurityAssociation_t *sa_ptr; + int i; + int j; for (i = 0; i < NUM_GVCID; i++) { @@ -187,8 +187,8 @@ int32_t Crypto_User_ModifyVCID(void) if (sa_ptr->gvcid_blk.mapid == TYPE_TM) { - - if (sa_ptr->gvcid_blk.vcid == tm_frame_pri_hdr.vcid)//.tm_header.vcid) + + if (sa_ptr->gvcid_blk.vcid == tm_frame_pri_hdr.vcid) //.tm_header.vcid) { // TODO Check this tm_frame_sec_hdr.spi = i; diff --git a/src/crypto/kmc/base64.c b/src/crypto/kmc/base64.c index cc2e5365..e2670c07 100644 --- a/src/crypto/kmc/base64.c +++ b/src/crypto/kmc/base64.c @@ -36,28 +36,21 @@ #include "base64.h" -//Base64 encoding table -static const char_t base64EncTable[64] = - { - 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', - 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', - 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', - 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' - }; - -//Base64 decoding table -static const uint8_t base64DecTable[128] = - { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, - 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, - 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, - 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF - }; - +// Base64 encoding table +static const char_t base64EncTable[64] = { + 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', + 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', + 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'}; + +// Base64 decoding table +static const uint8_t base64DecTable[128] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, + 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, + 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; /** * @brief Base64 encoding algorithm @@ -67,105 +60,104 @@ static const uint8_t base64DecTable[128] = * @param[out] outputLen Length of the encoded string (optional parameter) **/ -void base64Encode(const void* input, size_t inputLen, char_t* output, - size_t* outputLen) +void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *outputLen) { - size_t n; - uint8_t a; - uint8_t b; - uint8_t c; - uint8_t d; - const uint8_t* p; + size_t n; + uint8_t a; + uint8_t b; + uint8_t c; + uint8_t d; + const uint8_t *p; - //Point to the first byte of the input data - p = (const uint8_t* ) input; + // Point to the first byte of the input data + p = (const uint8_t *)input; - //Divide the input stream into blocks of 3 bytes + // Divide the input stream into blocks of 3 bytes n = inputLen / 3; - //A full encoding quantum is always completed at the end of a quantity - if(inputLen == (n * 3 + 1)) + // A full encoding quantum is always completed at the end of a quantity + if (inputLen == (n * 3 + 1)) { - //The final quantum of encoding input is exactly 8 bits - if(input != NULL && output != NULL) + // The final quantum of encoding input is exactly 8 bits + if (input != NULL && output != NULL) { - //Read input data + // Read input data a = (p[n * 3] & 0xFC) >> 2; b = (p[n * 3] & 0x03) << 4; - //The final unit of encoded output will be two characters followed - //by two "=" padding characters - output[n * 4] = base64EncTable[a]; + // The final unit of encoded output will be two characters followed + // by two "=" padding characters + output[n * 4] = base64EncTable[a]; output[n * 4 + 1] = base64EncTable[b]; output[n * 4 + 2] = '='; output[n * 4 + 3] = '='; output[n * 4 + 4] = '\0'; } - //Length of the encoded string (excluding the terminating NULL) - if(outputLen != NULL) + // Length of the encoded string (excluding the terminating NULL) + if (outputLen != NULL) { *outputLen = n * 4 + 4; } } - else if(inputLen == (n * 3 + 2)) + else if (inputLen == (n * 3 + 2)) { - //The final quantum of encoding input is exactly 16 bits - if(input != NULL && output != NULL) + // The final quantum of encoding input is exactly 16 bits + if (input != NULL && output != NULL) { - //Read input data + // Read input data a = (p[n * 3] & 0xFC) >> 2; b = ((p[n * 3] & 0x03) << 4) | ((p[n * 3 + 1] & 0xF0) >> 4); c = (p[n * 3 + 1] & 0x0F) << 2; - //The final unit of encoded output will be three characters followed - //by one "=" padding character - output[n * 4] = base64EncTable[a]; + // The final unit of encoded output will be three characters followed + // by one "=" padding character + output[n * 4] = base64EncTable[a]; output[n * 4 + 1] = base64EncTable[b]; output[n * 4 + 2] = base64EncTable[c]; output[n * 4 + 3] = '='; output[n * 4 + 4] = '\0'; } - //Length of the encoded string (excluding the terminating NULL) - if(outputLen != NULL) + // Length of the encoded string (excluding the terminating NULL) + if (outputLen != NULL) { *outputLen = n * 4 + 4; } } else { - //The final quantum of encoding input is an integral multiple of 24 bits - if(output != NULL) + // The final quantum of encoding input is an integral multiple of 24 bits + if (output != NULL) { - //The final unit of encoded output will be an integral multiple of 4 - //characters with no "=" padding + // The final unit of encoded output will be an integral multiple of 4 + // characters with no "=" padding output[n * 4] = '\0'; } - //Length of the encoded string (excluding the terminating NULL) - if(outputLen != NULL) + // Length of the encoded string (excluding the terminating NULL) + if (outputLen != NULL) { *outputLen = n * 4; } } - //If the output parameter is NULL, then the function calculates the - //length of the resulting Base64 string without copying any data - if(input != NULL && output != NULL) + // If the output parameter is NULL, then the function calculates the + // length of the resulting Base64 string without copying any data + if (input != NULL && output != NULL) { - //The input data is processed block by block - while(n-- > 0) + // The input data is processed block by block + while (n-- > 0) { - //Read input data + // Read input data a = (p[n * 3] & 0xFC) >> 2; b = ((p[n * 3] & 0x03) << 4) | ((p[n * 3 + 1] & 0xF0) >> 4); c = ((p[n * 3 + 1] & 0x0F) << 2) | ((p[n * 3 + 2] & 0xC0) >> 6); d = p[n * 3 + 2] & 0x3F; - //Map each 3-byte block to 4 printable characters using the Base64 - //character set - output[n * 4] = base64EncTable[a]; + // Map each 3-byte block to 4 printable characters using the Base64 + // character set + output[n * 4] = base64EncTable[a]; output[n * 4 + 1] = base64EncTable[b]; output[n * 4 + 2] = base64EncTable[c]; output[n * 4 + 3] = base64EncTable[d]; @@ -173,7 +165,6 @@ void base64Encode(const void* input, size_t inputLen, char_t* output, } } - /** * @brief Base64 decoding algorithm * @param[in] input Base64-encoded string @@ -183,130 +174,129 @@ void base64Encode(const void* input, size_t inputLen, char_t* output, * @return Error code **/ -int32_t base64Decode(const char_t* input, size_t inputLen, void* output, - size_t* outputLen) +int32_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t *outputLen) { - int32_t error; + int32_t error; uint32_t value; - uint_t c; - size_t i; - size_t j; - size_t n; - size_t padLen; - uint8_t* p; - - //Check parameters - if(input == NULL && inputLen != 0) + uint_t c; + size_t i; + size_t j; + size_t n; + size_t padLen; + uint8_t *p; + + // Check parameters + if (input == NULL && inputLen != 0) return ERROR_INVALID_PARAMETER; - if(outputLen == NULL) + if (outputLen == NULL) return ERROR_INVALID_PARAMETER; - //Initialize status code + // Initialize status code error = NO_ERROR; - //Point to the buffer where to write the decoded data - p = (uint8_t* ) output; + // Point to the buffer where to write the decoded data + p = (uint8_t *)output; - //Initialize variables - j = 0; - n = 0; - value = 0; + // Initialize variables + j = 0; + n = 0; + value = 0; padLen = 0; - //Process the Base64-encoded string - for(i = 0; i < inputLen && !error; i++) + // Process the Base64-encoded string + for (i = 0; i < inputLen && !error; i++) { - //Get current character - c = (uint_t) input[i]; + // Get current character + c = (uint_t)input[i]; - //Check the value of the current character - if(c == '\r' || c == '\n') + // Check the value of the current character + if (c == '\r' || c == '\n') { - //CR and LF characters should be ignored + // CR and LF characters should be ignored } - else if(c == '=') + else if (c == '=') { - //Increment the number of pad characters + // Increment the number of pad characters padLen++; } - else if(c < 128 && base64DecTable[c] < 64 && padLen == 0) + else if (c < 128 && base64DecTable[c] < 64 && padLen == 0) { - //Decode the current character + // Decode the current character value = (value << 6) | base64DecTable[c]; - //Divide the input stream into blocks of 4 characters - if(++j == 4) + // Divide the input stream into blocks of 4 characters + if (++j == 4) { - //Map each 4-character block to 3 bytes - if(p != NULL) + // Map each 4-character block to 3 bytes + if (p != NULL) { - p[n] = (value >> 16) & 0xFF; + p[n] = (value >> 16) & 0xFF; p[n + 1] = (value >> 8) & 0xFF; p[n + 2] = value & 0xFF; } - //Adjust the length of the decoded data + // Adjust the length of the decoded data n += 3; - //Decode next block - j = 0; + // Decode next block + j = 0; value = 0; } } else { - //Implementations must reject the encoded data if it contains - //characters outside the base alphabet (refer to RFC 4648, - //section 3.3) + // Implementations must reject the encoded data if it contains + // characters outside the base alphabet (refer to RFC 4648, + // section 3.3) error = ERROR_INVALID_CHARACTER; } } - //Check status code - if(!error) + // Check status code + if (!error) { - //Check the number of pad characters - if(padLen == 0 && j == 0) + // Check the number of pad characters + if (padLen == 0 && j == 0) { - //No pad characters in this case + // No pad characters in this case } - else if(padLen == 1 && j == 3) + else if (padLen == 1 && j == 3) { - //The "=" sequence indicates that the last block contains only 2 bytes - if(p != NULL) + // The "=" sequence indicates that the last block contains only 2 bytes + if (p != NULL) { - //Decode the last two bytes - p[n] = (value >> 10) & 0xFF; + // Decode the last two bytes + p[n] = (value >> 10) & 0xFF; p[n + 1] = (value >> 2) & 0xFF; } - //Adjust the length of the decoded data + // Adjust the length of the decoded data n += 2; } - else if(padLen == 2 && j == 2) + else if (padLen == 2 && j == 2) { - //The "==" sequence indicates that the last block contains only 1 byte - if(p != NULL) + // The "==" sequence indicates that the last block contains only 1 byte + if (p != NULL) { - //Decode the last byte + // Decode the last byte p[n] = (value >> 4) & 0xFF; } - //Adjust the length of the decoded data + // Adjust the length of the decoded data n++; - //Skip trailing pad characters + // Skip trailing pad characters i++; } else { - //The length of the input string must be a multiple of 4 + // The length of the input string must be a multiple of 4 error = ERROR_INVALID_LENGTH; } } - //Total number of bytes that have been written + // Total number of bytes that have been written *outputLen = n; - //Return status code + // Return status code return error; } diff --git a/src/crypto/kmc/base64.h b/src/crypto/kmc/base64.h index 5d21290c..ca7407f0 100644 --- a/src/crypto/kmc/base64.h +++ b/src/crypto/kmc/base64.h @@ -35,29 +35,28 @@ #include #include -//C++ guard +// C++ guard #ifdef __cplusplus -extern "C" { +extern "C" +{ #endif -typedef char char_t; -typedef unsigned int uint_t; + typedef char char_t; + typedef unsigned int uint_t; -//Base64 encoding related functions -void base64Encode(const void* input, size_t inputLen, char_t* output, - size_t* outputLen); + // Base64 encoding related functions + void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *outputLen); -int32_t base64Decode(const char_t* input, size_t inputLen, void* output, - size_t* outputLen); + int32_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t *outputLen); #define ERROR_INVALID_PARAMETER 21 -#define ERROR_INVALID_LENGTH 22 +#define ERROR_INVALID_LENGTH 22 #define ERROR_INVALID_CHARACTER 23 -#define NO_ERROR 0 +#define NO_ERROR 0 -//C++ guard +// C++ guard #ifdef __cplusplus } #endif -#endif //BASE64_H \ No newline at end of file +#endif // BASE64_H \ No newline at end of file diff --git a/src/crypto/kmc/base64url.c b/src/crypto/kmc/base64url.c index dd2acaed..553daec1 100644 --- a/src/crypto/kmc/base64url.c +++ b/src/crypto/kmc/base64url.c @@ -30,31 +30,24 @@ // https://www.oryx-embedded.com/doc/base64url_8c_source.html -//Dependencies +// Dependencies #include "base64url.h" -//Base64url encoding table -static const char_t base64urlEncTable[64] = - { - 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', - 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', - 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', - 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-', '_' - }; - -//Base64url decoding table -static const uint8_t base64urlDecTable[128] = - { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, - 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, - 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, 0x3F, - 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, - 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF - }; - +// Base64url encoding table +static const char_t base64urlEncTable[64] = { + 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', + 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', + 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-', '_'}; + +// Base64url decoding table +static const uint8_t base64urlDecTable[128] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, + 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, + 0x3F, 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, + 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; /** * @brief Base64url encoding algorithm @@ -64,101 +57,100 @@ static const uint8_t base64urlDecTable[128] = * @param[out] outputLen Length of the encoded string (optional parameter) **/ -void base64urlEncode(const void* input, size_t inputLen, char_t* output, - size_t* outputLen) +void base64urlEncode(const void *input, size_t inputLen, char_t *output, size_t *outputLen) { - size_t n; - uint8_t a; - uint8_t b; - uint8_t c; - uint8_t d; - const uint8_t* p; + size_t n; + uint8_t a; + uint8_t b; + uint8_t c; + uint8_t d; + const uint8_t *p; - //Point to the first byte of the input data - p = (const uint8_t* ) input; + // Point to the first byte of the input data + p = (const uint8_t *)input; - //Divide the input stream into blocks of 3 bytes + // Divide the input stream into blocks of 3 bytes n = inputLen / 3; - //A full encoding quantum is always completed at the end of a quantity - if(inputLen == (n * 3 + 1)) + // A full encoding quantum is always completed at the end of a quantity + if (inputLen == (n * 3 + 1)) { - //The final quantum of encoding input is exactly 8 bits - if(input != NULL && output != NULL) + // The final quantum of encoding input is exactly 8 bits + if (input != NULL && output != NULL) { - //Read input data + // Read input data a = (p[n * 3] & 0xFC) >> 2; b = (p[n * 3] & 0x03) << 4; - //The final unit of encoded output will be two characters - output[n * 4] = base64urlEncTable[a]; + // The final unit of encoded output will be two characters + output[n * 4] = base64urlEncTable[a]; output[n * 4 + 1] = base64urlEncTable[b]; output[n * 4 + 2] = '\0'; } - //Length of the encoded string (excluding the terminating NULL) - if(outputLen != NULL) + // Length of the encoded string (excluding the terminating NULL) + if (outputLen != NULL) { *outputLen = n * 4 + 2; } } - else if(inputLen == (n * 3 + 2)) + else if (inputLen == (n * 3 + 2)) { - //The final quantum of encoding input is exactly 16 bits - if(input != NULL && output != NULL) + // The final quantum of encoding input is exactly 16 bits + if (input != NULL && output != NULL) { - //Read input data + // Read input data a = (p[n * 3] & 0xFC) >> 2; b = ((p[n * 3] & 0x03) << 4) | ((p[n * 3 + 1] & 0xF0) >> 4); c = (p[n * 3 + 1] & 0x0F) << 2; - //The final unit of encoded output will be three characters followed - //by one "=" padding character - output[n * 4] = base64urlEncTable[a]; + // The final unit of encoded output will be three characters followed + // by one "=" padding character + output[n * 4] = base64urlEncTable[a]; output[n * 4 + 1] = base64urlEncTable[b]; output[n * 4 + 2] = base64urlEncTable[c]; output[n * 4 + 3] = '\0'; } - //Length of the encoded string (excluding the terminating NULL) - if(outputLen != NULL) + // Length of the encoded string (excluding the terminating NULL) + if (outputLen != NULL) { *outputLen = n * 4 + 3; } } else { - //The final quantum of encoding input is an integral multiple of 24 bits - if(output != NULL) + // The final quantum of encoding input is an integral multiple of 24 bits + if (output != NULL) { - //The final unit of encoded output will be an integral multiple of 4 - //characters + // The final unit of encoded output will be an integral multiple of 4 + // characters output[n * 4] = '\0'; } - //Length of the encoded string (excluding the terminating NULL) - if(outputLen != NULL) + // Length of the encoded string (excluding the terminating NULL) + if (outputLen != NULL) { *outputLen = n * 4; } } - //If the output parameter is NULL, then the function calculates the - //length of the resulting Base64url string without copying any data - if(input != NULL && output != NULL) + // If the output parameter is NULL, then the function calculates the + // length of the resulting Base64url string without copying any data + if (input != NULL && output != NULL) { - //The input data is processed block by block - while(n-- > 0) + // The input data is processed block by block + while (n-- > 0) { - //Read input data + // Read input data a = (p[n * 3] & 0xFC) >> 2; b = ((p[n * 3] & 0x03) << 4) | ((p[n * 3 + 1] & 0xF0) >> 4); c = ((p[n * 3 + 1] & 0x0F) << 2) | ((p[n * 3 + 2] & 0xC0) >> 6); d = p[n * 3 + 2] & 0x3F; - //Map each 3-byte block to 4 printable characters using the Base64url - //character set - output[n * 4] = base64urlEncTable[a]; + // Map each 3-byte block to 4 printable characters using the Base64url + // character set + output[n * 4] = base64urlEncTable[a]; output[n * 4 + 1] = base64urlEncTable[b]; output[n * 4 + 2] = base64urlEncTable[c]; output[n * 4 + 3] = base64urlEncTable[d]; @@ -166,38 +158,37 @@ void base64urlEncode(const void* input, size_t inputLen, char_t* output, } } - -void base64urlDecode_rempadding(size_t inputLen, uint32_t value, size_t *n, uint8_t* p) +void base64urlDecode_rempadding(size_t inputLen, uint32_t value, size_t *n, uint8_t *p) { - //All trailing pad characters are omitted in Base64url - if((inputLen % 4) == 2) + // All trailing pad characters are omitted in Base64url + if ((inputLen % 4) == 2) { - //The last block contains only 1 byte - if(p != NULL) + // The last block contains only 1 byte + if (p != NULL) { - //Decode the last byte + // Decode the last byte p[*n] = (value >> 4) & 0xFF; } - //Adjust the length of the decoded data + // Adjust the length of the decoded data *n = *n + 1; } - else if((inputLen % 4) == 3) + else if ((inputLen % 4) == 3) { - //The last block contains only 2 bytes - if(p != NULL) + // The last block contains only 2 bytes + if (p != NULL) { - //Decode the last two bytes - p[*n] = (value >> 10) & 0xFF; + // Decode the last two bytes + p[*n] = (value >> 10) & 0xFF; p[*n + 1] = (value >> 2) & 0xFF; } - //Adjust the length of the decoded data + // Adjust the length of the decoded data *n = *n + 2; } else { - //No pad characters in this case + // No pad characters in this case } } @@ -210,88 +201,87 @@ void base64urlDecode_rempadding(size_t inputLen, uint32_t value, size_t *n, uint * @return Error code **/ -int32_t base64urlDecode(const char_t* input, size_t inputLen, void* output, - size_t* outputLen) +int32_t base64urlDecode(const char_t *input, size_t inputLen, void *output, size_t *outputLen) { - int32_t error; + int32_t error; uint32_t value; - uint_t c; - size_t i; - size_t n; - uint8_t* p; + uint_t c; + size_t i; + size_t n; + uint8_t *p; // This function does not handle equals signs at the end of base64 encoded output! - while(input[inputLen-1] == '=') + while (input[inputLen - 1] == '=') { inputLen--; } - //Check parameters - if(input == NULL && inputLen != 0) + // Check parameters + if (input == NULL && inputLen != 0) return ERROR_INVALID_PARAMETER; - if(outputLen == NULL) + if (outputLen == NULL) return ERROR_INVALID_PARAMETER; - //Check the length of the input string - if((inputLen % 4) == 1) + // Check the length of the input string + if ((inputLen % 4) == 1) return ERROR_INVALID_LENGTH; - //Initialize status code + // Initialize status code error = NO_ERROR; - //Point to the buffer where to write the decoded data - p = (uint8_t* ) output; + // Point to the buffer where to write the decoded data + p = (uint8_t *)output; - //Initialize variables - n = 0; + // Initialize variables + n = 0; value = 0; - //Process the Base64url-encoded string - for(i = 0; i < inputLen && !error; i++) + // Process the Base64url-encoded string + for (i = 0; i < inputLen && !error; i++) { - //Get current character - c = (uint_t) input[i]; + // Get current character + c = (uint_t)input[i]; - //Check the value of the current character - if(c < 128 && base64urlDecTable[c] < 64) + // Check the value of the current character + if (c < 128 && base64urlDecTable[c] < 64) { - //Decode the current character + // Decode the current character value = (value << 6) | base64urlDecTable[c]; - //Divide the input stream into blocks of 4 characters - if((i % 4) == 3) + // Divide the input stream into blocks of 4 characters + if ((i % 4) == 3) { - //Map each 4-character block to 3 bytes - if(p != NULL) + // Map each 4-character block to 3 bytes + if (p != NULL) { - p[n] = (value >> 16) & 0xFF; + p[n] = (value >> 16) & 0xFF; p[n + 1] = (value >> 8) & 0xFF; p[n + 2] = value & 0xFF; } - //Adjust the length of the decoded data + // Adjust the length of the decoded data n += 3; - //Decode next block + // Decode next block value = 0; } } else { - //Implementations must reject the encoded data if it contains - //characters outside the base alphabet + // Implementations must reject the encoded data if it contains + // characters outside the base alphabet error = ERROR_INVALID_CHARACTER; } } - //Check status code - if(!error) + // Check status code + if (!error) { - base64urlDecode_rempadding(inputLen,value, &n, p); + base64urlDecode_rempadding(inputLen, value, &n, p); } - //Total number of bytes that have been written + // Total number of bytes that have been written *outputLen = n; - //Return status code + // Return status code return error; } diff --git a/src/crypto/kmc/base64url.h b/src/crypto/kmc/base64url.h index cf06f744..16bea66c 100644 --- a/src/crypto/kmc/base64url.h +++ b/src/crypto/kmc/base64url.h @@ -37,36 +37,35 @@ #include #include -//C++ guard +// C++ guard #ifdef __cplusplus -extern "C" { +extern "C" +{ #endif -typedef char char_t; -typedef unsigned int uint_t; + typedef char char_t; + typedef unsigned int uint_t; -//Base64 encoding related functions -void base64urlEncode(const void* input, size_t inputLen, char_t* output, - size_t* outputLen); + // Base64 encoding related functions + void base64urlEncode(const void *input, size_t inputLen, char_t *output, size_t *outputLen); -int32_t base64urlDecode(const char_t* input, size_t inputLen, void* output, - size_t* outputLen); + int32_t base64urlDecode(const char_t *input, size_t inputLen, void *output, size_t *outputLen); #define ERROR_INVALID_PARAMETER 21 -#define ERROR_INVALID_LENGTH 22 +#define ERROR_INVALID_LENGTH 22 #define ERROR_INVALID_CHARACTER 23 -#define NO_ERROR 0 +#define NO_ERROR 0 // https://stackoverflow.com/questions/13378815/base64-length-calculation // calculate the size of 'output' buffer required for a 'input' buffer of length x during Base64 encoding operation -#define B64ENCODE_OUT_SAFESIZE(x) ((((x) + 3 - 1)/3) * 4 + 1) +#define B64ENCODE_OUT_SAFESIZE(x) ((((x) + 3 - 1) / 3) * 4 + 1) // calculate the size of 'output' buffer required for a 'input' buffer of length x during Base64 decoding operation -#define B64DECODE_OUT_SAFESIZE(x) (((x)*3)/4) +#define B64DECODE_OUT_SAFESIZE(x) (((x)*3) / 4) -//C++ guard +// C++ guard #ifdef __cplusplus } #endif -#endif //BASE64URL_H \ No newline at end of file +#endif // BASE64URL_H \ No newline at end of file diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index 330ae3ec..20833e2c 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -30,13 +30,15 @@ #define CAM_MAX_AUTH_RETRIES 4 // libcurl call-back response handling Structures -typedef struct { - char* response; +typedef struct +{ + char *response; size_t size; } memory_write; #define MEMORY_WRITE_SIZE (sizeof(memory_write)) -typedef struct { - char* response; +typedef struct +{ + char *response; size_t size; } memory_read; #define MEMORY_READ_SIZE (sizeof(memory_read)) @@ -46,116 +48,99 @@ static int32_t cryptography_config(void); static int32_t cryptography_init(void); static int32_t cryptography_shutdown(void); // Cryptography Interface Functions -static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len,uint8_t* ecs, uint8_t padding, char* cam_cookies); -static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* ecs, uint8_t* acs, char* cam_cookies); -static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies); -static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t len_data_out, - const uint8_t* data_in, const size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - const uint8_t* iv, uint32_t iv_len, - const uint8_t* mac, uint32_t mac_size, - const uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies); -static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t encrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies); -static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t decrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies); +static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t padding, char *cam_cookies); +static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t *acs, char *cam_cookies); +static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies); +static int32_t cryptography_validate_authentication(uint8_t *data_out, size_t len_data_out, const uint8_t *data_in, + const size_t len_data_in, uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, const uint8_t *iv, uint32_t iv_len, + const uint8_t *mac, uint32_t mac_size, const uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies); +static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t encrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies); +static int32_t cryptography_aead_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t decrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies); static int32_t cryptography_get_acs_algo(int8_t algo_enum); static int32_t cryptography_get_ecs_algo(int8_t algo_enum); -//Local support functions -static int32_t get_auth_algorithm_from_acs(uint8_t acs_enum, const char** algo_ptr); +// Local support functions +static int32_t get_auth_algorithm_from_acs(uint8_t acs_enum, const char **algo_ptr); static int32_t get_cam_sso_token(void); static int32_t initialize_kerberos_keytab_file_login(void); -static int32_t curl_perform_with_cam_retries(CURL* curl_handle,memory_write* chunk_write, memory_read* chunk_read); +static int32_t curl_perform_with_cam_retries(CURL *curl_handle, memory_write *chunk_write, memory_read *chunk_read); // libcurl call back and support function declarations -static int32_t configure_curl_connect_opts(CURL* curl, char* cam_cookies); -static int32_t handle_cam_cookies(CURL* curl,char* cam_cookies); -static int32_t curl_response_error_check(CURL* curl, char* response); -static size_t write_callback(void* data, size_t size, size_t nmemb, void* userp); -static size_t read_callback(char* dest, size_t size, size_t nmemb, void* userp); -static char* int_to_str(uint32_t int_src, uint32_t* converted_str_length); -static int jsoneq(const char* json, jsmntok_t* tok, const char* s); - +static int32_t configure_curl_connect_opts(CURL *curl, char *cam_cookies); +static int32_t handle_cam_cookies(CURL *curl, char *cam_cookies); +static int32_t curl_response_error_check(CURL *curl, char *response); +static size_t write_callback(void *data, size_t size, size_t nmemb, void *userp); +static size_t read_callback(char *dest, size_t size, size_t nmemb, void *userp); +static char *int_to_str(uint32_t int_src, uint32_t *converted_str_length); +static int jsoneq(const char *json, jsmntok_t *tok, const char *s); /* ** Module Variables */ // Cryptography Interface static CryptographyInterfaceStruct cryptography_if_struct; -static CURL* curl; -struct curl_slist *http_headers_list; +static CURL *curl; +struct curl_slist *http_headers_list; // KMC Crypto Service Endpoints -static char* kmc_root_uri; -//static const char* status_endpoint = "/status"; -static const char* encrypt_endpoint = "encrypt?keyRef=%s&transformation=%s&iv=%s"; -static const char* encrypt_endpoint_null_iv = "encrypt?keyRef=%s&transformation=%s"; -static const char* encrypt_offset_endpoint = "encrypt?keyRef=%s&transformation=%s&iv=%s&encryptOffset=%s&macLength=%s"; -static const char* encrypt_offset_endpoint_null_iv = "encrypt?keyRef=%s&transformation=%s&encryptOffset=%s&macLength=%s"; -static const char* decrypt_endpoint = "decrypt?metadata=keyLength:%s,keyRef:%s,cipherTransformation:%s,initialVector:%s,cryptoAlgorithm:%s,metadataType:EncryptionMetadata"; -static const char* decrypt_offset_endpoint = "decrypt?metadata=keyLength:%s,keyRef:%s,cipherTransformation:%s,initialVector:%s,cryptoAlgorithm:%s,macLength:%s,metadataType:EncryptionMetadata,encryptOffset:%s"; -static const char* icv_create_endpoint = "icv-create?keyRef=%s"; -static const char* icv_verify_endpoint = "icv-verify?metadata=integrityCheckValue:%s,keyRef:%s,cryptoAlgorithm:%s,macLength:%s,metadataType:IntegrityCheckMetadata"; +static char *kmc_root_uri; +// static const char* status_endpoint = "/status"; +static const char *encrypt_endpoint = "encrypt?keyRef=%s&transformation=%s&iv=%s"; +static const char *encrypt_endpoint_null_iv = "encrypt?keyRef=%s&transformation=%s"; +static const char *encrypt_offset_endpoint = "encrypt?keyRef=%s&transformation=%s&iv=%s&encryptOffset=%s&macLength=%s"; +static const char *encrypt_offset_endpoint_null_iv = + "encrypt?keyRef=%s&transformation=%s&encryptOffset=%s&macLength=%s"; +static const char *decrypt_endpoint = "decrypt?metadata=keyLength:%s,keyRef:%s,cipherTransformation:%s,initialVector:%" + "s,cryptoAlgorithm:%s,metadataType:EncryptionMetadata"; +static const char *decrypt_offset_endpoint = + "decrypt?metadata=keyLength:%s,keyRef:%s,cipherTransformation:%s,initialVector:%s,cryptoAlgorithm:%s,macLength:%s," + "metadataType:EncryptionMetadata,encryptOffset:%s"; +static const char *icv_create_endpoint = "icv-create?keyRef=%s"; +static const char *icv_verify_endpoint = "icv-verify?metadata=integrityCheckValue:%s,keyRef:%s,cryptoAlgorithm:%s," + "macLength:%s,metadataType:IntegrityCheckMetadata"; // CAM Security Endpoints -static const char* cam_kerberos_uri = "%s/cam-api/ssoToken?loginMethod=kerberos"; +static const char *cam_kerberos_uri = "%s/cam-api/ssoToken?loginMethod=kerberos"; // Supported KMC Cipher Transformation Strings -static const char* AES_GCM_TRANSFORMATION="AES/GCM/NoPadding"; -static const char* AES_CBC_TRANSFORMATION="AES/CBC/PKCS5Padding"; -static const char* AES_CRYPTO_ALGORITHM="AES"; -//static const char* AES_CBC_TRANSFORMATION="AES/CBC/PKCS5Padding"; -static const char* AES_CMAC_TRANSFORMATION="AESCMAC"; -static const char* HMAC_SHA256="HmacSHA256"; -static const char* HMAC_SHA512="HmacSHA512"; -//static const char* AES_DES_CMAC_TRANSFORMATION="DESedeCMAC"; - +static const char *AES_GCM_TRANSFORMATION = "AES/GCM/NoPadding"; +static const char *AES_CBC_TRANSFORMATION = "AES/CBC/PKCS5Padding"; +static const char *AES_CRYPTO_ALGORITHM = "AES"; +// static const char* AES_CBC_TRANSFORMATION="AES/CBC/PKCS5Padding"; +static const char *AES_CMAC_TRANSFORMATION = "AESCMAC"; +static const char *HMAC_SHA256 = "HmacSHA256"; +static const char *HMAC_SHA512 = "HmacSHA512"; +// static const char* AES_DES_CMAC_TRANSFORMATION="DESedeCMAC"; CryptographyInterface get_cryptography_interface_kmc_crypto_service(void) { - cryptography_if_struct.cryptography_config = cryptography_config; - cryptography_if_struct.cryptography_init = cryptography_init; - cryptography_if_struct.cryptography_shutdown = cryptography_shutdown; - cryptography_if_struct.cryptography_encrypt = cryptography_encrypt; - cryptography_if_struct.cryptography_decrypt = cryptography_decrypt; - cryptography_if_struct.cryptography_authenticate = cryptography_authenticate; + cryptography_if_struct.cryptography_config = cryptography_config; + cryptography_if_struct.cryptography_init = cryptography_init; + cryptography_if_struct.cryptography_shutdown = cryptography_shutdown; + cryptography_if_struct.cryptography_encrypt = cryptography_encrypt; + cryptography_if_struct.cryptography_decrypt = cryptography_decrypt; + cryptography_if_struct.cryptography_authenticate = cryptography_authenticate; cryptography_if_struct.cryptography_validate_authentication = cryptography_validate_authentication; - cryptography_if_struct.cryptography_aead_encrypt = cryptography_aead_encrypt; - cryptography_if_struct.cryptography_aead_decrypt = cryptography_aead_decrypt; - cryptography_if_struct.cryptography_get_acs_algo = cryptography_get_acs_algo; - cryptography_if_struct.cryptography_get_ecs_algo = cryptography_get_ecs_algo; + cryptography_if_struct.cryptography_aead_encrypt = cryptography_aead_encrypt; + cryptography_if_struct.cryptography_aead_decrypt = cryptography_aead_decrypt; + cryptography_if_struct.cryptography_get_acs_algo = cryptography_get_acs_algo; + cryptography_if_struct.cryptography_get_ecs_algo = cryptography_get_ecs_algo; return &cryptography_if_struct; } @@ -164,93 +149,94 @@ static int32_t cryptography_config(void) int32_t status = CRYPTO_LIB_SUCCESS; // Error out if Crypto_Config_Kmc_Crypto_Service(...) function was not called before intializing library. - if(cryptography_kmc_crypto_config == NULL) + if (cryptography_kmc_crypto_config == NULL) { fprintf(stderr, "You must configure the KMC Crypto Service before starting the interface!\n"); status = CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIGURATION_NOT_COMPLETE; return status; } - if(curl) + if (curl) { - //Determine length of port and convert to string for use in URL + // Determine length of port and convert to string for use in URL uint32_t port_str_len = 0; - char* port_str = int_to_str(cryptography_kmc_crypto_config->kmc_crypto_port, &port_str_len); + char *port_str = int_to_str(cryptography_kmc_crypto_config->kmc_crypto_port, &port_str_len); // Form Root URI - //len(protocol)+len(://)+len(hostname)+ len(:) + len(port_str) + len(/) + len(app_uri) + strlen('\0') - uint32_t len_root_uri = strlen(cryptography_kmc_crypto_config->protocol) + 3 + // "://" - strlen(cryptography_kmc_crypto_config->kmc_crypto_hostname) + 1 + // ":" - port_str_len + 1 + // "/" - strlen(cryptography_kmc_crypto_config->kmc_crypto_app_uri) + 2; // "/\0" + // len(protocol)+len(://)+len(hostname)+ len(:) + len(port_str) + len(/) + len(app_uri) + strlen('\0') + uint32_t len_root_uri = strlen(cryptography_kmc_crypto_config->protocol) + 3 + // "://" + strlen(cryptography_kmc_crypto_config->kmc_crypto_hostname) + 1 + // ":" + port_str_len + 1 + // "/" + strlen(cryptography_kmc_crypto_config->kmc_crypto_app_uri) + 2; // "/\0" kmc_root_uri = malloc(len_root_uri); - snprintf(kmc_root_uri,len_root_uri,"%s://%s:%s/%s/",cryptography_kmc_crypto_config->protocol, + snprintf(kmc_root_uri, len_root_uri, "%s://%s:%s/%s/", cryptography_kmc_crypto_config->protocol, cryptography_kmc_crypto_config->kmc_crypto_hostname, port_str, cryptography_kmc_crypto_config->kmc_crypto_app_uri); free(port_str); - //KMC Crypto Service status check is impossible in certain CAM configs, commenting it out. - // Also, when this library is started up (EG by SDLS service), there's no guarantee the Crypto Service is available at config time. - //char* status_uri = (char*) malloc(strlen(kmc_root_uri)+strlen(status_endpoint) + 1); - //status_uri[0] = '\0'; - //strcat(status_uri, kmc_root_uri); - //strcat(status_uri, status_endpoint); + // KMC Crypto Service status check is impossible in certain CAM configs, commenting it out. + // Also, when this library is started up (EG by SDLS service), there's no guarantee the Crypto Service is + // available at config time. + // char* status_uri = (char*) malloc(strlen(kmc_root_uri)+strlen(status_endpoint) + 1); + // status_uri[0] = '\0'; + // strcat(status_uri, kmc_root_uri); + // strcat(status_uri, status_endpoint); #ifdef DEBUG printf("Setting up cURL connection to KMC Crypto Service with Params:\n"); - printf("\tKMC Root URI: %s\n",kmc_root_uri); - //printf("\tKMC Status URL: %s\n",status_uri); - //printf("\tPort: %d\n",cryptography_kmc_crypto_config->kmc_crypto_port); - printf("\tSSL Client Cert: %s\n",cryptography_kmc_crypto_config->mtls_client_cert_path); - printf("\tSSL Client Key: %s\n",cryptography_kmc_crypto_config->mtls_client_key_path); - printf("\tSSL CA Bundle: %s\n",cryptography_kmc_crypto_config->mtls_ca_bundle); -#endif - //status = configure_curl_connect_opts(curl, NULL); - //if(status != CRYPTO_LIB_SUCCESS) + printf("\tKMC Root URI: %s\n", kmc_root_uri); + // printf("\tKMC Status URL: %s\n",status_uri); + // printf("\tPort: %d\n",cryptography_kmc_crypto_config->kmc_crypto_port); + printf("\tSSL Client Cert: %s\n", cryptography_kmc_crypto_config->mtls_client_cert_path); + printf("\tSSL Client Key: %s\n", cryptography_kmc_crypto_config->mtls_client_key_path); + printf("\tSSL CA Bundle: %s\n", cryptography_kmc_crypto_config->mtls_ca_bundle); +#endif + // status = configure_curl_connect_opts(curl, NULL); + // if(status != CRYPTO_LIB_SUCCESS) //{ - // return status; - //} - //curl_easy_setopt(curl, CURLOPT_URL, status_uri); + // return status; + // } + // curl_easy_setopt(curl, CURLOPT_URL, status_uri); - //memory_write* chunk = calloc(1,MEMORY_WRITE_SIZE); + // memory_write* chunk = calloc(1,MEMORY_WRITE_SIZE); ///* send all data to this function */ - //curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback); + // curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback); ///* we pass our 'chunk' struct to the callback function */ - //curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void* )chunk); + // curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void* )chunk); - //CURLcode res; - //res = curl_easy_perform(curl); + // CURLcode res; + // res = curl_easy_perform(curl); - //if(res != CURLE_OK) // This is not return code, this is successful response! + // if(res != CURLE_OK) // This is not return code, this is successful response! //{ - // status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_CONNECTION_ERROR; - // fprintf(stderr, "curl_easy_perform() failed: %s\n", - // curl_easy_strerror(res)); - // free(status_uri); - // free(kmc_root_uri); - // return status; - //} - - //if(chunk->response == NULL) // No response, possibly because service is CAM secured. + // status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_CONNECTION_ERROR; + // fprintf(stderr, "curl_easy_perform() failed: %s\n", + // curl_easy_strerror(res)); + // free(status_uri); + // free(kmc_root_uri); + // return status; + // } + + // if(chunk->response == NULL) // No response, possibly because service is CAM secured. //{ - // status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE; - // fprintf(stderr, "curl_easy_perform() unexpected empty response: \n%s\n", - // "Empty Crypto Service response can be caused by CAM security, is CAM configured?"); - // free(status_uri); - // return status; - //} - -//#ifdef DEBUG -// printf("cURL response:\n\t %s\n",chunk->response); -//#endif - //free(status_uri); + // status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE; + // fprintf(stderr, "curl_easy_perform() unexpected empty response: \n%s\n", + // "Empty Crypto Service response can be caused by CAM security, is CAM configured?"); + // free(status_uri); + // return status; + // } + + //#ifdef DEBUG + // printf("cURL response:\n\t %s\n",chunk->response); + //#endif + // free(status_uri); } return status; } static int32_t cryptography_init(void) { int32_t status = CRYPTO_LIB_SUCCESS; - curl = curl_easy_init(); + curl = curl_easy_init(); curl_global_init(CURL_GLOBAL_ALL); http_headers_list = NULL; // Prepare HTTP headers list @@ -259,7 +245,8 @@ static int32_t cryptography_init(void) // curl_slist_append(http_headers_list, "Content-Type: application/json"); // http_headers_list = curl_slist_append(http_headers_list, "charset: utf-8"); - if(curl == NULL) { + if (curl == NULL) + { status = CRYPTOGRAPHY_KMC_CURL_INITIALIZATION_FAILURE; } kmc_root_uri = NULL; @@ -267,90 +254,96 @@ static int32_t cryptography_init(void) } static int32_t cryptography_shutdown(void) { - if(curl){ - curl_easy_cleanup(curl); - curl_global_cleanup(); - } - if(http_headers_list != NULL){ - curl_slist_free_all(http_headers_list); - } - if(kmc_root_uri != NULL){ + if (curl) + { + curl_easy_cleanup(curl); + curl_global_cleanup(); + } + if (http_headers_list != NULL) + { + curl_slist_free_all(http_headers_list); + } + if (kmc_root_uri != NULL) + { free(kmc_root_uri); } return CRYPTO_LIB_SUCCESS; } -static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* ecs, uint8_t padding, - char* cam_cookies) -{ +static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t padding, char *cam_cookies) +{ int32_t status = CRYPTO_LIB_SUCCESS; - key = key; // Direct key input is not supported in KMC interface - len_key = len_key; // Direct key input is not supported in KMC interface - + key = key; // Direct key input is not supported in KMC interface + len_key = len_key; // Direct key input is not supported in KMC interface + // Remove pre-padding to block (KMC does not want it) - if(*ecs == CRYPTO_CIPHER_AES256_CBC && padding > 0) + if (*ecs == CRYPTO_CIPHER_AES256_CBC && padding > 0) { len_data_in = len_data_in - padding; } - #ifdef DEBUG +#ifdef DEBUG printf("PADLENGTH FIELD: 0x%02x\n", *(data_in - sa_ptr->shplf_len)); - #endif +#endif curl_easy_reset(curl); status = configure_curl_connect_opts(curl, cam_cookies); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } // Base64 URL encode IV for KMC REST Encrypt - char* iv_base64 = (char*)calloc(1,B64ENCODE_OUT_SAFESIZE(iv_len)+1); - if(iv != NULL) base64urlEncode(iv,iv_len,iv_base64,NULL); + char *iv_base64 = (char *)calloc(1, B64ENCODE_OUT_SAFESIZE(iv_len) + 1); + if (iv != NULL) + base64urlEncode(iv, iv_len, iv_base64, NULL); - uint8_t* encrypt_payload = data_in; - size_t encrypt_payload_len = len_data_in; + uint8_t *encrypt_payload = data_in; + size_t encrypt_payload_len = len_data_in; #ifdef DEBUG - printf("IV Base64 URL Encoded: %s\n",iv_base64); + printf("IV Base64 URL Encoded: %s\n", iv_base64); #endif - if(sa_ptr->ek_ref[0] == '\0') + if (sa_ptr->ek_ref[0] == '\0') { status = CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA; return status; } - char* encrypt_uri; - - int len_encrypt_endpoint = strlen(encrypt_endpoint)+strlen(sa_ptr->ek_ref)+strlen(iv_base64)+strlen(AES_CBC_TRANSFORMATION); - char* encrypt_endpoint_final = (char*) malloc(len_encrypt_endpoint); - if(iv == NULL){ - snprintf(encrypt_endpoint_final,len_encrypt_endpoint,encrypt_endpoint_null_iv,sa_ptr->ek_ref,AES_CBC_TRANSFORMATION); + char *encrypt_uri; + + int len_encrypt_endpoint = + strlen(encrypt_endpoint) + strlen(sa_ptr->ek_ref) + strlen(iv_base64) + strlen(AES_CBC_TRANSFORMATION); + char *encrypt_endpoint_final = (char *)malloc(len_encrypt_endpoint); + if (iv == NULL) + { + snprintf(encrypt_endpoint_final, len_encrypt_endpoint, encrypt_endpoint_null_iv, sa_ptr->ek_ref, + AES_CBC_TRANSFORMATION); } - else{ - snprintf(encrypt_endpoint_final,len_encrypt_endpoint,encrypt_endpoint,sa_ptr->ek_ref,AES_CBC_TRANSFORMATION, iv_base64); + else + { + snprintf(encrypt_endpoint_final, len_encrypt_endpoint, encrypt_endpoint, sa_ptr->ek_ref, AES_CBC_TRANSFORMATION, + iv_base64); } - encrypt_uri = (char*) malloc(strlen(kmc_root_uri)+len_encrypt_endpoint); + encrypt_uri = (char *)malloc(strlen(kmc_root_uri) + len_encrypt_endpoint); encrypt_uri[0] = '\0'; strcat(encrypt_uri, kmc_root_uri); strcat(encrypt_uri, encrypt_endpoint_final); - + #ifdef DEBUG - printf("Encrypt URI: %s\n",encrypt_uri); + printf("Encrypt URI: %s\n", encrypt_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, encrypt_uri); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); - memory_write* chunk_write = (memory_write*) calloc(1,MEMORY_WRITE_SIZE); - memory_read* chunk_read = (memory_read*) calloc(1,MEMORY_READ_SIZE);; + memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); + memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); + ; /* Configure CURL for POST */ curl_easy_setopt(curl, CURLOPT_POST, 1L); /* send all data to this function */ @@ -362,13 +355,13 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, curl_easy_setopt(curl, CURLOPT_WRITEDATA, chunk_write); /* size of the POST data */ - curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long) encrypt_payload_len); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)encrypt_payload_len); /* binary data */ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, encrypt_payload); #ifdef DEBUG printf("Data to Encrypt: \n"); - for (uint32_t i=0; i < encrypt_payload_len; i++) + for (uint32_t i = 0; i < encrypt_payload_len; i++) { printf("%02x ", encrypt_payload[i]); } @@ -376,7 +369,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, #endif status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } @@ -385,74 +378,76 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, // Parse the JSON string response jsmn_parser p; - jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ + jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ jsmn_init(&p); - int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, 64); // "chunk->response" is the char array holding the json content + int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, + 64); // "chunk->response" is the char array holding the json content // Find the 'base64ciphertext' token - if (parse_result < 0) { + if (parse_result < 0) + { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); return status; } - int json_idx = 0; - uint8_t ciphertext_found = CRYPTO_FALSE; - char* ciphertext_base64 = NULL; - char* ciphertext_IV_base64 = NULL; + int json_idx = 0; + uint8_t ciphertext_found = CRYPTO_FALSE; + char *ciphertext_base64 = NULL; + char *ciphertext_IV_base64 = NULL; for (json_idx = 1; json_idx < parse_result; json_idx++) { if (jsoneq(chunk_write->response, &t[json_idx], "metadata") == 0) { uint32_t len_ciphertext = t[json_idx + 1].end - t[json_idx + 1].start; - ciphertext_IV_base64 = malloc(len_ciphertext+1); - memcpy(ciphertext_IV_base64,chunk_write->response + t[json_idx + 1].start, len_ciphertext); + ciphertext_IV_base64 = malloc(len_ciphertext + 1); + memcpy(ciphertext_IV_base64, chunk_write->response + t[json_idx + 1].start, len_ciphertext); ciphertext_IV_base64[len_ciphertext] = '\0'; - - - char* line; - char* token; - char temp_buff[256]; - for (line = strtok (ciphertext_IV_base64, ","); line !=NULL; line = strtok(line + strlen(line) + 1, ",")) + + char *line; + char *token; + char temp_buff[256]; + for (line = strtok(ciphertext_IV_base64, ","); line != NULL; line = strtok(line + strlen(line) + 1, ",")) { strncpy(temp_buff, line, sizeof(temp_buff)); for (token = strtok(temp_buff, ":"); token != NULL; token = strtok(token + strlen(token) + 1, ":")) { - if(strcmp(token, "initialVector") == 0){ - token = strtok(token + strlen(token) + 1, ":"); - char * ciphertext_token_base64 = malloc(strlen(token)); - size_t cipher_text_token_len = strlen(token); - memcpy(ciphertext_token_base64,token, cipher_text_token_len); - #ifdef DEBUG + if (strcmp(token, "initialVector") == 0) + { + token = strtok(token + strlen(token) + 1, ":"); + char *ciphertext_token_base64 = malloc(strlen(token)); + size_t cipher_text_token_len = strlen(token); + memcpy(ciphertext_token_base64, token, cipher_text_token_len); +#ifdef DEBUG printf("IV LENGTH: %d\n", iv_len); - printf("IV ENCODED Text: %s\nIV ENCODED TEXT LEN: %ld\n", ciphertext_token_base64, cipher_text_token_len); - #endif - char* iv_decoded = malloc((iv_len)*2 + 1); + printf("IV ENCODED Text: %s\nIV ENCODED TEXT LEN: %ld\n", ciphertext_token_base64, + cipher_text_token_len); +#endif + char *iv_decoded = malloc((iv_len)*2 + 1); size_t iv_decoded_len = 0; - base64urlDecode(ciphertext_token_base64,cipher_text_token_len,iv_decoded, &iv_decoded_len); - #ifdef DEBUG + base64urlDecode(ciphertext_token_base64, cipher_text_token_len, iv_decoded, &iv_decoded_len); +#ifdef DEBUG printf("Decoded IV Text Length: %ld\n", iv_decoded_len); printf("Decoded IV Text: \n"); - for (uint32_t i=0; i < iv_decoded_len; i++) + for (uint32_t i = 0; i < iv_decoded_len; i++) { printf("%02x ", (uint8_t)iv_decoded[i]); } printf("\n"); - #endif - - if(iv == NULL) +#endif + + if (iv == NULL) { - memcpy(data_out - sa_ptr->shsnf_len - sa_ptr->shivf_len - sa_ptr->shplf_len, iv_decoded, iv_decoded_len); + memcpy(data_out - sa_ptr->shsnf_len - sa_ptr->shivf_len - sa_ptr->shplf_len, iv_decoded, + iv_decoded_len); } free(ciphertext_token_base64); break; } } } - - json_idx++; continue; } @@ -465,11 +460,11 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, chunk_write->response + t[json_idx + 1].start); #endif uint32_t len_ciphertext = t[json_idx + 1].end - t[json_idx + 1].start; - ciphertext_base64 = malloc(len_ciphertext+1); - memcpy(ciphertext_base64,chunk_write->response + t[json_idx + 1].start, len_ciphertext); + ciphertext_base64 = malloc(len_ciphertext + 1); + memcpy(ciphertext_base64, chunk_write->response + t[json_idx + 1].start, len_ciphertext); ciphertext_base64[len_ciphertext] = '\0'; #ifdef DEBUG - printf("Parsed base64ciphertext: %s\n",ciphertext_base64); + printf("Parsed base64ciphertext: %s\n", ciphertext_base64); #endif json_idx++; ciphertext_found = CRYPTO_TRUE; @@ -483,42 +478,41 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, printf("httpCode: %.*s\n", t[json_idx + 1].end - t[json_idx + 1].start, chunk_write->response + t[json_idx + 1].start); #endif - uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; - char* http_code_str = malloc(len_httpcode+1); - memcpy(http_code_str,chunk_write->response + t[json_idx + 1].start, len_httpcode); + uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; + char *http_code_str = malloc(len_httpcode + 1); + memcpy(http_code_str, chunk_write->response + t[json_idx + 1].start, len_httpcode); http_code_str[len_httpcode] = '\0'; - int http_code = atoi(http_code_str); + int http_code = atoi(http_code_str); #ifdef DEBUG - printf("Parsed http code: %d\n",http_code); + printf("Parsed http code: %d\n", http_code); #endif - if(http_code != 200) + if (http_code != 200) { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; - fprintf(stderr,"KMC Crypto Failure Response:\n%s\n",chunk_write->response); + fprintf(stderr, "KMC Crypto Failure Response:\n%s\n", chunk_write->response); return status; } free(http_code_str); json_idx++; continue; } - } - if(ciphertext_found == CRYPTO_FALSE){ + if (ciphertext_found == CRYPTO_FALSE) + { status = CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE; return status; } /* JSON Response Handling End */ - - uint8_t* ciphertext_decoded = malloc((len_data_out)*2 + 1); - size_t ciphertext_decoded_len = 0; - base64Decode(ciphertext_base64,strlen(ciphertext_base64),ciphertext_decoded, &ciphertext_decoded_len); + uint8_t *ciphertext_decoded = malloc((len_data_out)*2 + 1); + size_t ciphertext_decoded_len = 0; + base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, &ciphertext_decoded_len); #ifdef DEBUG - printf("Decoded Cipher Text Length: %ld\n",ciphertext_decoded_len); + printf("Decoded Cipher Text Length: %ld\n", ciphertext_decoded_len); printf("Decoded Cipher Text: \n"); printf("Data Out Len: %ld\n", len_data_out); - for (uint32_t i=0; i < ciphertext_decoded_len; i++) + for (uint32_t i = 0; i < ciphertext_decoded_len; i++) { printf("%02x ", ciphertext_decoded[i]); } @@ -526,71 +520,71 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, #endif // Crypto Service returns aad - cipher_text - tag - memcpy(data_out,ciphertext_decoded,ciphertext_decoded_len); + memcpy(data_out, ciphertext_decoded, ciphertext_decoded_len); return status; } -static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* ecs, uint8_t* acs, char* cam_cookies) -{int32_t status = CRYPTO_LIB_SUCCESS; - key = key; // Direct key input is not supported in KMC interface - ecs = ecs; - acs = acs; +static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t *acs, char *cam_cookies) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + key = key; // Direct key input is not supported in KMC interface + ecs = ecs; + acs = acs; // Get the key length in bits, in string format. // TODO -- Parse the key length from the keyInfo endpoint of the Crypto Service! - uint32_t key_len_in_bits = len_key * 8; // 8 bits per byte. + uint32_t key_len_in_bits = len_key * 8; // 8 bits per byte. uint32_t key_len_in_bits_str_len = 0; - char* key_len_in_bits_str = int_to_str(key_len_in_bits, &key_len_in_bits); + char *key_len_in_bits_str = int_to_str(key_len_in_bits, &key_len_in_bits); curl_easy_reset(curl); status = configure_curl_connect_opts(curl, cam_cookies); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } // Base64 URL encode IV for KMC REST Encrypt - char* iv_base64 = (char*)calloc(1,B64ENCODE_OUT_SAFESIZE(iv_len)+1); - base64urlEncode(iv,iv_len,iv_base64,NULL); + char *iv_base64 = (char *)calloc(1, B64ENCODE_OUT_SAFESIZE(iv_len) + 1); + base64urlEncode(iv, iv_len, iv_base64, NULL); - uint8_t* decrypt_payload = data_in; - size_t decrypt_payload_len = len_data_in; + uint8_t *decrypt_payload = data_in; + size_t decrypt_payload_len = len_data_in; #ifdef DEBUG - printf("IV Base64 URL Encoded: %s\n",iv_base64); + printf("IV Base64 URL Encoded: %s\n", iv_base64); #endif - - if(sa_ptr->ek_ref[0] == '\0') + if (sa_ptr->ek_ref[0] == '\0') { status = CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA; return status; } - char* decrypt_uri; - - int len_decrypt_endpoint = strlen(decrypt_endpoint)+ key_len_in_bits_str_len + strlen(sa_ptr->ek_ref)+strlen(iv_base64)+strlen(AES_CBC_TRANSFORMATION) + strlen(AES_CRYPTO_ALGORITHM); - char* decrypt_endpoint_final = (char*) malloc(len_decrypt_endpoint); + char *decrypt_uri; - snprintf(decrypt_endpoint_final,len_decrypt_endpoint,decrypt_endpoint,key_len_in_bits_str,sa_ptr->ek_ref,AES_CBC_TRANSFORMATION, iv_base64, AES_CRYPTO_ALGORITHM); + int len_decrypt_endpoint = strlen(decrypt_endpoint) + key_len_in_bits_str_len + strlen(sa_ptr->ek_ref) + + strlen(iv_base64) + strlen(AES_CBC_TRANSFORMATION) + strlen(AES_CRYPTO_ALGORITHM); + char *decrypt_endpoint_final = (char *)malloc(len_decrypt_endpoint); + + snprintf(decrypt_endpoint_final, len_decrypt_endpoint, decrypt_endpoint, key_len_in_bits_str, sa_ptr->ek_ref, + AES_CBC_TRANSFORMATION, iv_base64, AES_CRYPTO_ALGORITHM); free(key_len_in_bits_str); - decrypt_uri = (char*) malloc(strlen(kmc_root_uri)+len_decrypt_endpoint); + decrypt_uri = (char *)malloc(strlen(kmc_root_uri) + len_decrypt_endpoint); decrypt_uri[0] = '\0'; strcat(decrypt_uri, kmc_root_uri); strcat(decrypt_uri, decrypt_endpoint_final); #ifdef DEBUG - printf("Decrypt URI: %s\n",decrypt_uri); + printf("Decrypt URI: %s\n", decrypt_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, decrypt_uri); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); - memory_write* chunk_write = (memory_write*) calloc(1,MEMORY_WRITE_SIZE); - memory_read* chunk_read = (memory_read*) calloc(1,MEMORY_READ_SIZE);; + memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); + memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); + ; /* Configure CURL for POST */ curl_easy_setopt(curl, CURLOPT_POST, 1L); @@ -603,14 +597,14 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, curl_easy_setopt(curl, CURLOPT_WRITEDATA, chunk_write); /* size of the POST data */ - curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long) decrypt_payload_len); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)decrypt_payload_len); /* binary data */ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, decrypt_payload); #ifdef DEBUG - printf("Len of decrypt payload: %ld\n",decrypt_payload_len); + printf("Len of decrypt payload: %ld\n", decrypt_payload_len); printf("Data to Decrypt: \n"); - for (uint32_t i=0; i < decrypt_payload_len; i++) + for (uint32_t i = 0; i < decrypt_payload_len; i++) { printf("%02x ", decrypt_payload[i]); } @@ -618,7 +612,7 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, #endif status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } @@ -627,20 +621,22 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, // Parse the JSON string response jsmn_parser p; - jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ + jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ jsmn_init(&p); - int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, 64); // "chunk->response" is the char array holding the json content + int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, + 64); // "chunk->response" is the char array holding the json content // Find the 'base64ciphertext' token - if (parse_result < 0) { + if (parse_result < 0) + { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); return status; } - int json_idx = 0; + int json_idx = 0; uint8_t ciphertext_found = CRYPTO_FALSE; - char* cleartext_base64 = NULL; + char *cleartext_base64 = NULL; for (json_idx = 1; json_idx < parse_result; json_idx++) { // check "httpCode" field for non-200 status codes!!! @@ -652,11 +648,11 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, chunk_write->response + t[json_idx + 1].start); #endif uint32_t len_cleartext = t[json_idx + 1].end - t[json_idx + 1].start; - cleartext_base64 = malloc(len_cleartext+1); - memcpy(cleartext_base64,chunk_write->response + t[json_idx + 1].start, len_cleartext); + cleartext_base64 = malloc(len_cleartext + 1); + memcpy(cleartext_base64, chunk_write->response + t[json_idx + 1].start, len_cleartext); cleartext_base64[len_cleartext] = '\0'; #ifdef DEBUG - printf("Parsed base64cleartext: %s\n",cleartext_base64); + printf("Parsed base64cleartext: %s\n", cleartext_base64); #endif json_idx++; ciphertext_found = CRYPTO_TRUE; @@ -669,18 +665,18 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, printf("httpCode: %.*s\n", t[json_idx + 1].end - t[json_idx + 1].start, chunk_write->response + t[json_idx + 1].start); #endif - uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; - char* http_code_str = malloc(len_httpcode+1); - memcpy(http_code_str,chunk_write->response + t[json_idx + 1].start, len_httpcode); + uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; + char *http_code_str = malloc(len_httpcode + 1); + memcpy(http_code_str, chunk_write->response + t[json_idx + 1].start, len_httpcode); http_code_str[len_httpcode] = '\0'; - int http_code = atoi(http_code_str); + int http_code = atoi(http_code_str); #ifdef DEBUG - printf("Parsed http code: %d\n",http_code); + printf("Parsed http code: %d\n", http_code); #endif - if(http_code != 200) + if (http_code != 200) { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; - fprintf(stderr,"KMC Crypto Failure Response:\n%s\n",chunk_write->response); + fprintf(stderr, "KMC Crypto Failure Response:\n%s\n", chunk_write->response); return status; } free(http_code_str); @@ -688,20 +684,21 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, continue; } } - if(ciphertext_found == CRYPTO_FALSE){ + if (ciphertext_found == CRYPTO_FALSE) + { status = CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE; return status; } /* JSON Response Handling End */ - uint8_t* cleartext_decoded = malloc((len_data_out)*2 + 1); - size_t cleartext_decoded_len = 0; - base64Decode(cleartext_base64,strlen(cleartext_base64),cleartext_decoded, &cleartext_decoded_len); + uint8_t *cleartext_decoded = malloc((len_data_out)*2 + 1); + size_t cleartext_decoded_len = 0; + base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, &cleartext_decoded_len); #ifdef DEBUG - printf("Decoded Cipher Text Length: %ld\n",cleartext_decoded_len); + printf("Decoded Cipher Text Length: %ld\n", cleartext_decoded_len); printf("Decoded Cipher Text: \n"); - for (uint32_t i=0; i < cleartext_decoded_len; i++) + for (uint32_t i = 0; i < cleartext_decoded_len; i++) { printf("%02x ", cleartext_decoded[i]); } @@ -709,43 +706,39 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, #endif // Copy the decrypted data to the output stream // Crypto Service returns aad - clear_text - memcpy(data_out,cleartext_decoded, len_data_out); - + memcpy(data_out, cleartext_decoded, len_data_out); + return status; } -static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies) +static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; // Unneeded cryptography interface vars for current implementation len_data_out = len_data_out; - key = key; - len_key = len_key; - iv = iv; - iv_len = iv_len; - ecs = ecs; - + key = key; + len_key = len_key; + iv = iv; + iv_len = iv_len; + ecs = ecs; + curl_easy_reset(curl); status = configure_curl_connect_opts(curl, cam_cookies); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } // Base64 URL encode IV for KMC REST Encrypt // Not needed for CMAC/HMAC (only supported auth ciphers now) -// char* iv_base64 = (char*)calloc(1,B64ENCODE_OUT_SAFESIZE(iv_len)+1); -// base64urlEncode(iv,iv_len,iv_base64,NULL); + // char* iv_base64 = (char*)calloc(1,B64ENCODE_OUT_SAFESIZE(iv_len)+1); + // base64urlEncode(iv,iv_len,iv_base64,NULL); - uint8_t* auth_payload = aad; - size_t auth_payload_len = aad_len; + uint8_t *auth_payload = aad; + size_t auth_payload_len = aad_len; // Verify valid acs enum int32_t algo = cryptography_get_acs_algo(acs); @@ -754,39 +747,42 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, return CRYPTO_LIB_ERR_UNSUPPORTED_ACS; } - // Need to copy the data over, since authentication won't change/move the data directly - if(data_out != NULL){ + if (data_out != NULL) + { memcpy(data_out, data_in, len_data_in); - }else{ + } + else + { return CRYPTO_LIB_ERR_NULL_BUFFER; } - if(sa_ptr->ak_ref[0] == '\0') + if (sa_ptr->ak_ref[0] == '\0') { status = CRYPTOGRAHPY_KMC_NULL_AUTHENTICATION_KEY_REFERENCE_IN_SA; return status; } // Prepare the Authentication Endpoint URI for KMC Crypto Service - int len_auth_endpoint = strlen(icv_create_endpoint)+strlen(sa_ptr->ak_ref); - char* auth_endpoint_final = (char*) malloc(len_auth_endpoint); - snprintf(auth_endpoint_final,len_auth_endpoint,icv_create_endpoint,sa_ptr->ak_ref); + int len_auth_endpoint = strlen(icv_create_endpoint) + strlen(sa_ptr->ak_ref); + char *auth_endpoint_final = (char *)malloc(len_auth_endpoint); + snprintf(auth_endpoint_final, len_auth_endpoint, icv_create_endpoint, sa_ptr->ak_ref); - char* auth_uri = (char*) malloc(strlen(kmc_root_uri)+len_auth_endpoint); - auth_uri[0] = '\0'; + char *auth_uri = (char *)malloc(strlen(kmc_root_uri) + len_auth_endpoint); + auth_uri[0] = '\0'; strcat(auth_uri, kmc_root_uri); strcat(auth_uri, auth_endpoint_final); #ifdef DEBUG - printf("Authentication URI: %s\n",auth_uri); + printf("Authentication URI: %s\n", auth_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, auth_uri); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); - memory_write* chunk_write = (memory_write*) calloc(1,MEMORY_WRITE_SIZE); - memory_read* chunk_read = (memory_read*) calloc(1,MEMORY_READ_SIZE);; + memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); + memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); + ; /* Configure CURL for POST */ curl_easy_setopt(curl, CURLOPT_POST, 1L); /* send all data to this function */ @@ -798,14 +794,14 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, curl_easy_setopt(curl, CURLOPT_WRITEDATA, chunk_write); /* size of the POST data */ - curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long) auth_payload_len); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)auth_payload_len); /* binary data */ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, auth_payload); #ifdef DEBUG - printf("Authentication Payload Length: %ld\n",auth_payload_len); + printf("Authentication Payload Length: %ld\n", auth_payload_len); printf("Data to Authenticate: \n"); - for (uint32_t i=0; i < auth_payload_len; i++) + for (uint32_t i = 0; i < auth_payload_len; i++) { printf("%02x ", auth_payload[i]); } @@ -813,7 +809,7 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, #endif status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } @@ -822,20 +818,22 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, // Parse the JSON string response jsmn_parser p; - jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ + jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ jsmn_init(&p); - int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, 64); // "chunk->response" is the char array holding the json content + int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, + 64); // "chunk->response" is the char array holding the json content // Find the 'integrityCheckValue' token - if (parse_result < 0) { + if (parse_result < 0) + { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); return status; } - int json_idx = 0; + int json_idx = 0; uint8_t icvtext_found = CRYPTO_FALSE; - char* icv_base64 = NULL; + char *icv_base64 = NULL; for (json_idx = 1; json_idx < parse_result; json_idx++) { if (jsoneq(chunk_write->response, &t[json_idx], "metadata") == 0) @@ -846,31 +844,34 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, chunk_write->response + t[json_idx + 1].start); #endif // search through metadata string for base64 ICV end idx: - // Format: "integrityCheckValue:xQgnkVrrQj8FRALV3DxnVg==,keyRef:kmc/test/nist_cmac_90,cryptoAlgorithm:AESCMAC,metadataType:IntegrityCheckMetadata" + // Format: + // "integrityCheckValue:xQgnkVrrQj8FRALV3DxnVg==,keyRef:kmc/test/nist_cmac_90,cryptoAlgorithm:AESCMAC,metadataType:IntegrityCheckMetadata" uint32_t len_metadata = t[json_idx + 1].end - t[json_idx + 1].start; - char* metadata = malloc(len_metadata+1); - char* metadata_end = &metadata[len_metadata]; - memcpy(metadata,chunk_write->response + t[json_idx + 1].start, len_metadata); + char *metadata = malloc(len_metadata + 1); + char *metadata_end = &metadata[len_metadata]; + memcpy(metadata, chunk_write->response + t[json_idx + 1].start, len_metadata); - char* key = ""; + char *key = ""; size_t colon_idx; size_t comma_idx; - while(CRYPTO_TRUE) + while (CRYPTO_TRUE) { - colon_idx = strcspn(metadata,":"); - comma_idx = strcspn(metadata,","); - key = malloc(colon_idx+1); - strncpy(key,metadata,colon_idx); - key[colon_idx]='\0'; + colon_idx = strcspn(metadata, ":"); + comma_idx = strcspn(metadata, ","); + key = malloc(colon_idx + 1); + strncpy(key, metadata, colon_idx); + key[colon_idx] = '\0'; #ifdef DEBUG - printf("Found key in metadata: %s\n",key); + printf("Found key in metadata: %s\n", key); #endif - if(strcmp(key,"integrityCheckValue")==0){ + if (strcmp(key, "integrityCheckValue") == 0) + { break; // key found! } - if(strcmp(key,"integrityCheckValue")!=0){ - metadata += comma_idx+1; - if(metadata >= metadata_end) + if (strcmp(key, "integrityCheckValue") != 0) + { + metadata += comma_idx + 1; + if (metadata >= metadata_end) { status = CRYPTOGRAHPY_KMC_ICV_NOT_FOUND_IN_JSON_RESPONSE; return status; @@ -878,13 +879,13 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, } } - metadata += colon_idx+1; - comma_idx = strcspn(metadata,","); - icv_base64 = malloc(comma_idx+1); - strncpy(icv_base64,metadata,comma_idx); + metadata += colon_idx + 1; + comma_idx = strcspn(metadata, ","); + icv_base64 = malloc(comma_idx + 1); + strncpy(icv_base64, metadata, comma_idx); icv_base64[comma_idx] = '\0'; #ifdef DEBUG - printf("Parsed integrityCheckValue: %s\n",icv_base64); + printf("Parsed integrityCheckValue: %s\n", icv_base64); #endif json_idx++; icvtext_found = CRYPTO_TRUE; @@ -898,27 +899,27 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, printf("httpCode: %.*s\n", t[json_idx + 1].end - t[json_idx + 1].start, chunk_write->response + t[json_idx + 1].start); #endif - uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; - char* http_code_str = malloc(len_httpcode+1); - memcpy(http_code_str,chunk_write->response + t[json_idx + 1].start, len_httpcode); + uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; + char *http_code_str = malloc(len_httpcode + 1); + memcpy(http_code_str, chunk_write->response + t[json_idx + 1].start, len_httpcode); http_code_str[len_httpcode] = '\0'; - int http_code = atoi(http_code_str); + int http_code = atoi(http_code_str); #ifdef DEBUG - printf("Parsed http code: %d\n",http_code); + printf("Parsed http code: %d\n", http_code); #endif - if(http_code != 200) + if (http_code != 200) { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; - fprintf(stderr,"KMC Crypto Failure Response:\n%s\n",chunk_write->response); + fprintf(stderr, "KMC Crypto Failure Response:\n%s\n", chunk_write->response); return status; } json_idx++; free(http_code_str); continue; } - } - if(icvtext_found == CRYPTO_FALSE){ + if (icvtext_found == CRYPTO_FALSE) + { status = CRYPTOGRAHPY_KMC_ICV_NOT_FOUND_IN_JSON_RESPONSE; return status; } @@ -926,42 +927,39 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, /* JSON Response Handling End */ // https://stackoverflow.com/questions/13378815/base64-length-calculation - uint8_t* icv_decoded = calloc(1,B64DECODE_OUT_SAFESIZE(strlen(icv_base64)) + 1); - size_t icv_decoded_len = 0; - base64urlDecode(icv_base64,strlen(icv_base64),icv_decoded, &icv_decoded_len); + uint8_t *icv_decoded = calloc(1, B64DECODE_OUT_SAFESIZE(strlen(icv_base64)) + 1); + size_t icv_decoded_len = 0; + base64urlDecode(icv_base64, strlen(icv_base64), icv_decoded, &icv_decoded_len); #ifdef DEBUG - printf("Mac size: %d\n",mac_size); - printf("Decoded ICV Length: %ld\n",icv_decoded_len); + printf("Mac size: %d\n", mac_size); + printf("Decoded ICV Length: %ld\n", icv_decoded_len); printf("Decoded ICV Text: \n"); - for (uint32_t i=0; i < icv_decoded_len; i++) + for (uint32_t i = 0; i < icv_decoded_len; i++) { printf("%02x ", icv_decoded[i]); } printf("\n"); #endif - memcpy(mac,icv_decoded, mac_size); + memcpy(mac, icv_decoded, mac_size); return status; } -static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t len_data_out, - const uint8_t* data_in, const size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - const uint8_t* iv, uint32_t iv_len, - const uint8_t* mac, uint32_t mac_size, - const uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies) +static int32_t cryptography_validate_authentication(uint8_t *data_out, size_t len_data_out, const uint8_t *data_in, + const size_t len_data_in, uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, const uint8_t *iv, uint32_t iv_len, + const uint8_t *mac, uint32_t mac_size, const uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; // Unneeded cryptography interface vars for current implementation len_data_out = len_data_out; - key = key; - len_key = len_key; - iv = iv; - iv_len = iv_len; - ecs = ecs; + key = key; + len_key = len_key; + iv = iv; + iv_len = iv_len; + ecs = ecs; // Verify valid acs enum int32_t algo = cryptography_get_acs_algo(acs); @@ -971,62 +969,68 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le } // Need to copy the data over, since authentication won't change/move the data directly - if(data_out != NULL){ + if (data_out != NULL) + { memcpy(data_out, data_in, len_data_in); - }else{ + } + else + { return CRYPTO_LIB_ERR_NULL_BUFFER; } curl_easy_reset(curl); status = configure_curl_connect_opts(curl, cam_cookies); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } - const uint8_t* auth_payload = aad; - size_t auth_payload_len = aad_len; + const uint8_t *auth_payload = aad; + size_t auth_payload_len = aad_len; // Base64 URL encode MAC for KMC REST Encrypt - char* mac_base64 = (char*)calloc(1,B64ENCODE_OUT_SAFESIZE(mac_size) + 1); - base64urlEncode(mac,mac_size,mac_base64,NULL); + char *mac_base64 = (char *)calloc(1, B64ENCODE_OUT_SAFESIZE(mac_size) + 1); + base64urlEncode(mac, mac_size, mac_base64, NULL); #ifdef DEBUG - printf("MAC Base64 URL Encoded: %s\n",mac_base64); + printf("MAC Base64 URL Encoded: %s\n", mac_base64); printf("Hex Mac:\n"); - Crypto_hexprint(mac,mac_size); + Crypto_hexprint(mac, mac_size); #endif - if(sa_ptr->ak_ref[0] == '\0') + if (sa_ptr->ak_ref[0] == '\0') { status = CRYPTOGRAHPY_KMC_NULL_AUTHENTICATION_KEY_REFERENCE_IN_SA; return status; } - const char* auth_algorithm = NULL; - get_auth_algorithm_from_acs(acs,&auth_algorithm); + const char *auth_algorithm = NULL; + get_auth_algorithm_from_acs(acs, &auth_algorithm); uint32_t mac_size_str_len = 0; - char* mac_size_str = int_to_str(mac_size*8, &mac_size_str_len); + char *mac_size_str = int_to_str(mac_size * 8, &mac_size_str_len); // Prepare the Authentication Endpoint URI for KMC Crypto Service - int len_auth_endpoint = strlen(icv_verify_endpoint)+strlen(mac_base64)+strlen(sa_ptr->ak_ref)+strlen(auth_algorithm)+mac_size_str_len; - char* auth_endpoint_final = (char*) malloc(len_auth_endpoint); - snprintf(auth_endpoint_final,len_auth_endpoint,icv_verify_endpoint,mac_base64,sa_ptr->ak_ref,auth_algorithm,mac_size_str); + int len_auth_endpoint = strlen(icv_verify_endpoint) + strlen(mac_base64) + strlen(sa_ptr->ak_ref) + + strlen(auth_algorithm) + mac_size_str_len; + char *auth_endpoint_final = (char *)malloc(len_auth_endpoint); + snprintf(auth_endpoint_final, len_auth_endpoint, icv_verify_endpoint, mac_base64, sa_ptr->ak_ref, auth_algorithm, + mac_size_str); free(mac_size_str); - char* auth_uri = (char*) malloc(strlen(kmc_root_uri)+len_auth_endpoint); - auth_uri[0] = '\0'; + char *auth_uri = (char *)malloc(strlen(kmc_root_uri) + len_auth_endpoint); + auth_uri[0] = '\0'; strcat(auth_uri, kmc_root_uri); strcat(auth_uri, auth_endpoint_final); #ifdef DEBUG - printf("Authentication Verification URI: %s\n",auth_uri); + printf("Authentication Verification URI: %s\n", auth_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, auth_uri); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); - memory_write* chunk_write = (memory_write*) calloc(1,MEMORY_WRITE_SIZE); - memory_read* chunk_read = (memory_read*) calloc(1,MEMORY_READ_SIZE);; + memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); + memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); + ; /* Configure CURL for POST */ curl_easy_setopt(curl, CURLOPT_POST, 1L); /* send all data to this function */ @@ -1038,14 +1042,14 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le curl_easy_setopt(curl, CURLOPT_WRITEDATA, chunk_write); /* size of the POST data */ - curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long) auth_payload_len); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)auth_payload_len); /* binary data */ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, auth_payload); #ifdef DEBUG - printf("Authentication Payload Length: %ld\n",auth_payload_len); + printf("Authentication Payload Length: %ld\n", auth_payload_len); printf("Data to Authenticate: \n"); - for (uint32_t i=0; i < auth_payload_len; i++) + for (uint32_t i = 0; i < auth_payload_len; i++) { printf("%02x ", auth_payload[i]); } @@ -1053,7 +1057,7 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le #endif status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } @@ -1062,17 +1066,19 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le // Parse the JSON string response jsmn_parser p; - jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ + jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ jsmn_init(&p); - int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, 64); // "chunk->response" is the char array holding the json content + int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, + 64); // "chunk->response" is the char array holding the json content - if (parse_result < 0) { + if (parse_result < 0) + { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); return status; } - int json_idx = 0; + int json_idx = 0; uint8_t http_status_found = CRYPTO_FALSE; for (json_idx = 1; json_idx < parse_result; json_idx++) { @@ -1083,19 +1089,19 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le printf("httpCode: %.*s\n", t[json_idx + 1].end - t[json_idx + 1].start, chunk_write->response + t[json_idx + 1].start); #endif - uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; - char* http_code_str = malloc(len_httpcode+1); - memcpy(http_code_str,chunk_write->response + t[json_idx + 1].start, len_httpcode); + uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; + char *http_code_str = malloc(len_httpcode + 1); + memcpy(http_code_str, chunk_write->response + t[json_idx + 1].start, len_httpcode); http_code_str[len_httpcode] = '\0'; - http_status_found = CRYPTO_TRUE; - int http_code = atoi(http_code_str); + http_status_found = CRYPTO_TRUE; + int http_code = atoi(http_code_str); #ifdef DEBUG - printf("Parsed http code: %d\n",http_code); + printf("Parsed http code: %d\n", http_code); #endif - if(http_code != 200) + if (http_code != 200) { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; - fprintf(stderr,"KMC Crypto Generic Failure Response:\n%s\n",chunk_write->response); + fprintf(stderr, "KMC Crypto Generic Failure Response:\n%s\n", chunk_write->response); return status; } json_idx++; @@ -1110,25 +1116,26 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le chunk_write->response + t[json_idx + 1].start); #endif uint32_t len_result = t[json_idx + 1].end - t[json_idx + 1].start; - char* result_str = malloc(len_result+1); - memcpy(result_str,chunk_write->response + t[json_idx + 1].start, len_result); + char *result_str = malloc(len_result + 1); + memcpy(result_str, chunk_write->response + t[json_idx + 1].start, len_result); result_str[len_result] = '\0'; #ifdef DEBUG - printf("Parsed result string: %s\n",result_str); + printf("Parsed result string: %s\n", result_str); #endif - if(strcmp(result_str,"true")!=0) // KMC crypto service returns true string if ICV check succeeds. + if (strcmp(result_str, "true") != 0) // KMC crypto service returns true string if ICV check succeeds. { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_MAC_VALIDATION_ERROR; - fprintf(stderr,"KMC Crypto MAC Validation Failure Response:\n%s\n",chunk_write->response); + fprintf(stderr, "KMC Crypto MAC Validation Failure Response:\n%s\n", chunk_write->response); return status; } continue; } } - if(http_status_found == CRYPTO_FALSE){ + if (http_status_found == CRYPTO_FALSE) + { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; - fprintf(stderr,"KMC Crypto Generic Failure Response:\n%s\n",chunk_write->response); + fprintf(stderr, "KMC Crypto Generic Failure Response:\n%s\n", chunk_write->response); return status; } @@ -1137,93 +1144,91 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le return status; } -static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t encrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies) +static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t encrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; - key = key; // Direct key input is not supported in KMC interface - len_key = len_key; // Direct key input is not supported in KMC interface - ecs = ecs; - acs = acs; + key = key; // Direct key input is not supported in KMC interface + len_key = len_key; // Direct key input is not supported in KMC interface + ecs = ecs; + acs = acs; curl_easy_reset(curl); status = configure_curl_connect_opts(curl, cam_cookies); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } // Base64 URL encode IV for KMC REST Encrypt - char* iv_base64 = (char*)calloc(1,B64ENCODE_OUT_SAFESIZE(iv_len)+1); - if(iv != NULL) + char *iv_base64 = (char *)calloc(1, B64ENCODE_OUT_SAFESIZE(iv_len) + 1); + if (iv != NULL) { - base64urlEncode(iv,iv_len,iv_base64,NULL); + base64urlEncode(iv, iv_len, iv_base64, NULL); } - - #ifdef DEBUG + +#ifdef DEBUG printf("IV_BASE64: %s\n", iv_base64); - #endif +#endif - uint8_t* encrypt_payload = data_in; - size_t encrypt_payload_len = len_data_in; + uint8_t *encrypt_payload = data_in; + size_t encrypt_payload_len = len_data_in; #ifdef DEBUG - printf("IV Base64 URL Encoded: %s\n",iv_base64); + printf("IV Base64 URL Encoded: %s\n", iv_base64); #endif - if(sa_ptr->ek_ref[0] == '\0') + if (sa_ptr->ek_ref[0] == '\0') { status = CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA; free(iv_base64); return status; } - char* encrypt_uri; - if(aad_bool == CRYPTO_TRUE) + char *encrypt_uri; + if (aad_bool == CRYPTO_TRUE) { - //Determine length of aad offset string and convert to string for use in URL + // Determine length of aad offset string and convert to string for use in URL uint32_t aad_offset_str_len = 0; - char* aad_offset_str = int_to_str(aad_len, &aad_offset_str_len); + char *aad_offset_str = int_to_str(aad_len, &aad_offset_str_len); #ifdef DEBUG - printf("AAD Offset Str: %s\n",aad_offset_str); + printf("AAD Offset Str: %s\n", aad_offset_str); #endif uint32_t mac_size_str_len = 0; - char* mac_size_str = int_to_str(mac_size*8, &mac_size_str_len); - - int len_encrypt_endpoint = strlen(encrypt_offset_endpoint)+strlen(sa_ptr->ek_ref)+strlen(iv_base64)+strlen(AES_GCM_TRANSFORMATION)+aad_offset_str_len + mac_size_str_len; - char* encrypt_endpoint_final = (char*) malloc(len_encrypt_endpoint); - if(iv != NULL) + char *mac_size_str = int_to_str(mac_size * 8, &mac_size_str_len); + + int len_encrypt_endpoint = strlen(encrypt_offset_endpoint) + strlen(sa_ptr->ek_ref) + strlen(iv_base64) + + strlen(AES_GCM_TRANSFORMATION) + aad_offset_str_len + mac_size_str_len; + char *encrypt_endpoint_final = (char *)malloc(len_encrypt_endpoint); + if (iv != NULL) { - - snprintf(encrypt_endpoint_final,len_encrypt_endpoint,encrypt_offset_endpoint,sa_ptr->ek_ref,AES_GCM_TRANSFORMATION, iv_base64,aad_offset_str,mac_size_str); + + snprintf(encrypt_endpoint_final, len_encrypt_endpoint, encrypt_offset_endpoint, sa_ptr->ek_ref, + AES_GCM_TRANSFORMATION, iv_base64, aad_offset_str, mac_size_str); } else - { + { //"encrypt?keyRef=%s&transformation=%s&encryptOffset=%s&macLength=%s"; - snprintf(encrypt_endpoint_final,len_encrypt_endpoint,encrypt_offset_endpoint_null_iv,sa_ptr->ek_ref,AES_GCM_TRANSFORMATION,aad_offset_str,mac_size_str); + snprintf(encrypt_endpoint_final, len_encrypt_endpoint, encrypt_offset_endpoint_null_iv, sa_ptr->ek_ref, + AES_GCM_TRANSFORMATION, aad_offset_str, mac_size_str); } - free(aad_offset_str); free(mac_size_str); #ifdef DEBUG - printf("KMC ROOT URI: %s\n",kmc_root_uri); + printf("KMC ROOT URI: %s\n", kmc_root_uri); #endif - encrypt_uri = (char*) malloc(strlen(kmc_root_uri)+len_encrypt_endpoint); + encrypt_uri = (char *)malloc(strlen(kmc_root_uri) + len_encrypt_endpoint); encrypt_uri[0] = '\0'; strcat(encrypt_uri, kmc_root_uri); strcat(encrypt_uri, encrypt_endpoint_final); // Prepare encrypt_payload with AAD at the front for KMC Crypto Service. - if(encrypt_bool == CRYPTO_FALSE) //Not encrypting data, only passing in AAD for TAG. + if (encrypt_bool == CRYPTO_FALSE) // Not encrypting data, only passing in AAD for TAG. { encrypt_payload_len = aad_len; } @@ -1233,31 +1238,33 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, } #ifdef DEBUG - printf("Encrypt Payload Length: %ld\n",encrypt_payload_len); + printf("Encrypt Payload Length: %ld\n", encrypt_payload_len); #endif - encrypt_payload = (uint8_t*) malloc(encrypt_payload_len); - memcpy(&encrypt_payload[0],aad,aad_len); - if(encrypt_bool == CRYPTO_TRUE) + encrypt_payload = (uint8_t *)malloc(encrypt_payload_len); + memcpy(&encrypt_payload[0], aad, aad_len); + if (encrypt_bool == CRYPTO_TRUE) { - memcpy(&encrypt_payload[aad_len],data_in,len_data_in); + memcpy(&encrypt_payload[aad_len], data_in, len_data_in); } - free(encrypt_endpoint_final); + free(encrypt_endpoint_final); } - else //No AAD -- just prepare the endpoint URI + else // No AAD -- just prepare the endpoint URI { - int len_encrypt_endpoint = strlen(encrypt_endpoint)+strlen(sa_ptr->ek_ref)+strlen(iv_base64)+strlen(AES_GCM_TRANSFORMATION); - char* encrypt_endpoint_final = (char*) malloc(len_encrypt_endpoint); - if(iv != NULL) + int len_encrypt_endpoint = + strlen(encrypt_endpoint) + strlen(sa_ptr->ek_ref) + strlen(iv_base64) + strlen(AES_GCM_TRANSFORMATION); + char *encrypt_endpoint_final = (char *)malloc(len_encrypt_endpoint); + if (iv != NULL) { - snprintf(encrypt_endpoint_final,len_encrypt_endpoint,encrypt_endpoint,sa_ptr->ek_ref,AES_GCM_TRANSFORMATION, iv_base64); + snprintf(encrypt_endpoint_final, len_encrypt_endpoint, encrypt_endpoint, sa_ptr->ek_ref, + AES_GCM_TRANSFORMATION, iv_base64); } else { - snprintf(encrypt_endpoint_final,len_encrypt_endpoint,encrypt_endpoint_null_iv,sa_ptr->ek_ref,AES_GCM_TRANSFORMATION); + snprintf(encrypt_endpoint_final, len_encrypt_endpoint, encrypt_endpoint_null_iv, sa_ptr->ek_ref, + AES_GCM_TRANSFORMATION); } - - encrypt_uri = (char*) malloc(strlen(kmc_root_uri)+len_encrypt_endpoint); + encrypt_uri = (char *)malloc(strlen(kmc_root_uri) + len_encrypt_endpoint); encrypt_uri[0] = '\0'; strcat(encrypt_uri, kmc_root_uri); strcat(encrypt_uri, encrypt_endpoint_final); @@ -1265,14 +1272,15 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, } #ifdef DEBUG - printf("Encrypt URI AEAD: %s\n",encrypt_uri); + printf("Encrypt URI AEAD: %s\n", encrypt_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, encrypt_uri); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); - memory_write* chunk_write = (memory_write*) calloc(1,MEMORY_WRITE_SIZE); - memory_read* chunk_read = (memory_read*) calloc(1,MEMORY_READ_SIZE);; + memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); + memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); + ; /* Configure CURL for POST */ curl_easy_setopt(curl, CURLOPT_POST, 1L); /* send all data to this function */ @@ -1284,35 +1292,40 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, curl_easy_setopt(curl, CURLOPT_WRITEDATA, chunk_write); /* size of the POST data */ - curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long) encrypt_payload_len); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)encrypt_payload_len); /* binary data */ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, encrypt_payload); #ifdef DEBUG printf("Data to Encrypt: \n"); - for (uint32_t i=0; i < encrypt_payload_len; i++) + for (uint32_t i = 0; i < encrypt_payload_len; i++) { printf("%02x ", encrypt_payload[i]); } printf("\n"); #endif - status = curl_perform_with_cam_retries(curl,chunk_write,chunk_read); + status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); #ifdef DEBUG - printf("Curl Perform Final Status Code: %d\n",status); - if(chunk_write->response != NULL) + printf("Curl Perform Final Status Code: %d\n", status); + if (chunk_write->response != NULL) { printf("Chunk Write Response Length: %ld\n", strlen(chunk_write->response)); printf("Chunk Write Response: %s\n", chunk_write->response); } #endif - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { - if(iv_base64 != NULL) free(iv_base64); - if(encrypt_uri != NULL) free(encrypt_uri); - if(chunk_write != NULL) free(chunk_write); - if(chunk_read != NULL) free(chunk_read); - if(encrypt_payload != NULL) free(encrypt_payload); + if (iv_base64 != NULL) + free(iv_base64); + if (encrypt_uri != NULL) + free(encrypt_uri); + if (chunk_write != NULL) + free(chunk_write); + if (chunk_read != NULL) + free(chunk_read); + if (encrypt_payload != NULL) + free(encrypt_payload); return status; } @@ -1320,80 +1333,88 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, // Parse the JSON string response jsmn_parser p; - jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ + jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ jsmn_init(&p); - int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, 64); // "chunk->response" is the char array holding the json content + int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, + 64); // "chunk->response" is the char array holding the json content // Find the 'base64ciphertext' token - if (parse_result < 0) { + if (parse_result < 0) + { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); - if(iv_base64 != NULL) free(iv_base64); - if(encrypt_uri != NULL) free(encrypt_uri); - if(chunk_write != NULL) free(chunk_write); - if(chunk_read != NULL) free(chunk_read); - if(encrypt_payload != NULL) free(encrypt_payload); + if (iv_base64 != NULL) + free(iv_base64); + if (encrypt_uri != NULL) + free(encrypt_uri); + if (chunk_write != NULL) + free(chunk_write); + if (chunk_read != NULL) + free(chunk_read); + if (encrypt_payload != NULL) + free(encrypt_payload); return status; } - int json_idx = 0; - uint8_t ciphertext_found = CRYPTO_FALSE; - char* ciphertext_base64 = NULL; - char* ciphertext_IV_base64 = NULL; + int json_idx = 0; + uint8_t ciphertext_found = CRYPTO_FALSE; + char *ciphertext_base64 = NULL; + char *ciphertext_IV_base64 = NULL; for (json_idx = 1; json_idx < parse_result; json_idx++) { if (jsoneq(chunk_write->response, &t[json_idx], "metadata") == 0) { uint32_t len_ciphertext = t[json_idx + 1].end - t[json_idx + 1].start; - ciphertext_IV_base64 = malloc(len_ciphertext+1); - memcpy(ciphertext_IV_base64,chunk_write->response + t[json_idx + 1].start, len_ciphertext); + ciphertext_IV_base64 = malloc(len_ciphertext + 1); + memcpy(ciphertext_IV_base64, chunk_write->response + t[json_idx + 1].start, len_ciphertext); ciphertext_IV_base64[len_ciphertext] = '\0'; - //printf("%s\n", ciphertext_IV_base64); - - char* line; - char* token; - char temp_buff[256]; - for (line = strtok (ciphertext_IV_base64, ","); line !=NULL; line = strtok(line + strlen(line) + 1, ",")) + // printf("%s\n", ciphertext_IV_base64); + + char *line; + char *token; + char temp_buff[256]; + for (line = strtok(ciphertext_IV_base64, ","); line != NULL; line = strtok(line + strlen(line) + 1, ",")) { strncpy(temp_buff, line, sizeof(temp_buff)); for (token = strtok(temp_buff, ":"); token != NULL; token = strtok(token + strlen(token) + 1, ":")) { - if(strcmp(token, "initialVector") == 0){ - token = strtok(token + strlen(token) + 1, ":"); - char * ciphertext_token_base64 = malloc(strlen(token)); - size_t cipher_text_token_len = strlen(token); - memcpy(ciphertext_token_base64,token, cipher_text_token_len); - #ifdef DEBUG + if (strcmp(token, "initialVector") == 0) + { + token = strtok(token + strlen(token) + 1, ":"); + char *ciphertext_token_base64 = malloc(strlen(token)); + size_t cipher_text_token_len = strlen(token); + memcpy(ciphertext_token_base64, token, cipher_text_token_len); +#ifdef DEBUG printf("IV LENGTH: %d\n", iv_len); - printf("IV ENCODED Text: %s\nIV ENCODED TEXT LEN: %ld\n", ciphertext_token_base64, cipher_text_token_len); - #endif - char* iv_decoded = malloc((iv_len)*2 + 1); + printf("IV ENCODED Text: %s\nIV ENCODED TEXT LEN: %ld\n", ciphertext_token_base64, + cipher_text_token_len); +#endif + char *iv_decoded = malloc((iv_len)*2 + 1); size_t iv_decoded_len = 0; - base64urlDecode(ciphertext_token_base64,cipher_text_token_len,iv_decoded, &iv_decoded_len); + base64urlDecode(ciphertext_token_base64, cipher_text_token_len, iv_decoded, &iv_decoded_len); - #ifdef DEBUG +#ifdef DEBUG printf("Decoded IV Text Length: %ld\n", iv_decoded_len); printf("Decoded IV Text: \n"); - for (uint32_t i=0; i < iv_decoded_len; i++) + for (uint32_t i = 0; i < iv_decoded_len; i++) { printf("%02x ", (uint8_t)iv_decoded[i]); } printf("\n"); - #endif +#endif - if(iv == NULL) - { - memcpy(data_out - sa_ptr->shsnf_len - sa_ptr->shivf_len - sa_ptr->shplf_len, iv_decoded, iv_decoded_len); + if (iv == NULL) + { + memcpy(data_out - sa_ptr->shsnf_len - sa_ptr->shivf_len - sa_ptr->shplf_len, iv_decoded, + iv_decoded_len); } free(ciphertext_token_base64); break; } } } - - json_idx++; continue; } @@ -1405,11 +1426,11 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, chunk_write->response + t[json_idx + 1].start); #endif uint32_t len_ciphertext = t[json_idx + 1].end - t[json_idx + 1].start; - ciphertext_base64 = malloc(len_ciphertext+1); - memcpy(ciphertext_base64,chunk_write->response + t[json_idx + 1].start, len_ciphertext); + ciphertext_base64 = malloc(len_ciphertext + 1); + memcpy(ciphertext_base64, chunk_write->response + t[json_idx + 1].start, len_ciphertext); ciphertext_base64[len_ciphertext] = '\0'; #ifdef DEBUG - printf("Parsed base64ciphertext: %s\n",ciphertext_base64); + printf("Parsed base64ciphertext: %s\n", ciphertext_base64); #endif json_idx++; ciphertext_found = CRYPTO_TRUE; @@ -1423,54 +1444,68 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, printf("httpCode: %.*s\n", t[json_idx + 1].end - t[json_idx + 1].start, chunk_write->response + t[json_idx + 1].start); #endif - uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; - char* http_code_str = malloc(len_httpcode+1); - memcpy(http_code_str,chunk_write->response + t[json_idx + 1].start, len_httpcode); + uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; + char *http_code_str = malloc(len_httpcode + 1); + memcpy(http_code_str, chunk_write->response + t[json_idx + 1].start, len_httpcode); http_code_str[len_httpcode] = '\0'; - int http_code = atoi(http_code_str); + int http_code = atoi(http_code_str); #ifdef DEBUG - printf("Parsed http code: %d\n",http_code); + printf("Parsed http code: %d\n", http_code); #endif - if(http_code != 200) + if (http_code != 200) { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; - fprintf(stderr,"KMC Crypto Failure Response:\n%s\n",chunk_write->response); - if(iv_base64 != NULL) free(iv_base64); - if(encrypt_uri != NULL) free(encrypt_uri); - if(chunk_write != NULL) free(chunk_write); - if(chunk_read != NULL) free(chunk_read); - if(encrypt_payload != NULL) free(encrypt_payload); - if(http_code_str != NULL) free(http_code_str); - if(ciphertext_base64 != NULL) free(ciphertext_base64); + fprintf(stderr, "KMC Crypto Failure Response:\n%s\n", chunk_write->response); + if (iv_base64 != NULL) + free(iv_base64); + if (encrypt_uri != NULL) + free(encrypt_uri); + if (chunk_write != NULL) + free(chunk_write); + if (chunk_read != NULL) + free(chunk_read); + if (encrypt_payload != NULL) + free(encrypt_payload); + if (http_code_str != NULL) + free(http_code_str); + if (ciphertext_base64 != NULL) + free(ciphertext_base64); return status; } json_idx++; - if(http_code_str != NULL) free(http_code_str); + if (http_code_str != NULL) + free(http_code_str); continue; } - } - if(ciphertext_found == CRYPTO_FALSE){ + if (ciphertext_found == CRYPTO_FALSE) + { status = CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE; - if(encrypt_uri != NULL) free(encrypt_uri); - if(iv_base64 != NULL) free(iv_base64); - if(ciphertext_base64 != NULL) free(ciphertext_base64); - if(chunk_write != NULL) free(chunk_write); - if(chunk_read != NULL) free(chunk_read); - if(encrypt_payload != NULL) free(encrypt_payload); + if (encrypt_uri != NULL) + free(encrypt_uri); + if (iv_base64 != NULL) + free(iv_base64); + if (ciphertext_base64 != NULL) + free(ciphertext_base64); + if (chunk_write != NULL) + free(chunk_write); + if (chunk_read != NULL) + free(chunk_read); + if (encrypt_payload != NULL) + free(encrypt_payload); return status; } /* JSON Response Handling End */ - uint8_t* ciphertext_decoded = malloc((len_data_out + mac_size + aad_len)*2 + 1); - size_t ciphertext_decoded_len = 0; - base64Decode(ciphertext_base64,strlen(ciphertext_base64),ciphertext_decoded, &ciphertext_decoded_len); + uint8_t *ciphertext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1); + size_t ciphertext_decoded_len = 0; + base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, &ciphertext_decoded_len); #ifdef DEBUG - printf("Mac size: %d\n",mac_size); - printf("Decoded Cipher Text Length: %ld\n",ciphertext_decoded_len); + printf("Mac size: %d\n", mac_size); + printf("Decoded Cipher Text Length: %ld\n", ciphertext_decoded_len); printf("Decoded Cipher Text: \n"); - for (uint32_t i=0; i < ciphertext_decoded_len; i++) + for (uint32_t i = 0; i < ciphertext_decoded_len; i++) { printf("%02x ", ciphertext_decoded[i]); } @@ -1478,31 +1513,42 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, #endif // Copy the encrypted data to the output stream - if(encrypt_bool == CRYPTO_TRUE) + if (encrypt_bool == CRYPTO_TRUE) { // Crypto Service returns aad - cipher_text - tag - memcpy(data_out,ciphertext_decoded + aad_len,len_data_out); + memcpy(data_out, ciphertext_decoded + aad_len, len_data_out); } // If authenticate, Copy the MAC to the output stream - if(authenticate_bool == CRYPTO_TRUE) + if (authenticate_bool == CRYPTO_TRUE) { uint32_t data_offset = len_data_out; - if(encrypt_bool == CRYPTO_FALSE) { data_offset = 0; } - memcpy(mac,ciphertext_decoded + aad_len + data_offset, mac_size); + if (encrypt_bool == CRYPTO_FALSE) + { + data_offset = 0; + } + memcpy(mac, ciphertext_decoded + aad_len + data_offset, mac_size); } - if (ciphertext_base64 != NULL) free(ciphertext_base64); - if (ciphertext_decoded != NULL) free(ciphertext_decoded); - if (iv_base64 != NULL) free(iv_base64); - if (encrypt_uri != NULL) free(encrypt_uri); - //if (encrypt_payload != NULL) free(encrypt_payload); - if (chunk_write->response != NULL) free(chunk_write->response); - if (chunk_write != NULL) free(chunk_write); - if (chunk_read != NULL) free(chunk_read); + if (ciphertext_base64 != NULL) + free(ciphertext_base64); + if (ciphertext_decoded != NULL) + free(ciphertext_decoded); + if (iv_base64 != NULL) + free(iv_base64); + if (encrypt_uri != NULL) + free(encrypt_uri); + // if (encrypt_payload != NULL) free(encrypt_payload); + if (chunk_write->response != NULL) + free(chunk_write->response); + if (chunk_write != NULL) + free(chunk_write); + if (chunk_read != NULL) + free(chunk_read); #ifdef DEBUG printf("DATA OUT:\n"); - for(size_t i = 0; i < len_data_out; i++){ + for (size_t i = 0; i < len_data_out; i++) + { printf("%02x ", data_out[i]); } printf("\n"); @@ -1511,83 +1557,79 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, return status; } -static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t decrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies) +static int32_t cryptography_aead_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t decrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; - key = key; // Direct key input is not supported in KMC interface - ecs = ecs; - acs = acs; + key = key; // Direct key input is not supported in KMC interface + ecs = ecs; + acs = acs; // Get the key length in bits, in string format. // TODO -- Parse the key length from the keyInfo endpoint of the Crypto Service! - uint32_t key_len_in_bits = len_key * 8; // 8 bits per byte. + uint32_t key_len_in_bits = len_key * 8; // 8 bits per byte. uint32_t key_len_in_bits_str_len = 0; - char* key_len_in_bits_str = int_to_str(key_len_in_bits, &key_len_in_bits); - - + char *key_len_in_bits_str = int_to_str(key_len_in_bits, &key_len_in_bits); curl_easy_reset(curl); status = configure_curl_connect_opts(curl, cam_cookies); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } // Base64 URL encode IV for KMC REST Encrypt - char* iv_base64 = (char*)calloc(1,B64ENCODE_OUT_SAFESIZE(iv_len)+1); - base64urlEncode(iv,iv_len,iv_base64,NULL); + char *iv_base64 = (char *)calloc(1, B64ENCODE_OUT_SAFESIZE(iv_len) + 1); + base64urlEncode(iv, iv_len, iv_base64, NULL); - uint8_t* decrypt_payload = data_in; - size_t decrypt_payload_len = len_data_in; + uint8_t *decrypt_payload = data_in; + size_t decrypt_payload_len = len_data_in; #ifdef DEBUG - printf("IV Base64 URL Encoded: %s\n",iv_base64); + printf("IV Base64 URL Encoded: %s\n", iv_base64); #endif - - if(sa_ptr->ek_ref[0] == '\0') + if (sa_ptr->ek_ref[0] == '\0') { status = CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA; return status; } - char* decrypt_uri; - if(aad_bool == CRYPTO_TRUE) + char *decrypt_uri; + if (aad_bool == CRYPTO_TRUE) { - //Determine length of aad offset string and convert to string for use in URL + // Determine length of aad offset string and convert to string for use in URL uint32_t aad_offset_str_len = 0; - char* aad_offset_str = int_to_str(aad_len, &aad_offset_str_len); + char *aad_offset_str = int_to_str(aad_len, &aad_offset_str_len); #ifdef DEBUG - printf("AAD Offset Str: %s\n",aad_offset_str); + printf("AAD Offset Str: %s\n", aad_offset_str); #endif uint32_t mac_size_str_len = 0; - char* mac_size_str = int_to_str(mac_size*8, &mac_size_str_len); + char *mac_size_str = int_to_str(mac_size * 8, &mac_size_str_len); - int len_decrypt_endpoint = strlen(decrypt_offset_endpoint)+ key_len_in_bits_str_len + strlen(sa_ptr->ek_ref)+strlen(iv_base64)+strlen(AES_GCM_TRANSFORMATION) + strlen(AES_CRYPTO_ALGORITHM) + mac_size_str_len + aad_offset_str_len; - char* decrypt_endpoint_final = (char*) malloc(len_decrypt_endpoint); + int len_decrypt_endpoint = strlen(decrypt_offset_endpoint) + key_len_in_bits_str_len + strlen(sa_ptr->ek_ref) + + strlen(iv_base64) + strlen(AES_GCM_TRANSFORMATION) + strlen(AES_CRYPTO_ALGORITHM) + + mac_size_str_len + aad_offset_str_len; + char *decrypt_endpoint_final = (char *)malloc(len_decrypt_endpoint); - snprintf(decrypt_endpoint_final,len_decrypt_endpoint,decrypt_offset_endpoint,key_len_in_bits_str,sa_ptr->ek_ref,AES_GCM_TRANSFORMATION, iv_base64, AES_CRYPTO_ALGORITHM, mac_size_str, aad_offset_str); + snprintf(decrypt_endpoint_final, len_decrypt_endpoint, decrypt_offset_endpoint, key_len_in_bits_str, + sa_ptr->ek_ref, AES_GCM_TRANSFORMATION, iv_base64, AES_CRYPTO_ALGORITHM, mac_size_str, aad_offset_str); free(key_len_in_bits_str); free(aad_offset_str); free(mac_size_str); - decrypt_uri = (char*) malloc(strlen(kmc_root_uri)+len_decrypt_endpoint); + decrypt_uri = (char *)malloc(strlen(kmc_root_uri) + len_decrypt_endpoint); decrypt_uri[0] = '\0'; strcat(decrypt_uri, kmc_root_uri); strcat(decrypt_uri, decrypt_endpoint_final); // Prepare decrypt_payload with AAD at the front for KMC Crypto Service. - if(decrypt_bool == CRYPTO_FALSE) //Not decrypting data, only passing in AAD for TAG validation. + if (decrypt_bool == CRYPTO_FALSE) // Not decrypting data, only passing in AAD for TAG validation. { decrypt_payload_len = aad_len + mac_size; } @@ -1596,44 +1638,50 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, decrypt_payload_len = len_data_in + aad_len + mac_size; } #ifdef DEBUG - printf("Decrypt Payload Length: %ld\n",decrypt_payload_len); + printf("Decrypt Payload Length: %ld\n", decrypt_payload_len); #endif - decrypt_payload = (uint8_t*) malloc(decrypt_payload_len); - memcpy(&decrypt_payload[0],aad,aad_len); - if(decrypt_bool == CRYPTO_TRUE) + decrypt_payload = (uint8_t *)malloc(decrypt_payload_len); + memcpy(&decrypt_payload[0], aad, aad_len); + if (decrypt_bool == CRYPTO_TRUE) { - memcpy(&decrypt_payload[aad_len],data_in,len_data_in); + memcpy(&decrypt_payload[aad_len], data_in, len_data_in); } - if(authenticate_bool == CRYPTO_TRUE) + if (authenticate_bool == CRYPTO_TRUE) { uint32_t data_offset = len_data_in; - if(decrypt_bool == CRYPTO_FALSE) { data_offset = 0; } - memcpy(&decrypt_payload[aad_len + data_offset],mac,mac_size); + if (decrypt_bool == CRYPTO_FALSE) + { + data_offset = 0; + } + memcpy(&decrypt_payload[aad_len + data_offset], mac, mac_size); } free(decrypt_endpoint_final); } - else //No AAD - just prepare the endpoint URI string + else // No AAD - just prepare the endpoint URI string { - int len_decrypt_endpoint = strlen(decrypt_endpoint)+ key_len_in_bits_str_len + strlen(sa_ptr->ek_ref)+strlen(iv_base64)+strlen(AES_GCM_TRANSFORMATION) + strlen(AES_CRYPTO_ALGORITHM); - char* decrypt_endpoint_final = (char*) malloc(len_decrypt_endpoint); + int len_decrypt_endpoint = strlen(decrypt_endpoint) + key_len_in_bits_str_len + strlen(sa_ptr->ek_ref) + + strlen(iv_base64) + strlen(AES_GCM_TRANSFORMATION) + strlen(AES_CRYPTO_ALGORITHM); + char *decrypt_endpoint_final = (char *)malloc(len_decrypt_endpoint); - snprintf(decrypt_endpoint_final,len_decrypt_endpoint,decrypt_endpoint,key_len_in_bits_str,sa_ptr->ek_ref,AES_GCM_TRANSFORMATION, iv_base64, AES_CRYPTO_ALGORITHM); + snprintf(decrypt_endpoint_final, len_decrypt_endpoint, decrypt_endpoint, key_len_in_bits_str, sa_ptr->ek_ref, + AES_GCM_TRANSFORMATION, iv_base64, AES_CRYPTO_ALGORITHM); - decrypt_uri = (char*) malloc(strlen(kmc_root_uri)+len_decrypt_endpoint); + decrypt_uri = (char *)malloc(strlen(kmc_root_uri) + len_decrypt_endpoint); decrypt_uri[0] = '\0'; strcat(decrypt_uri, kmc_root_uri); strcat(decrypt_uri, decrypt_endpoint_final); free(decrypt_endpoint_final); } #ifdef DEBUG - printf("Decrypt URI: %s\n",decrypt_uri); + printf("Decrypt URI: %s\n", decrypt_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, decrypt_uri); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); - memory_write* chunk_write = (memory_write*) calloc(1,MEMORY_WRITE_SIZE); - memory_read* chunk_read = (memory_read*) calloc(1,MEMORY_READ_SIZE);; + memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); + memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); + ; /* Configure CURL for POST */ curl_easy_setopt(curl, CURLOPT_POST, 1L); @@ -1646,14 +1694,14 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, curl_easy_setopt(curl, CURLOPT_WRITEDATA, chunk_write); /* size of the POST data */ - curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long) decrypt_payload_len); + curl_easy_setopt(curl, CURLOPT_POSTFIELDSIZE, (long)decrypt_payload_len); /* binary data */ curl_easy_setopt(curl, CURLOPT_POSTFIELDS, decrypt_payload); #ifdef DEBUG - printf("Len of decrypt payload: %ld\n",decrypt_payload_len); + printf("Len of decrypt payload: %ld\n", decrypt_payload_len); printf("Data to Decrypt: \n"); - for (uint32_t i=0; i < decrypt_payload_len; i++) + for (uint32_t i = 0; i < decrypt_payload_len; i++) { printf("%02x ", decrypt_payload[i]); } @@ -1661,9 +1709,9 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, #endif status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { - //free(decrypt_payload); + // free(decrypt_payload); free(decrypt_uri); free(iv_base64); return status; @@ -1673,12 +1721,14 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, // Parse the JSON string response jsmn_parser p; - jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ + jsmntok_t t[64]; /* We expect no more than 64 JSON tokens */ jsmn_init(&p); - int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, 64); // "chunk->response" is the char array holding the json content + int parse_result = jsmn_parse(&p, chunk_write->response, strlen(chunk_write->response), t, + 64); // "chunk->response" is the char array holding the json content // Find the 'base64ciphertext' token - if (parse_result < 0) { + if (parse_result < 0) + { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); free(decrypt_payload); @@ -1687,9 +1737,9 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, return status; } - int json_idx = 0; + int json_idx = 0; uint8_t ciphertext_found = CRYPTO_FALSE; - char* cleartext_base64 = NULL; + char *cleartext_base64 = NULL; for (json_idx = 1; json_idx < parse_result; json_idx++) { // check "httpCode" field for non-200 status codes!!! @@ -1701,11 +1751,11 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, chunk_write->response + t[json_idx + 1].start); #endif uint32_t len_cleartext = t[json_idx + 1].end - t[json_idx + 1].start; - cleartext_base64 = malloc(len_cleartext+1); - memcpy(cleartext_base64,chunk_write->response + t[json_idx + 1].start, len_cleartext); + cleartext_base64 = malloc(len_cleartext + 1); + memcpy(cleartext_base64, chunk_write->response + t[json_idx + 1].start, len_cleartext); cleartext_base64[len_cleartext] = '\0'; #ifdef DEBUG - printf("Parsed base64cleartext: %s\n",cleartext_base64); + printf("Parsed base64cleartext: %s\n", cleartext_base64); #endif json_idx++; ciphertext_found = CRYPTO_TRUE; @@ -1718,18 +1768,18 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, printf("httpCode: %.*s\n", t[json_idx + 1].end - t[json_idx + 1].start, chunk_write->response + t[json_idx + 1].start); #endif - uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; - char* http_code_str = malloc(len_httpcode+1); - memcpy(http_code_str,chunk_write->response + t[json_idx + 1].start, len_httpcode); + uint32_t len_httpcode = t[json_idx + 1].end - t[json_idx + 1].start; + char *http_code_str = malloc(len_httpcode + 1); + memcpy(http_code_str, chunk_write->response + t[json_idx + 1].start, len_httpcode); http_code_str[len_httpcode] = '\0'; - int http_code = atoi(http_code_str); + int http_code = atoi(http_code_str); #ifdef DEBUG - printf("Parsed http code: %d\n",http_code); + printf("Parsed http code: %d\n", http_code); #endif - if(http_code != 200) + if (http_code != 200) { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; - fprintf(stderr,"KMC Crypto Failure Response:\n%s\n",chunk_write->response); + fprintf(stderr, "KMC Crypto Failure Response:\n%s\n", chunk_write->response); free(chunk_read); free(chunk_write); free(http_code_str); @@ -1743,11 +1793,12 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, continue; } } - if(ciphertext_found == CRYPTO_FALSE){ + if (ciphertext_found == CRYPTO_FALSE) + { status = CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE; free(chunk_read); - free(chunk_write); - free(cleartext_base64); + free(chunk_write); + free(cleartext_base64); free(decrypt_payload); free(decrypt_uri); free(iv_base64); @@ -1756,13 +1807,13 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, /* JSON Response Handling End */ - uint8_t* cleartext_decoded = malloc((len_data_out + mac_size + aad_len)*2 + 1); - size_t cleartext_decoded_len = 0; - base64Decode(cleartext_base64,strlen(cleartext_base64),cleartext_decoded, &cleartext_decoded_len); + uint8_t *cleartext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1); + size_t cleartext_decoded_len = 0; + base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, &cleartext_decoded_len); #ifdef DEBUG - printf("Decoded Cipher Text Length: %ld\n",cleartext_decoded_len); + printf("Decoded Cipher Text Length: %ld\n", cleartext_decoded_len); printf("Decoded Cipher Text: \n"); - for (uint32_t i=0; i < cleartext_decoded_len; i++) + for (uint32_t i = 0; i < cleartext_decoded_len; i++) { printf("%02x ", cleartext_decoded[i]); } @@ -1771,9 +1822,9 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, // Copy the decrypted data to the output stream // Crypto Service returns aad - clear_text - if(decrypt_bool == CRYPTO_TRUE) + if (decrypt_bool == CRYPTO_TRUE) { - memcpy(data_out,cleartext_decoded + aad_len, len_data_out); + memcpy(data_out, cleartext_decoded + aad_len, len_data_out); } free(cleartext_decoded); free(chunk_read); @@ -1787,22 +1838,22 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, } // Local support functions -static int32_t get_auth_algorithm_from_acs(uint8_t acs_enum, const char** algo_ptr) +static int32_t get_auth_algorithm_from_acs(uint8_t acs_enum, const char **algo_ptr) { int32_t status = CRYPTO_LIB_ERR_UNSUPPORTED_ACS; // All valid algo enums will be positive - switch(acs_enum) + switch (acs_enum) { case CRYPTO_MAC_CMAC_AES256: - status = CRYPTO_LIB_SUCCESS; + status = CRYPTO_LIB_SUCCESS; *algo_ptr = AES_CMAC_TRANSFORMATION; break; case CRYPTO_MAC_HMAC_SHA256: - status = CRYPTO_LIB_SUCCESS; + status = CRYPTO_LIB_SUCCESS; *algo_ptr = HMAC_SHA256; break; case CRYPTO_MAC_HMAC_SHA512: - status = CRYPTO_LIB_SUCCESS; + status = CRYPTO_LIB_SUCCESS; *algo_ptr = HMAC_SHA512; break; default: @@ -1812,27 +1863,27 @@ static int32_t get_auth_algorithm_from_acs(uint8_t acs_enum, const char** algo_p break; } - return(status); + return (status); } // libcurl local functions -static size_t write_callback(void* data, size_t size, size_t nmemb, void* userp) +static size_t write_callback(void *data, size_t size, size_t nmemb, void *userp) { - size_t realsize = size * nmemb; - memory_write *mem = (memory_write *)userp; + size_t realsize = size * nmemb; + memory_write *mem = (memory_write *)userp; - char* ptr; - if(mem->response != NULL) + char *ptr; + if (mem->response != NULL) { ptr = realloc(mem->response, mem->size + realsize + 1); } else { - ptr = malloc(realsize+1); + ptr = malloc(realsize + 1); } - if(ptr == NULL) - return 0; /* out of memory! */ + if (ptr == NULL) + return 0; /* out of memory! */ mem->response = ptr; memcpy(&(mem->response[mem->size]), data, realsize); @@ -1842,14 +1893,15 @@ static size_t write_callback(void* data, size_t size, size_t nmemb, void* userp) return realsize; } -static size_t read_callback(char* dest, size_t size, size_t nmemb, void* userp) +static size_t read_callback(char *dest, size_t size, size_t nmemb, void *userp) { - memory_read *wt = (memory_read *)userp; - size_t buffer_size = size*nmemb; - if(wt->size) { + memory_read *wt = (memory_read *)userp; + size_t buffer_size = size * nmemb; + if (wt->size) + { /* copy as much as possible from the source to the destination */ size_t copy_this_much = wt->size; - if(copy_this_much > buffer_size) + if (copy_this_much > buffer_size) copy_this_much = buffer_size; memcpy(dest, wt->response, copy_this_much); @@ -1861,54 +1913,64 @@ static size_t read_callback(char* dest, size_t size, size_t nmemb, void* userp) return 0; /* no more data left to deliver */ } -static int32_t configure_curl_connect_opts(CURL* curl_handle, char* cam_cookies) +static int32_t configure_curl_connect_opts(CURL *curl_handle, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; status = handle_cam_cookies(curl_handle, cam_cookies); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } - //curl_easy_setopt(curl_handle, CURLOPT_PROTOCOLS,CURLPROTO_HTTPS); // use default CURLPROTO_ALL + // curl_easy_setopt(curl_handle, CURLOPT_PROTOCOLS,CURLPROTO_HTTPS); // use default CURLPROTO_ALL #ifdef DEBUG - printf("KMC Crypto Port: %d\n",cryptography_kmc_crypto_config->kmc_crypto_port); - printf("KMC mTLS Client Cert Path: %s\n",cryptography_kmc_crypto_config->mtls_client_cert_path); - printf("KMC mTLS Client Key Path: %s\n",cryptography_kmc_crypto_config->mtls_client_key_path); + printf("KMC Crypto Port: %d\n", cryptography_kmc_crypto_config->kmc_crypto_port); + printf("KMC mTLS Client Cert Path: %s\n", cryptography_kmc_crypto_config->mtls_client_cert_path); + printf("KMC mTLS Client Key Path: %s\n", cryptography_kmc_crypto_config->mtls_client_key_path); - if(cryptography_kmc_crypto_config->mtls_client_cert_type != NULL){ - printf("KMC mTLS Client Cert Type: %s\n",cryptography_kmc_crypto_config->mtls_client_cert_type); + if (cryptography_kmc_crypto_config->mtls_client_cert_type != NULL) + { + printf("KMC mTLS Client Cert Type: %s\n", cryptography_kmc_crypto_config->mtls_client_cert_type); } - if(cryptography_kmc_crypto_config->mtls_ca_bundle != NULL){ - printf("KMC mTLS CA Bundle: %s\n",cryptography_kmc_crypto_config->mtls_ca_bundle); + if (cryptography_kmc_crypto_config->mtls_ca_bundle != NULL) + { + printf("KMC mTLS CA Bundle: %s\n", cryptography_kmc_crypto_config->mtls_ca_bundle); } - if(cryptography_kmc_crypto_config->mtls_ca_path != NULL){ - printf("KMC mTLS CA Path: %s\n",cryptography_kmc_crypto_config->mtls_ca_path); + if (cryptography_kmc_crypto_config->mtls_ca_path != NULL) + { + printf("KMC mTLS CA Path: %s\n", cryptography_kmc_crypto_config->mtls_ca_path); } - if(cryptography_kmc_crypto_config->mtls_issuer_cert != NULL){ - printf("KMC mTLS Client Issuer Cert: %s\n",cryptography_kmc_crypto_config->mtls_issuer_cert); + if (cryptography_kmc_crypto_config->mtls_issuer_cert != NULL) + { + printf("KMC mTLS Client Issuer Cert: %s\n", cryptography_kmc_crypto_config->mtls_issuer_cert); } #endif curl_easy_setopt(curl_handle, CURLOPT_PORT, cryptography_kmc_crypto_config->kmc_crypto_port); curl_easy_setopt(curl_handle, CURLOPT_SSLCERT, cryptography_kmc_crypto_config->mtls_client_cert_path); curl_easy_setopt(curl_handle, CURLOPT_SSLKEY, cryptography_kmc_crypto_config->mtls_client_key_path); - if(cryptography_kmc_crypto_config->mtls_client_cert_type != NULL){ + if (cryptography_kmc_crypto_config->mtls_client_cert_type != NULL) + { curl_easy_setopt(curl_handle, CURLOPT_SSLCERTTYPE, cryptography_kmc_crypto_config->mtls_client_cert_type); } - if(cryptography_kmc_crypto_config->mtls_client_key_pass != NULL){ + if (cryptography_kmc_crypto_config->mtls_client_key_pass != NULL) + { curl_easy_setopt(curl_handle, CURLOPT_KEYPASSWD, cryptography_kmc_crypto_config->mtls_client_key_pass); } - if(cryptography_kmc_crypto_config->mtls_ca_bundle != NULL){ + if (cryptography_kmc_crypto_config->mtls_ca_bundle != NULL) + { curl_easy_setopt(curl_handle, CURLOPT_CAINFO, cryptography_kmc_crypto_config->mtls_ca_bundle); } - if(cryptography_kmc_crypto_config->mtls_ca_path != NULL){ + if (cryptography_kmc_crypto_config->mtls_ca_path != NULL) + { curl_easy_setopt(curl_handle, CURLOPT_CAPATH, cryptography_kmc_crypto_config->mtls_ca_path); } - if(cryptography_kmc_crypto_config->mtls_issuer_cert != NULL){ + if (cryptography_kmc_crypto_config->mtls_issuer_cert != NULL) + { curl_easy_setopt(curl_handle, CURLOPT_ISSUERCERT, cryptography_kmc_crypto_config->mtls_issuer_cert); } - if(cryptography_kmc_crypto_config->ignore_ssl_hostname_validation == CRYPTO_TRUE){ + if (cryptography_kmc_crypto_config->ignore_ssl_hostname_validation == CRYPTO_TRUE) + { curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0L); curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYPEER, 0L); } @@ -1916,21 +1978,21 @@ static int32_t configure_curl_connect_opts(CURL* curl_handle, char* cam_cookies) return status; } -static int32_t handle_cam_cookies(CURL* curl_handle, char* cam_cookies) +static int32_t handle_cam_cookies(CURL *curl_handle, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; - if(cam_config != NULL) + if (cam_config != NULL) { - if(cam_config->cam_enabled) + if (cam_config->cam_enabled) { - if(cam_cookies != NULL) // cam_cookies passed in should ALWAYS take precedence in what's used + if (cam_cookies != NULL) // cam_cookies passed in should ALWAYS take precedence in what's used { curl_easy_setopt(curl_handle, CURLOPT_COOKIE, cam_cookies); return status; } - if(cam_config->cookie_file_path == NULL) // all auth methods rely on cookie file sets/gets, error if null + if (cam_config->cookie_file_path == NULL) // all auth methods rely on cookie file sets/gets, error if null { status = CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL; return status; @@ -1938,7 +2000,7 @@ static int32_t handle_cam_cookies(CURL* curl_handle, char* cam_cookies) else { #ifdef DEBUG - printf("Setting CURLOPT_COOKIEFILE: %s\n",cam_config->cookie_file_path); + printf("Setting CURLOPT_COOKIEFILE: %s\n", cam_config->cookie_file_path); #endif curl_easy_setopt(curl_handle, CURLOPT_COOKIEFILE, cam_config->cookie_file_path); } @@ -1949,14 +2011,14 @@ static int32_t handle_cam_cookies(CURL* curl_handle, char* cam_cookies) static int32_t get_cam_sso_token() { - int32_t status = CRYPTO_LIB_SUCCESS; - CURL* curl_cam; + int32_t status = CRYPTO_LIB_SUCCESS; + CURL *curl_cam; CURLcode res; - if(cam_config->login_method == CAM_LOGIN_KEYTAB_FILE) + if (cam_config->login_method == CAM_LOGIN_KEYTAB_FILE) { status = initialize_kerberos_keytab_file_login(); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { return status; } @@ -1964,94 +2026,98 @@ static int32_t get_cam_sso_token() curl_cam = curl_easy_init(); - if(curl_cam == NULL) + if (curl_cam == NULL) { status = CRYPTOGRAPHY_KMC_CURL_INITIALIZATION_FAILURE; return status; } // Set CA verification options for curl_cam handle from KMC Crypto Configs... - if(cryptography_kmc_crypto_config->mtls_ca_bundle != NULL){ + if (cryptography_kmc_crypto_config->mtls_ca_bundle != NULL) + { curl_easy_setopt(curl_cam, CURLOPT_CAINFO, cryptography_kmc_crypto_config->mtls_ca_bundle); } - if(cryptography_kmc_crypto_config->mtls_ca_path != NULL){ + if (cryptography_kmc_crypto_config->mtls_ca_path != NULL) + { curl_easy_setopt(curl_cam, CURLOPT_CAPATH, cryptography_kmc_crypto_config->mtls_ca_path); } - if(cryptography_kmc_crypto_config->mtls_issuer_cert != NULL){ + if (cryptography_kmc_crypto_config->mtls_issuer_cert != NULL) + { curl_easy_setopt(curl_cam, CURLOPT_ISSUERCERT, cryptography_kmc_crypto_config->mtls_issuer_cert); } - if(cryptography_kmc_crypto_config->ignore_ssl_hostname_validation == CRYPTO_TRUE){ + if (cryptography_kmc_crypto_config->ignore_ssl_hostname_validation == CRYPTO_TRUE) + { curl_easy_setopt(curl_cam, CURLOPT_SSL_VERIFYHOST, 0L); curl_easy_setopt(curl_cam, CURLOPT_SSL_VERIFYPEER, 0L); } - if(cam_config->access_manager_uri == NULL) + if (cam_config->access_manager_uri == NULL) { status = CAM_INVALID_CONFIGURATION_ACCESS_MANAGER_URI_NULL; return status; } - if(cam_config->cookie_file_path == NULL) + if (cam_config->cookie_file_path == NULL) { status = CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL; return status; } - curl_easy_setopt(curl_cam,CURLOPT_HTTPAUTH,CURLAUTH_NEGOTIATE); + curl_easy_setopt(curl_cam, CURLOPT_HTTPAUTH, CURLAUTH_NEGOTIATE); - if(cam_config->username != NULL) + if (cam_config->username != NULL) { curl_easy_setopt(curl_cam, CURLOPT_USERNAME, cam_config->username); - } else + } + else { curl_easy_setopt(curl_cam, CURLOPT_USERNAME, ":"); } // Build the CAM getSsoToken URI - int len_kerberos_endpoint = strlen(cam_kerberos_uri) + strlen(cam_config->access_manager_uri); - char* kerberos_endpoint_final = (char*) malloc(len_kerberos_endpoint + 1); - snprintf(kerberos_endpoint_final,len_kerberos_endpoint,cam_kerberos_uri,cam_config->access_manager_uri); + int len_kerberos_endpoint = strlen(cam_kerberos_uri) + strlen(cam_config->access_manager_uri); + char *kerberos_endpoint_final = (char *)malloc(len_kerberos_endpoint + 1); + snprintf(kerberos_endpoint_final, len_kerberos_endpoint, cam_kerberos_uri, cam_config->access_manager_uri); #ifdef DEBUG - printf("CAM Kerberos Endpoint: %s\n",kerberos_endpoint_final); + printf("CAM Kerberos Endpoint: %s\n", kerberos_endpoint_final); #endif - curl_easy_setopt(curl_cam,CURLOPT_URL,kerberos_endpoint_final); + curl_easy_setopt(curl_cam, CURLOPT_URL, kerberos_endpoint_final); - memory_read* chunk_read = (memory_read*) calloc(1,MEMORY_READ_SIZE); - memory_write* chunk_write = (memory_write*) calloc(1,MEMORY_WRITE_SIZE); + memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); + memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); /* Configure CURL for POST */ curl_easy_setopt(curl_cam, CURLOPT_POST, 1L); /* send all data to this function */ curl_easy_setopt(curl_cam, CURLOPT_READFUNCTION, read_callback); - curl_easy_setopt(curl_cam,CURLOPT_WRITEFUNCTION, write_callback); + curl_easy_setopt(curl_cam, CURLOPT_WRITEFUNCTION, write_callback); /* we pass our 'chunk' struct to the callback function */ curl_easy_setopt(curl_cam, CURLOPT_READDATA, chunk_read); - curl_easy_setopt(curl_cam,CURLOPT_WRITEDATA,chunk_write); + curl_easy_setopt(curl_cam, CURLOPT_WRITEDATA, chunk_write); curl_easy_setopt(curl_cam, CURLOPT_COOKIEJAR, cam_config->cookie_file_path); res = curl_easy_perform(curl_cam); - if(res != CURLE_OK) // This is not return code, this is successful response that's unusable! + if (res != CURLE_OK) // This is not return code, this is successful response that's unusable! { status = CAM_GET_SSO_TOKEN_FAILURE; - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); + fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res)); - //return status; + // return status; } long response_code; curl_easy_getinfo(curl_cam, CURLINFO_RESPONSE_CODE, &response_code); #ifdef DEBUG - printf("Response Code From getSsoToken: %ld\n",response_code); + printf("Response Code From getSsoToken: %ld\n", response_code); #endif - if(response_code == 408) // CAM getSsoToken timeout error + if (response_code == 408) // CAM getSsoToken timeout error { status = CAM_KERBEROS_REQUEST_TIME_OUT; } - else if(response_code != 200) //getSsoToken failed! + else if (response_code != 200) // getSsoToken failed! { status = CAM_GET_SSO_TOKEN_FAILURE; } @@ -2063,10 +2129,10 @@ static int32_t get_cam_sso_token() return status; } -static char* int_to_str(uint32_t int_src, uint32_t* converted_str_length) +static char *int_to_str(uint32_t int_src, uint32_t *converted_str_length) { - int int_str_len = snprintf( NULL, 0, "%d", int_src); - char* int_str = malloc( int_str_len + 1); + int int_str_len = snprintf(NULL, 0, "%d", int_src); + char *int_str = malloc(int_str_len + 1); snprintf(int_str, int_str_len + 1, "%d", int_src); *converted_str_length = int_str_len; return int_str; @@ -2074,16 +2140,17 @@ static char* int_to_str(uint32_t int_src, uint32_t* converted_str_length) // JSON local functions -static int jsoneq(const char* json, jsmntok_t* tok, const char* s) +static int jsoneq(const char *json, jsmntok_t *tok, const char *s) { if (tok->type == JSMN_STRING && (int)strlen(s) == tok->end - tok->start && - strncmp(json + tok->start, s, tok->end - tok->start) == 0) { + strncmp(json + tok->start, s, tok->end - tok->start) == 0) + { return 0; } return -1; } -int32_t curl_response_error_check(CURL* curl_handle, char* response) +int32_t curl_response_error_check(CURL *curl_handle, char *response) { int32_t response_status = CRYPTO_LIB_SUCCESS; @@ -2091,18 +2158,22 @@ int32_t curl_response_error_check(CURL* curl_handle, char* response) curl_easy_getinfo(curl_handle, CURLINFO_RESPONSE_CODE, &response_code); #ifdef DEBUG - printf("cURL response code: %ld\n",response_code); + printf("cURL response code: %ld\n", response_code); #endif - if(response_code == 302) // redirected + if (response_code == 302) // redirected { - if(cam_config != NULL) + if (cam_config != NULL) { - if(cam_config->cam_enabled && cam_config->login_method == CAM_LOGIN_NONE) // redirect with cam enabled and no auth method means auth failure + if (cam_config->cam_enabled && + cam_config->login_method == + CAM_LOGIN_NONE) // redirect with cam enabled and no auth method means auth failure { response_status = CAM_AUTHENTICATION_FAILURE_REDIRECT; return response_status; - } else if (cam_config->cam_enabled && (cam_config->login_method == CAM_LOGIN_KERBEROS || cam_config->login_method == CAM_LOGIN_KEYTAB_FILE)) + } + else if (cam_config->cam_enabled && (cam_config->login_method == CAM_LOGIN_KERBEROS || + cam_config->login_method == CAM_LOGIN_KEYTAB_FILE)) { response_status = CAM_AUTHENTICATION_REQUIRED; return response_status; @@ -2115,7 +2186,7 @@ int32_t curl_response_error_check(CURL* curl_handle, char* response) } } - if(response_code != 200) // unhandled error case + if (response_code != 200) // unhandled error case { response_status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; return response_status; @@ -2125,7 +2196,7 @@ int32_t curl_response_error_check(CURL* curl_handle, char* response) printf("\ncURL Response Body:\n\t %s\n", response); #endif - if(response == NULL) // No response, possibly because service is CAM secured. + if (response == NULL) // No response, possibly because service is CAM secured. { response_status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE; fprintf(stderr, "curl_easy_perform() unexpected empty response: \n%s\n", @@ -2134,72 +2205,74 @@ int32_t curl_response_error_check(CURL* curl_handle, char* response) } return response_status; - } -int32_t curl_perform_with_cam_retries(CURL* curl_handle,memory_write* chunk_write, memory_read* chunk_read) +int32_t curl_perform_with_cam_retries(CURL *curl_handle, memory_write *chunk_write, memory_read *chunk_read) { - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; uint8_t cam_retry = 0; - while(cam_retry < CAM_MAX_AUTH_RETRIES) + while (cam_retry < CAM_MAX_AUTH_RETRIES) { #ifdef DEBUG - printf("Entering CAM Authentication Retry Loop, Loop #: %d\n",cam_retry); + printf("Entering CAM Authentication Retry Loop, Loop #: %d\n", cam_retry); #endif CURLcode res; res = curl_easy_perform(curl_handle); - if(res != CURLE_OK) // This is not a response w/return code, this is something breaking! + if (res != CURLE_OK) // This is not a response w/return code, this is something breaking! { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); + fprintf(stderr, "curl_easy_perform() failed: %s\n", curl_easy_strerror(res)); break; // Go to Post retry loop cleanup and return status. } status = curl_response_error_check(curl_handle, chunk_write->response); - if(status == CRYPTO_LIB_SUCCESS) // Crypto Service REST call worked! Break out of retry loop. + if (status == CRYPTO_LIB_SUCCESS) // Crypto Service REST call worked! Break out of retry loop. { break; } else { // Zero out chunk_write/chunk_read for next cURL perform call - memset(chunk_write,0,MEMORY_WRITE_SIZE); - memset(chunk_read,0,MEMORY_READ_SIZE); + memset(chunk_write, 0, MEMORY_WRITE_SIZE); + memset(chunk_read, 0, MEMORY_READ_SIZE); } - if(status == CAM_AUTHENTICATION_REQUIRED) // CAM_AUTHENTICATION_REQUIRED code indicates CAM config setup for authentication + if (status == CAM_AUTHENTICATION_REQUIRED) // CAM_AUTHENTICATION_REQUIRED code indicates CAM config setup for + // authentication { #ifdef DEBUG printf("Attempting to authenticate and retrieve CAM SSO Token.\n"); #endif status = get_cam_sso_token(); - if(status == CAM_KERBEROS_REQUEST_TIME_OUT) + if (status == CAM_KERBEROS_REQUEST_TIME_OUT) { - //Non-fatal getSsoToken failure... Attempt CAM retry... + // Non-fatal getSsoToken failure... Attempt CAM retry... } - else if(status != CRYPTO_LIB_SUCCESS) + else if (status != CRYPTO_LIB_SUCCESS) { return status; // Fatal getSsoToken error, break } - else if(status == CRYPTO_LIB_SUCCESS) + else if (status == CRYPTO_LIB_SUCCESS) { - //Re-handle CAM cookie file, when cookie file is regenerated above, the existing curl_handle doesn't recognize it - status = handle_cam_cookies(curl_handle,NULL); + // Re-handle CAM cookie file, when cookie file is regenerated above, the existing curl_handle doesn't + // recognize it + status = handle_cam_cookies(curl_handle, NULL); } - } else // Conditions not met for CAM retry! Break out of retry loop. + } + else // Conditions not met for CAM retry! Break out of retry loop. { break; } cam_retry++; - if(cam_retry == CAM_MAX_AUTH_RETRIES) + if (cam_retry == CAM_MAX_AUTH_RETRIES) { status = CAM_MAX_AUTH_RETRIES_REACHED; } } - if(status == CRYPTO_LIB_SUCCESS && chunk_write->response==NULL) // no error case detected, but invalid NULL response! + if (status == CRYPTO_LIB_SUCCESS && + chunk_write->response == NULL) // no error case detected, but invalid NULL response! { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE; } @@ -2211,37 +2284,40 @@ int32_t curl_perform_with_cam_retries(CURL* curl_handle,memory_write* chunk_writ * * This function launches the kinit kerberos utility to initialize credentials for the current user. * It may be possible to do this with the KRB5 API, but for now all we are doing is launching the kinit utility. - * Consider using the KRB5 APIs in a future release: https://web.mit.edu/kerberos/krb5-devel/doc/appdev/refs/api/index.html + * Consider using the KRB5 APIs in a future release: + *https://web.mit.edu/kerberos/krb5-devel/doc/appdev/refs/api/index.html * * -**/ + **/ int32_t initialize_kerberos_keytab_file_login(void) { int32_t status = CRYPTO_LIB_SUCCESS; - if(cam_config->keytab_file_path == NULL) + if (cam_config->keytab_file_path == NULL) { status = CAM_INVALID_CONFIGURATION_KEYTAB_FILE_PATH_NULL; return status; } - if(cam_config->username == NULL) + if (cam_config->username == NULL) { status = CAM_INVALID_CONFIGURATION_KEYTAB_FILE_USERNAME_NULL; return status; } // Build the kinit shell command with keytab file path + username - char* kinit_shell_command_base = "kinit -kt %s %s"; - uint32_t len_kinit_shell_command = strlen(kinit_shell_command_base) + strlen(cam_config->keytab_file_path) + strlen(cam_config->username); - char* kinit_shell_command = malloc(len_kinit_shell_command + 1); - snprintf(kinit_shell_command,len_kinit_shell_command,kinit_shell_command_base,cam_config->keytab_file_path,cam_config->username); + char *kinit_shell_command_base = "kinit -kt %s %s"; + uint32_t len_kinit_shell_command = + strlen(kinit_shell_command_base) + strlen(cam_config->keytab_file_path) + strlen(cam_config->username); + char *kinit_shell_command = malloc(len_kinit_shell_command + 1); + snprintf(kinit_shell_command, len_kinit_shell_command, kinit_shell_command_base, cam_config->keytab_file_path, + cam_config->username); int32_t kinit_status = system(kinit_shell_command); #ifdef DEBUG printf("Kinit Status: %d\n", kinit_status); #endif - if(kinit_status != CRYPTO_LIB_SUCCESS) + if (kinit_status != CRYPTO_LIB_SUCCESS) { status = CAM_KEYTAB_FILE_KINIT_FAILURE; } @@ -2251,7 +2327,7 @@ int32_t initialize_kerberos_keytab_file_login(void) } /** - * @brief Function: cryptography_get_acs_algo. Maps Cryptolib ACS enums to KMC enums + * @brief Function: cryptography_get_acs_algo. Maps Cryptolib ACS enums to KMC enums * It is possible for supported algos to vary between crypto libraries * @param algo_enum **/ @@ -2278,7 +2354,7 @@ int32_t cryptography_get_acs_algo(int8_t algo_enum) } /** - * @brief Function: cryptography_get_ecs_algo. Maps Cryptolib ECS enums to KMC enums + * @brief Function: cryptography_get_ecs_algo. Maps Cryptolib ECS enums to KMC enums * It is possible for supported algos to vary between crypto libraries * @param algo_enum **/ diff --git a/src/crypto/kmc/jsmn.h b/src/crypto/kmc/jsmn.h index 606aaf9a..e7f37c87 100644 --- a/src/crypto/kmc/jsmn.h +++ b/src/crypto/kmc/jsmn.h @@ -27,7 +27,8 @@ #include #ifdef __cplusplus -extern "C" { +extern "C" +{ #endif #ifdef JSMN_STATIC @@ -36,431 +37,480 @@ extern "C" { #define JSMN_API extern #endif -/** - * JSON type identifier. Basic types are: - * o Object - * o Array - * o String - * o Other primitive: number, boolean (true/false) or null - */ -typedef enum { - JSMN_UNDEFINED = 0, - JSMN_OBJECT = 1 << 0, - JSMN_ARRAY = 1 << 1, - JSMN_STRING = 1 << 2, - JSMN_PRIMITIVE = 1 << 3 -} jsmntype_t; + /** + * JSON type identifier. Basic types are: + * o Object + * o Array + * o String + * o Other primitive: number, boolean (true/false) or null + */ + typedef enum + { + JSMN_UNDEFINED = 0, + JSMN_OBJECT = 1 << 0, + JSMN_ARRAY = 1 << 1, + JSMN_STRING = 1 << 2, + JSMN_PRIMITIVE = 1 << 3 + } jsmntype_t; -enum jsmnerr { - /* Not enough tokens were provided */ - JSMN_ERROR_NOMEM = -1, - /* Invalid character inside JSON string */ - JSMN_ERROR_INVAL = -2, - /* The string is not a full JSON packet, more bytes expected */ - JSMN_ERROR_PART = -3 -}; + enum jsmnerr + { + /* Not enough tokens were provided */ + JSMN_ERROR_NOMEM = -1, + /* Invalid character inside JSON string */ + JSMN_ERROR_INVAL = -2, + /* The string is not a full JSON packet, more bytes expected */ + JSMN_ERROR_PART = -3 + }; -/** - * JSON token description. - * type type (object, array, string etc.) - * start start position in JSON data string - * end end position in JSON data string - */ -typedef struct jsmntok { - jsmntype_t type; - int start; - int end; - int size; + /** + * JSON token description. + * type type (object, array, string etc.) + * start start position in JSON data string + * end end position in JSON data string + */ + typedef struct jsmntok + { + jsmntype_t type; + int start; + int end; + int size; #ifdef JSMN_PARENT_LINKS - int parent; + int parent; #endif -} jsmntok_t; + } jsmntok_t; -/** - * JSON parser. Contains an array of token blocks available. Also stores - * the string being parsed now and current position in that string. - */ -typedef struct jsmn_parser { - unsigned int pos; /* offset in the JSON string */ - unsigned int toknext; /* next token to allocate */ - int toksuper; /* superior token node, e.g. parent object or array */ -} jsmn_parser; + /** + * JSON parser. Contains an array of token blocks available. Also stores + * the string being parsed now and current position in that string. + */ + typedef struct jsmn_parser + { + unsigned int pos; /* offset in the JSON string */ + unsigned int toknext; /* next token to allocate */ + int toksuper; /* superior token node, e.g. parent object or array */ + } jsmn_parser; -/** - * Create JSON parser over an array of tokens - */ -JSMN_API void jsmn_init(jsmn_parser *parser); + /** + * Create JSON parser over an array of tokens + */ + JSMN_API void jsmn_init(jsmn_parser *parser); -/** - * Run JSON parser. It parses a JSON data string into and array of tokens, each - * describing - * a single JSON object. - */ -JSMN_API int jsmn_parse(jsmn_parser *parser, const char* js, const size_t len, - jsmntok_t* tokens, const unsigned int num_tokens); + /** + * Run JSON parser. It parses a JSON data string into and array of tokens, each + * describing + * a single JSON object. + */ + JSMN_API int jsmn_parse(jsmn_parser *parser, const char *js, const size_t len, jsmntok_t *tokens, + const unsigned int num_tokens); #ifndef JSMN_HEADER -/** - * Allocates a fresh unused token from the token pool. - */ -static jsmntok_t* jsmn_alloc_token(jsmn_parser *parser, jsmntok_t* tokens, - const size_t num_tokens) { - jsmntok_t* tok; - if (parser->toknext >= num_tokens) { - return NULL; - } - tok = &tokens[parser->toknext++]; - tok->start = tok->end = -1; - tok->size = 0; + /** + * Allocates a fresh unused token from the token pool. + */ + static jsmntok_t *jsmn_alloc_token(jsmn_parser *parser, jsmntok_t *tokens, const size_t num_tokens) + { + jsmntok_t *tok; + if (parser->toknext >= num_tokens) + { + return NULL; + } + tok = &tokens[parser->toknext++]; + tok->start = tok->end = -1; + tok->size = 0; #ifdef JSMN_PARENT_LINKS - tok->parent = -1; + tok->parent = -1; #endif - return tok; -} + return tok; + } -/** - * Fills token type and boundaries. - */ -static void jsmn_fill_token(jsmntok_t* token, const jsmntype_t type, - const int start, const int end) { - token->type = type; - token->start = start; - token->end = end; - token->size = 0; -} + /** + * Fills token type and boundaries. + */ + static void jsmn_fill_token(jsmntok_t *token, const jsmntype_t type, const int start, const int end) + { + token->type = type; + token->start = start; + token->end = end; + token->size = 0; + } -/** - * Fills next available token with JSON primitive. - */ -static int jsmn_parse_primitive(jsmn_parser *parser, const char* js, - const size_t len, jsmntok_t* tokens, - const size_t num_tokens) { - jsmntok_t* token; - int start; + /** + * Fills next available token with JSON primitive. + */ + static int jsmn_parse_primitive(jsmn_parser *parser, const char *js, const size_t len, jsmntok_t *tokens, + const size_t num_tokens) + { + jsmntok_t *token; + int start; - start = parser->pos; + start = parser->pos; - for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) { - switch (js[parser->pos]) { + for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) + { + switch (js[parser->pos]) + { #ifndef JSMN_STRICT - /* In strict mode primitive must be followed by "," or "}" or "]" */ - case ':': + /* In strict mode primitive must be followed by "," or "}" or "]" */ + case ':': #endif - case '\t': - case '\r': - case '\n': - case ' ': - case ',': - case ']': - case '}': - goto found; - default: - /* to quiet a warning from gcc*/ - break; - } - if (js[parser->pos] < 32 || js[parser->pos] >= 127) { - parser->pos = start; - return JSMN_ERROR_INVAL; - } - } + case '\t': + case '\r': + case '\n': + case ' ': + case ',': + case ']': + case '}': + goto found; + default: + /* to quiet a warning from gcc*/ + break; + } + if (js[parser->pos] < 32 || js[parser->pos] >= 127) + { + parser->pos = start; + return JSMN_ERROR_INVAL; + } + } #ifdef JSMN_STRICT - /* In strict mode primitive must be followed by a comma/object/array */ - parser->pos = start; - return JSMN_ERROR_PART; + /* In strict mode primitive must be followed by a comma/object/array */ + parser->pos = start; + return JSMN_ERROR_PART; #endif -found: - if (tokens == NULL) { - parser->pos--; - return 0; - } - token = jsmn_alloc_token(parser, tokens, num_tokens); - if (token == NULL) { - parser->pos = start; - return JSMN_ERROR_NOMEM; - } - jsmn_fill_token(token, JSMN_PRIMITIVE, start, parser->pos); + found: + if (tokens == NULL) + { + parser->pos--; + return 0; + } + token = jsmn_alloc_token(parser, tokens, num_tokens); + if (token == NULL) + { + parser->pos = start; + return JSMN_ERROR_NOMEM; + } + jsmn_fill_token(token, JSMN_PRIMITIVE, start, parser->pos); #ifdef JSMN_PARENT_LINKS - token->parent = parser->toksuper; + token->parent = parser->toksuper; #endif - parser->pos--; - return 0; -} + parser->pos--; + return 0; + } -/** - * Fills next token with JSON string. - */ -static int jsmn_parse_string(jsmn_parser *parser, const char* js, - const size_t len, jsmntok_t* tokens, - const size_t num_tokens) { - jsmntok_t* token; + /** + * Fills next token with JSON string. + */ + static int jsmn_parse_string(jsmn_parser *parser, const char *js, const size_t len, jsmntok_t *tokens, + const size_t num_tokens) + { + jsmntok_t *token; - int start = parser->pos; - - /* Skip starting quote */ - parser->pos++; - - for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) { - char c = js[parser->pos]; + int start = parser->pos; - /* Quote: end of string */ - if (c == '\"') { - if (tokens == NULL) { - return 0; - } - token = jsmn_alloc_token(parser, tokens, num_tokens); - if (token == NULL) { - parser->pos = start; - return JSMN_ERROR_NOMEM; - } - jsmn_fill_token(token, JSMN_STRING, start + 1, parser->pos); + /* Skip starting quote */ + parser->pos++; + + for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) + { + char c = js[parser->pos]; + + /* Quote: end of string */ + if (c == '\"') + { + if (tokens == NULL) + { + return 0; + } + token = jsmn_alloc_token(parser, tokens, num_tokens); + if (token == NULL) + { + parser->pos = start; + return JSMN_ERROR_NOMEM; + } + jsmn_fill_token(token, JSMN_STRING, start + 1, parser->pos); #ifdef JSMN_PARENT_LINKS - token->parent = parser->toksuper; + token->parent = parser->toksuper; #endif - return 0; - } + return 0; + } - /* Backslash: Quoted symbol expected */ - if (c == '\\' && parser->pos + 1 < len) { - int i; - parser->pos++; - switch (js[parser->pos]) { - /* Allowed escaped symbols */ - case '\"': - case '/': - case '\\': - case 'b': - case 'f': - case 'r': - case 'n': - case 't': - break; - /* Allows escaped symbol \uXXXX */ - case 'u': - parser->pos++; - for (i = 0; i < 4 && parser->pos < len && js[parser->pos] != '\0'; - i++) { - /* If it isn't a hex character we have an error */ - if (!((js[parser->pos] >= 48 && js[parser->pos] <= 57) || /* 0-9 */ - (js[parser->pos] >= 65 && js[parser->pos] <= 70) || /* A-F */ - (js[parser->pos] >= 97 && js[parser->pos] <= 102))) { /* a-f */ - parser->pos = start; - return JSMN_ERROR_INVAL; - } - parser->pos++; + /* Backslash: Quoted symbol expected */ + if (c == '\\' && parser->pos + 1 < len) + { + int i; + parser->pos++; + switch (js[parser->pos]) + { + /* Allowed escaped symbols */ + case '\"': + case '/': + case '\\': + case 'b': + case 'f': + case 'r': + case 'n': + case 't': + break; + /* Allows escaped symbol \uXXXX */ + case 'u': + parser->pos++; + for (i = 0; i < 4 && parser->pos < len && js[parser->pos] != '\0'; i++) + { + /* If it isn't a hex character we have an error */ + if (!((js[parser->pos] >= 48 && js[parser->pos] <= 57) || /* 0-9 */ + (js[parser->pos] >= 65 && js[parser->pos] <= 70) || /* A-F */ + (js[parser->pos] >= 97 && js[parser->pos] <= 102))) + { /* a-f */ + parser->pos = start; + return JSMN_ERROR_INVAL; + } + parser->pos++; + } + parser->pos--; + break; + /* Unexpected symbol */ + default: + parser->pos = start; + return JSMN_ERROR_INVAL; + } + } } - parser->pos--; - break; - /* Unexpected symbol */ - default: parser->pos = start; - return JSMN_ERROR_INVAL; - } + return JSMN_ERROR_PART; } - } - parser->pos = start; - return JSMN_ERROR_PART; -} -/** - * Parse JSON string and fill tokens. - */ -JSMN_API int jsmn_parse(jsmn_parser *parser, const char* js, const size_t len, - jsmntok_t* tokens, const unsigned int num_tokens) { - int r; - int i; - jsmntok_t* token; - int count = parser->toknext; + /** + * Parse JSON string and fill tokens. + */ + JSMN_API int jsmn_parse(jsmn_parser *parser, const char *js, const size_t len, jsmntok_t *tokens, + const unsigned int num_tokens) + { + int r; + int i; + jsmntok_t *token; + int count = parser->toknext; - for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) { - char c; - jsmntype_t type; + for (; parser->pos < len && js[parser->pos] != '\0'; parser->pos++) + { + char c; + jsmntype_t type; - c = js[parser->pos]; - switch (c) { - case '{': - case '[': - count++; - if (tokens == NULL) { - break; - } - token = jsmn_alloc_token(parser, tokens, num_tokens); - if (token == NULL) { - return JSMN_ERROR_NOMEM; - } - if (parser->toksuper != -1) { - jsmntok_t* t = &tokens[parser->toksuper]; + c = js[parser->pos]; + switch (c) + { + case '{': + case '[': + count++; + if (tokens == NULL) + { + break; + } + token = jsmn_alloc_token(parser, tokens, num_tokens); + if (token == NULL) + { + return JSMN_ERROR_NOMEM; + } + if (parser->toksuper != -1) + { + jsmntok_t *t = &tokens[parser->toksuper]; #ifdef JSMN_STRICT - /* In strict mode an object or array can't become a key */ - if (t->type == JSMN_OBJECT) { - return JSMN_ERROR_INVAL; - } + /* In strict mode an object or array can't become a key */ + if (t->type == JSMN_OBJECT) + { + return JSMN_ERROR_INVAL; + } #endif - t->size++; + t->size++; #ifdef JSMN_PARENT_LINKS - token->parent = parser->toksuper; + token->parent = parser->toksuper; #endif - } - token->type = (c == '{' ? JSMN_OBJECT : JSMN_ARRAY); - token->start = parser->pos; - parser->toksuper = parser->toknext - 1; - break; - case '}': - case ']': - if (tokens == NULL) { - break; - } - type = (c == '}' ? JSMN_OBJECT : JSMN_ARRAY); + } + token->type = (c == '{' ? JSMN_OBJECT : JSMN_ARRAY); + token->start = parser->pos; + parser->toksuper = parser->toknext - 1; + break; + case '}': + case ']': + if (tokens == NULL) + { + break; + } + type = (c == '}' ? JSMN_OBJECT : JSMN_ARRAY); #ifdef JSMN_PARENT_LINKS - if (parser->toknext < 1) { - return JSMN_ERROR_INVAL; - } - token = &tokens[parser->toknext - 1]; - for (;;) { - if (token->start != -1 && token->end == -1) { - if (token->type != type) { - return JSMN_ERROR_INVAL; - } - token->end = parser->pos + 1; - parser->toksuper = token->parent; - break; - } - if (token->parent == -1) { - if (token->type != type || parser->toksuper == -1) { - return JSMN_ERROR_INVAL; - } - break; - } - token = &tokens[token->parent]; - } + if (parser->toknext < 1) + { + return JSMN_ERROR_INVAL; + } + token = &tokens[parser->toknext - 1]; + for (;;) + { + if (token->start != -1 && token->end == -1) + { + if (token->type != type) + { + return JSMN_ERROR_INVAL; + } + token->end = parser->pos + 1; + parser->toksuper = token->parent; + break; + } + if (token->parent == -1) + { + if (token->type != type || parser->toksuper == -1) + { + return JSMN_ERROR_INVAL; + } + break; + } + token = &tokens[token->parent]; + } #else - for (i = parser->toknext - 1; i >= 0; i--) { - token = &tokens[i]; - if (token->start != -1 && token->end == -1) { - if (token->type != type) { - return JSMN_ERROR_INVAL; - } - parser->toksuper = -1; - token->end = parser->pos + 1; - break; - } - } - /* Error if unmatched closing bracket */ - if (i == -1) { - return JSMN_ERROR_INVAL; - } - for (; i >= 0; i--) { - token = &tokens[i]; - if (token->start != -1 && token->end == -1) { - parser->toksuper = i; - break; - } - } + for (i = parser->toknext - 1; i >= 0; i--) + { + token = &tokens[i]; + if (token->start != -1 && token->end == -1) + { + if (token->type != type) + { + return JSMN_ERROR_INVAL; + } + parser->toksuper = -1; + token->end = parser->pos + 1; + break; + } + } + /* Error if unmatched closing bracket */ + if (i == -1) + { + return JSMN_ERROR_INVAL; + } + for (; i >= 0; i--) + { + token = &tokens[i]; + if (token->start != -1 && token->end == -1) + { + parser->toksuper = i; + break; + } + } #endif - break; - case '\"': - r = jsmn_parse_string(parser, js, len, tokens, num_tokens); - if (r < 0) { - return r; - } - count++; - if (parser->toksuper != -1 && tokens != NULL) { - tokens[parser->toksuper].size++; - } - break; - case '\t': - case '\r': - case '\n': - case ' ': - break; - case ':': - parser->toksuper = parser->toknext - 1; - break; - case ',': - if (tokens != NULL && parser->toksuper != -1 && - tokens[parser->toksuper].type != JSMN_ARRAY && - tokens[parser->toksuper].type != JSMN_OBJECT) { + break; + case '\"': + r = jsmn_parse_string(parser, js, len, tokens, num_tokens); + if (r < 0) + { + return r; + } + count++; + if (parser->toksuper != -1 && tokens != NULL) + { + tokens[parser->toksuper].size++; + } + break; + case '\t': + case '\r': + case '\n': + case ' ': + break; + case ':': + parser->toksuper = parser->toknext - 1; + break; + case ',': + if (tokens != NULL && parser->toksuper != -1 && tokens[parser->toksuper].type != JSMN_ARRAY && + tokens[parser->toksuper].type != JSMN_OBJECT) + { #ifdef JSMN_PARENT_LINKS - parser->toksuper = tokens[parser->toksuper].parent; + parser->toksuper = tokens[parser->toksuper].parent; #else - for (i = parser->toknext - 1; i >= 0; i--) { - if (tokens[i].type == JSMN_ARRAY || tokens[i].type == JSMN_OBJECT) { - if (tokens[i].start != -1 && tokens[i].end == -1) { - parser->toksuper = i; - break; - } - } - } + for (i = parser->toknext - 1; i >= 0; i--) + { + if (tokens[i].type == JSMN_ARRAY || tokens[i].type == JSMN_OBJECT) + { + if (tokens[i].start != -1 && tokens[i].end == -1) + { + parser->toksuper = i; + break; + } + } + } #endif - } - break; + } + break; #ifdef JSMN_STRICT - /* In strict mode primitives are: numbers and booleans */ - case '-': - case '0': - case '1': - case '2': - case '3': - case '4': - case '5': - case '6': - case '7': - case '8': - case '9': - case 't': - case 'f': - case 'n': - /* And they must not be keys of the object */ - if (tokens != NULL && parser->toksuper != -1) { - const jsmntok_t* t = &tokens[parser->toksuper]; - if (t->type == JSMN_OBJECT || - (t->type == JSMN_STRING && t->size != 0)) { - return JSMN_ERROR_INVAL; - } - } + /* In strict mode primitives are: numbers and booleans */ + case '-': + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + case '8': + case '9': + case 't': + case 'f': + case 'n': + /* And they must not be keys of the object */ + if (tokens != NULL && parser->toksuper != -1) + { + const jsmntok_t *t = &tokens[parser->toksuper]; + if (t->type == JSMN_OBJECT || (t->type == JSMN_STRING && t->size != 0)) + { + return JSMN_ERROR_INVAL; + } + } #else - /* In non-strict mode every unquoted value is a primitive */ - default: + /* In non-strict mode every unquoted value is a primitive */ + default: #endif - r = jsmn_parse_primitive(parser, js, len, tokens, num_tokens); - if (r < 0) { - return r; - } - count++; - if (parser->toksuper != -1 && tokens != NULL) { - tokens[parser->toksuper].size++; - } - break; + r = jsmn_parse_primitive(parser, js, len, tokens, num_tokens); + if (r < 0) + { + return r; + } + count++; + if (parser->toksuper != -1 && tokens != NULL) + { + tokens[parser->toksuper].size++; + } + break; #ifdef JSMN_STRICT - /* Unexpected char in strict mode */ - default: - return JSMN_ERROR_INVAL; + /* Unexpected char in strict mode */ + default: + return JSMN_ERROR_INVAL; #endif - } - } + } + } - if (tokens != NULL) { - for (i = parser->toknext - 1; i >= 0; i--) { - /* Unmatched opened object or array */ - if (tokens[i].start != -1 && tokens[i].end == -1) { - return JSMN_ERROR_PART; - } - } - } + if (tokens != NULL) + { + for (i = parser->toknext - 1; i >= 0; i--) + { + /* Unmatched opened object or array */ + if (tokens[i].start != -1 && tokens[i].end == -1) + { + return JSMN_ERROR_PART; + } + } + } - return count; -} + return count; + } -/** - * Creates a new parser based over a given buffer with an array of tokens - * available. - */ -JSMN_API void jsmn_init(jsmn_parser *parser) { - parser->pos = 0; - parser->toknext = 0; - parser->toksuper = -1; -} + /** + * Creates a new parser based over a given buffer with an array of tokens + * available. + */ + JSMN_API void jsmn_init(jsmn_parser *parser) + { + parser->pos = 0; + parser->toknext = 0; + parser->toksuper = -1; + } #endif /* JSMN_HEADER */ diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index b1985d37..a53eddb6 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -14,62 +14,40 @@ #include - #include "crypto.h" #include "crypto_error.h" #include "cryptography_interface.h" - // Cryptography Interface Initialization & Management Functions static int32_t cryptography_config(void); static int32_t cryptography_init(void); static int32_t cryptography_shutdown(void); // Cryptography Interface Functions -static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len,uint8_t* ecs, uint8_t padding, char* cam_cookies); -static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* ecs, uint8_t* acs, char* cam_cookies); -static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies); -static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t len_data_out, - const uint8_t* data_in, const size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - const uint8_t* iv, uint32_t iv_len, - const uint8_t* mac, uint32_t mac_size, - const uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies); -static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t encrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies); -static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t decrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies); +static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t padding, char *cam_cookies); +static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t *acs, char *cam_cookies); +static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies); +static int32_t cryptography_validate_authentication(uint8_t *data_out, size_t len_data_out, const uint8_t *data_in, + const size_t len_data_in, uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, const uint8_t *iv, uint32_t iv_len, + const uint8_t *mac, uint32_t mac_size, const uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies); +static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t encrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies); +static int32_t cryptography_aead_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t decrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies); static int32_t cryptography_get_acs_algo(int8_t algo_enum); static int32_t cryptography_get_ecs_algo(int8_t algo_enum); static int32_t cryptography_get_ecs_mode(int8_t algo_enum); @@ -82,17 +60,17 @@ static CryptographyInterfaceStruct cryptography_if_struct; CryptographyInterface get_cryptography_interface_libgcrypt(void) { - cryptography_if_struct.cryptography_config = cryptography_config; - cryptography_if_struct.cryptography_init = cryptography_init; - cryptography_if_struct.cryptography_shutdown = cryptography_shutdown; - cryptography_if_struct.cryptography_encrypt = cryptography_encrypt; - cryptography_if_struct.cryptography_decrypt = cryptography_decrypt; - cryptography_if_struct.cryptography_authenticate = cryptography_authenticate; + cryptography_if_struct.cryptography_config = cryptography_config; + cryptography_if_struct.cryptography_init = cryptography_init; + cryptography_if_struct.cryptography_shutdown = cryptography_shutdown; + cryptography_if_struct.cryptography_encrypt = cryptography_encrypt; + cryptography_if_struct.cryptography_decrypt = cryptography_decrypt; + cryptography_if_struct.cryptography_authenticate = cryptography_authenticate; cryptography_if_struct.cryptography_validate_authentication = cryptography_validate_authentication; - cryptography_if_struct.cryptography_aead_encrypt = cryptography_aead_encrypt; - cryptography_if_struct.cryptography_aead_decrypt = cryptography_aead_decrypt; - cryptography_if_struct.cryptography_get_acs_algo = cryptography_get_acs_algo; - cryptography_if_struct.cryptography_get_ecs_algo = cryptography_get_ecs_algo; + cryptography_if_struct.cryptography_aead_encrypt = cryptography_aead_encrypt; + cryptography_if_struct.cryptography_aead_decrypt = cryptography_aead_decrypt; + cryptography_if_struct.cryptography_get_acs_algo = cryptography_get_acs_algo; + cryptography_if_struct.cryptography_get_ecs_algo = cryptography_get_ecs_algo; return &cryptography_if_struct; } @@ -119,22 +97,23 @@ static int32_t cryptography_init(void) return status; } -static int32_t cryptography_shutdown(void){ +static int32_t cryptography_shutdown(void) +{ int32_t status = CRYPTO_LIB_SUCCESS; - + gvcid_counter = 0; - if(key_if != NULL) + if (key_if != NULL) { - key_if=NULL; + key_if = NULL; } - if(mc_if != NULL) + if (mc_if != NULL) { - mc_if=NULL; + mc_if = NULL; } - if (sa_if != NULL) + if (sa_if != NULL) { sa_if = NULL; } @@ -145,26 +124,23 @@ static int32_t cryptography_shutdown(void){ } return status; - } - -static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, // For key index or key references (when key not passed in explicitly via key param) - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies) -{ - gcry_error_t gcry_error = GPG_ERR_NO_ERROR; +} + +static int32_t cryptography_authenticate( + uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, // For key index or key references (when key not passed in explicitly via key param) + uint8_t *iv, uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, uint32_t aad_len, uint8_t ecs, + uint8_t acs, char *cam_cookies) +{ + gcry_error_t gcry_error = GPG_ERR_NO_ERROR; gcry_mac_hd_t tmp_mac_hd; - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* key_ptr = key; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *key_ptr = key; sa_ptr = sa_ptr; // Unused in this implementation // Need to copy the data over, since authentication won't change/move the data directly - if(data_out != NULL) + if (data_out != NULL) { memcpy(data_out, data_in, len_data_in); } @@ -174,8 +150,8 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, } // Using to fix warning len_data_out = len_data_out; - ecs = ecs; - cam_cookies = cam_cookies; + ecs = ecs; + cam_cookies = cam_cookies; // Select correct libgcrypt acs enum int32_t algo = cryptography_get_acs_algo(acs); @@ -193,7 +169,7 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, return status; } gcry_error = gcry_mac_setkey(tmp_mac_hd, key_ptr, len_key); - + #ifdef SA_DEBUG uint32_t i; printf(KYEL "Auth MAC Printing Key:\n\t"); @@ -232,19 +208,18 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { - printf(KRED "ERROR: gcry_mac_write error code %d\n" RESET, - gcry_error & GPG_ERR_CODE_MASK); + printf(KRED "ERROR: gcry_mac_write error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); printf(KRED "Failure: %s/%s\n", gcry_strsource(gcry_error), gcry_strerror(gcry_error)); status = CRYPTO_LIB_ERROR; gcry_mac_close(tmp_mac_hd); return status; } - uint32_t* tmac_size = &mac_size; - gcry_error = gcry_mac_read(tmp_mac_hd, - mac, // tag output - (size_t* )tmac_size // tag size - ); + uint32_t *tmac_size = &mac_size; + gcry_error = gcry_mac_read(tmp_mac_hd, + mac, // tag output + (size_t *)tmac_size // tag size + ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); @@ -256,30 +231,27 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, // Zeroise any sensitive information gcry_mac_close(tmp_mac_hd); - return status; + return status; } -static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t len_data_out, - const uint8_t* data_in, const size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - const uint8_t* iv, uint32_t iv_len, - const uint8_t* mac, uint32_t mac_size, - const uint8_t* aad, uint32_t aad_len, - uint8_t ecs, uint8_t acs, char* cam_cookies) -{ - gcry_error_t gcry_error = GPG_ERR_NO_ERROR; +static int32_t cryptography_validate_authentication(uint8_t *data_out, size_t len_data_out, const uint8_t *data_in, + const size_t len_data_in, uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, const uint8_t *iv, uint32_t iv_len, + const uint8_t *mac, uint32_t mac_size, const uint8_t *aad, + uint32_t aad_len, uint8_t ecs, uint8_t acs, char *cam_cookies) +{ + gcry_error_t gcry_error = GPG_ERR_NO_ERROR; gcry_mac_hd_t tmp_mac_hd; - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* key_ptr = key; - size_t len_in = len_data_in; // Unused - len_in = len_in; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *key_ptr = key; + size_t len_in = len_data_in; // Unused + len_in = len_in; sa_ptr = sa_ptr; // Unused in this implementation // Need to copy the data over, since authentication won't change/move the data directly // If you don't want data out, don't set a data out length - if(data_out != NULL) + if (data_out != NULL) { memcpy(data_out, data_in, len_data_out); } @@ -288,7 +260,7 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le return CRYPTO_LIB_ERR_NULL_BUFFER; } // Using to fix warning - ecs = ecs; + ecs = ecs; cam_cookies = cam_cookies; // Select correct libgcrypt acs enum @@ -344,8 +316,7 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { - printf(KRED "ERROR: gcry_mac_write error code %d\n" RESET, - gcry_error & GPG_ERR_CODE_MASK); + printf(KRED "ERROR: gcry_mac_write error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); printf(KRED "Failure: %s/%s\n" RESET, gcry_strsource(gcry_error), gcry_strerror(gcry_error)); gcry_mac_close(tmp_mac_hd); status = CRYPTO_LIB_ERROR; @@ -353,12 +324,12 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le } #ifdef MAC_DEBUG - uint32_t* tmac_size = &mac_size; - uint8_t* tmac = calloc(1,*tmac_size); - gcry_error = gcry_mac_read(tmp_mac_hd, - tmac, // tag output - (size_t *)tmac_size // tag size - ); + uint32_t *tmac_size = &mac_size; + uint8_t *tmac = calloc(1, *tmac_size); + gcry_error = gcry_mac_read(tmp_mac_hd, + tmac, // tag output + (size_t *)tmac_size // tag size + ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); @@ -368,18 +339,22 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le printf("Calculated Mac Size: %d\n", *tmac_size); printf("Calculated MAC (full length):\n\t"); - for (uint32_t i = 0; i < *tmac_size; i ++){ + for (uint32_t i = 0; i < *tmac_size; i++) + { printf("%02X", tmac[i]); } printf("\nCalculated MAC (truncated to sa_ptr->stmacf_len):\n\t"); - for (uint32_t i = 0; i < mac_size; i ++){ + for (uint32_t i = 0; i < mac_size; i++) + { printf("%02X", tmac[i]); } printf("\n"); - if (!tmac) free(tmac); + if (!tmac) + free(tmac); printf("Received MAC:\n\t"); - for (uint32_t i = 0; i < mac_size; i ++){ + for (uint32_t i = 0; i < mac_size; i++) + { printf("%02X", mac[i]); } printf("\n"); @@ -387,7 +362,7 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le // Compare computed mac with MAC in frame gcry_error = gcry_mac_verify(tmp_mac_hd, - mac, // original mac + mac, // original mac (size_t)mac_size // tag size ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) @@ -407,24 +382,22 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le // Zeroise any sensitive information gcry_mac_reset(tmp_mac_hd); gcry_mac_close(tmp_mac_hd); - return status; + return status; } -static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len,uint8_t* ecs, uint8_t padding, char* cam_cookies) +static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t padding, char *cam_cookies) { - gcry_error_t gcry_error = GPG_ERR_NO_ERROR; + gcry_error_t gcry_error = GPG_ERR_NO_ERROR; gcry_cipher_hd_t tmp_hd; - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* key_ptr = key; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *key_ptr = key; - data_out = data_out; // TODO: Look into tailoring these out, as they're not used or needed. + data_out = data_out; // TODO: Look into tailoring these out, as they're not used or needed. len_data_out = len_data_out; - padding = padding; - cam_cookies = cam_cookies; + padding = padding; + cam_cookies = cam_cookies; sa_ptr = sa_ptr; // Unused in this implementation @@ -445,7 +418,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, // Verify the mode to accompany the algorithm enum int32_t mode = -1; - mode = cryptography_get_ecs_mode(*ecs); + mode = cryptography_get_ecs_mode(*ecs); if (mode == CRYPTO_LIB_ERR_UNSUPPORTED_MODE) { return CRYPTO_LIB_ERR_UNSUPPORTED_MODE; @@ -491,7 +464,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, #ifdef TC_DEBUG size_t j; - printf("Input payload length is %ld\n", (long int) len_data_in); + printf("Input payload length is %ld\n", (long int)len_data_in); printf(KYEL "Printing Frame Data prior to encryption:\n\t"); for (j = 0; j < len_data_in; j++) { @@ -500,7 +473,6 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, printf("\n" RESET); #endif - gcry_error = gcry_cipher_encrypt(tmp_hd, data_in, len_data_in, NULL, 0); // TODO: Add PKCS#7 padding to data_in, and increment len_data_in to match necessary block size // TODO: Remember to remove the padding. @@ -522,7 +494,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, } #ifdef TC_DEBUG - printf("Output payload length is %ld\n", (long int) len_data_out); + printf("Output payload length is %ld\n", (long int)len_data_out); printf(KYEL "Printing Frame Data after encryption:\n\t"); for (j = 0; j < len_data_out; j++) { @@ -535,7 +507,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, return status; } -int32_t cryptography_verify_ecs_enum_algo(uint8_t* ecs, int32_t* algo, int32_t* mode) +int32_t cryptography_verify_ecs_enum_algo(uint8_t *ecs, int32_t *algo, int32_t *mode) { int32_t status = CRYPTO_LIB_SUCCESS; if (ecs != NULL) @@ -555,7 +527,7 @@ int32_t cryptography_verify_ecs_enum_algo(uint8_t* ecs, int32_t* algo, int32_t* // Verify the mode to accompany the ecs enum *mode = cryptography_get_ecs_mode(*ecs); - if (*mode == CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE) + if (*mode == CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE) { status = CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE; return status; @@ -563,18 +535,19 @@ int32_t cryptography_verify_ecs_enum_algo(uint8_t* ecs, int32_t* algo, int32_t* return status; } -int32_t cryptography_gcry_setup(int32_t mode, int32_t algo, gcry_cipher_hd_t* tmp_hd, uint8_t* key_ptr, uint32_t len_key, uint8_t* iv, uint32_t iv_len, gcry_error_t* gcry_error) +int32_t cryptography_gcry_setup(int32_t mode, int32_t algo, gcry_cipher_hd_t *tmp_hd, uint8_t *key_ptr, + uint32_t len_key, uint8_t *iv, uint32_t iv_len, gcry_error_t *gcry_error) { int32_t status = CRYPTO_LIB_SUCCESS; - if(mode == CRYPTO_CIPHER_AES256_CBC_MAC) + if (mode == CRYPTO_CIPHER_AES256_CBC_MAC) { *gcry_error = gcry_cipher_open(tmp_hd, algo, mode, GCRY_CIPHER_CBC_MAC); } else { *gcry_error = gcry_cipher_open(tmp_hd, algo, mode, GCRY_CIPHER_NONE); - } + } if ((*gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { printf(KRED "ERROR: gcry_cipher_open error code %d\n" RESET, *gcry_error & GPG_ERR_CODE_MASK); @@ -613,23 +586,19 @@ int32_t cryptography_gcry_setup(int32_t mode, int32_t algo, gcry_cipher_hd_t* tm return status; } -static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, // For key index or key references (when key not passed in explicitly via key param) - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t encrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies) +static int32_t cryptography_aead_encrypt( + uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, // For key index or key references (when key not passed in explicitly via key param) + uint8_t *iv, uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, uint32_t aad_len, uint8_t encrypt_bool, + uint8_t authenticate_bool, uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies) { - gcry_error_t gcry_error = GPG_ERR_NO_ERROR; - gcry_cipher_hd_t tmp_hd = 0; - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* key_ptr = key; + gcry_error_t gcry_error = GPG_ERR_NO_ERROR; + gcry_cipher_hd_t tmp_hd = 0; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *key_ptr = key; // Fix warning - acs = acs; + acs = acs; cam_cookies = cam_cookies; sa_ptr = sa_ptr; // Unused in this implementation @@ -637,24 +606,24 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, // Select correct libgcrypt ecs enum int32_t algo = -1; int32_t mode = -1; - status = cryptography_verify_ecs_enum_algo(ecs, &algo, &mode); - if(status != CRYPTO_LIB_SUCCESS) + status = cryptography_verify_ecs_enum_algo(ecs, &algo, &mode); + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); - return status; + return status; } - + // TODO: Get Flag Functionality status = cryptography_gcry_setup(mode, algo, &tmp_hd, key_ptr, len_key, iv, iv_len, &gcry_error); - if(status != CRYPTO_LIB_SUCCESS) + if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); - return status; + return status; } #ifdef DEBUG size_t j; - printf("Input payload length is %ld\n", (long int) len_data_in); + printf("Input payload length is %ld\n", (long int)len_data_in); printf(KYEL "Printing Frame Data prior to encryption:\n\t"); for (j = 0; j < len_data_in; j++) { @@ -663,16 +632,15 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, printf("\n" RESET); #endif - if(aad_bool == CRYPTO_TRUE) // Authenticate with AAD! + if (aad_bool == CRYPTO_TRUE) // Authenticate with AAD! { gcry_error = gcry_cipher_authenticate(tmp_hd, - aad, // additional authenticated data + aad, // additional authenticated data aad_len // length of AAD ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { - printf(KRED "ERROR: gcry_cipher_authenticate error code %d\n" RESET, - gcry_error & GPG_ERR_CODE_MASK); + printf(KRED "ERROR: gcry_cipher_authenticate error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); printf(KRED "Failure: %s/%s\n", gcry_strsource(gcry_error), gcry_strerror(gcry_error)); status = CRYPTO_LIB_ERR_AUTHENTICATION_ERROR; gcry_cipher_close(tmp_hd); @@ -680,25 +648,25 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, } } - if(encrypt_bool == CRYPTO_TRUE) + if (encrypt_bool == CRYPTO_TRUE) { // TODO: Add PKCS#7 padding to data_in, and increment len_data_in to match necessary block size // TODO: Remember to remove the padding. // TODO: Does this interfere with max frame size? Does that need to be taken into account? gcry_error = gcry_cipher_encrypt(tmp_hd, - data_out, // ciphertext output - len_data_out, // length of data - data_in, // plaintext input - len_data_in // in data length + data_out, // ciphertext output + len_data_out, // length of data + data_in, // plaintext input + len_data_in // in data length ); } else // AEAD authenticate only { gcry_error = gcry_cipher_encrypt(tmp_hd, - NULL, // ciphertext output - 0, // length of data + NULL, // ciphertext output + 0, // length of data NULL, // plaintext input - 0 // in data length + 0 // in data length ); } if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) @@ -711,7 +679,7 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, } #ifdef TC_DEBUG - printf("Output payload length is %ld\n", (long int) len_data_out); + printf("Output payload length is %ld\n", (long int)len_data_out); printf(KYEL "Printing Frame Data after encryption:\n\t"); for (j = 0; j < len_data_out; j++) { @@ -723,13 +691,12 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, if (authenticate_bool == CRYPTO_TRUE) { gcry_error = gcry_cipher_gettag(tmp_hd, - mac, // tag output + mac, // tag output mac_size // tag size ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { - printf(KRED "ERROR: gcry_cipher_checktag error code %d\n" RESET, - gcry_error & GPG_ERR_CODE_MASK); + printf(KRED "ERROR: gcry_cipher_checktag error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); printf(KRED "Failure: %s/%s\n", gcry_strsource(gcry_error), gcry_strerror(gcry_error)); status = CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR; gcry_cipher_close(tmp_hd); @@ -751,20 +718,17 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, return status; } -static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* ecs, uint8_t* acs, char* cam_cookies) +static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t *acs, char *cam_cookies) { gcry_cipher_hd_t tmp_hd; - gcry_error_t gcry_error = GPG_ERR_NO_ERROR; - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* key_ptr = key; - + gcry_error_t gcry_error = GPG_ERR_NO_ERROR; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *key_ptr = key; + // Fix warnings - acs = acs; + acs = acs; cam_cookies = cam_cookies; sa_ptr = sa_ptr; // Unused in this implementation @@ -786,11 +750,11 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, // Verify the mode to accompany the algorithm enum int32_t mode = -1; - mode = cryptography_get_ecs_mode(*ecs); + mode = cryptography_get_ecs_mode(*ecs); if (mode == CRYPTO_LIB_ERR_UNSUPPORTED_MODE) { return CRYPTO_LIB_ERR_UNSUPPORTED_MODE; - } + } gcry_error = gcry_cipher_open(&(tmp_hd), algo, mode, GCRY_CIPHER_NONE); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) @@ -821,10 +785,10 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, } gcry_error = gcry_cipher_decrypt(tmp_hd, - data_out, // plaintext output - len_data_out, // length of data - data_in, // in place decryption - len_data_in // in data length + data_out, // plaintext output + len_data_out, // length of data + data_in, // in place decryption + len_data_in // in data length ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { @@ -834,29 +798,23 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, return status; } - gcry_cipher_close(tmp_hd); return status; - } -static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t decrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies) +static int32_t cryptography_aead_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t decrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies) { gcry_cipher_hd_t tmp_hd; - gcry_error_t gcry_error = GPG_ERR_NO_ERROR; - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* key_ptr = key; - + gcry_error_t gcry_error = GPG_ERR_NO_ERROR; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *key_ptr = key; + // Fix warnings - acs = acs; + acs = acs; cam_cookies = cam_cookies; sa_ptr = sa_ptr; // Unused in this implementation @@ -916,7 +874,7 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, status = CRYPTO_LIB_ERR_LIBGCRYPT_ERROR; return status; } - + if (aad_bool == CRYPTO_TRUE) { gcry_error = gcry_cipher_authenticate(tmp_hd, @@ -940,10 +898,10 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, gcry_cipher_set_decryption_tag(tmp_hd, mac, mac_size); } gcry_error = gcry_cipher_decrypt(tmp_hd, - data_out, // plaintext output - len_data_out, // length of data - data_in, // in place decryption - len_data_in // in data length + data_out, // plaintext output + len_data_out, // length of data + data_in, // in place decryption + len_data_in // in data length ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { @@ -957,7 +915,7 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, else // Authentication only { // Authenticate only! No input data passed into decryption function, only AAD. - gcry_error = gcry_cipher_decrypt(tmp_hd,NULL,0, NULL,0); + gcry_error = gcry_cipher_decrypt(tmp_hd, NULL, 0, NULL, 0); // If authentication only, don't decrypt the data. Just pass the data PDU through. memcpy(data_out, data_in, len_data_in); @@ -973,35 +931,35 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, if (authenticate_bool == CRYPTO_TRUE) { -/* -** *** !!!WARNING!!! -** *** This Debug block cannot be enabled during normal use, gettag fundamentally changes the -** *** gettag output -*/ -// #ifdef MAC_DEBUG -// printf("Received MAC is: \n\t0x:"); -// for (uint32_t i =0; i 0) { status = wc_HmacUpdate(&hmac, aad, aad_len); } } // Commented out for now while assessing unit tests - //if (status == 0) + // if (status == 0) //{ // status = wc_HmacUpdate(&hmac, data_in, len_data_in); //} @@ -331,7 +304,7 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le } } // Commented out for now while assessing unit tests - //if (status == 0) + // if (status == 0) //{ // status = wc_HmacUpdate(&hmac, data_in, len_data_in); //} @@ -345,28 +318,28 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le status = CRYPTO_LIB_ERR_UNSUPPORTED_ACS; } - #ifdef MAC_DEBUG - printf("Calculated Mac Size: %d\n", mac_size); - printf("Calculated MAC:\n\t"); - for (uint32_t i = 0; i < mac_size; i ++) - { - printf("%02X", calc_mac[i]); - } - printf("\n"); - printf("Received MAC:\n\t"); - for (uint32_t i = 0; i < mac_size; i ++) - { - printf("%02X", mac[i]); - } - printf("\n"); - #endif +#ifdef MAC_DEBUG + printf("Calculated Mac Size: %d\n", mac_size); + printf("Calculated MAC:\n\t"); + for (uint32_t i = 0; i < mac_size; i++) + { + printf("%02X", calc_mac[i]); + } + printf("\n"); + printf("Received MAC:\n\t"); + for (uint32_t i = 0; i < mac_size; i++) + { + printf("%02X", mac[i]); + } + printf("\n"); +#endif // Compare calculated MAC to provided if (status == 0) { - for(uint32_t i = 0; i < mac_size; i++) + for (uint32_t i = 0; i < mac_size; i++) { - if(calc_mac[i] != mac[i]) + if (calc_mac[i] != mac[i]) { status = CRYPTO_LIB_ERR_MAC_VALIDATION_ERROR; break; @@ -374,38 +347,36 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le } } - return status; + return status; } -static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len,uint8_t* ecs, uint8_t padding, char* cam_cookies) +static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t padding, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; - Aes enc; + Aes enc; // Unused in this implementation - cam_cookies = cam_cookies; - data_out = data_out; + cam_cookies = cam_cookies; + data_out = data_out; len_data_out = len_data_out; - iv = iv; - iv_len = iv_len; - padding = padding; - sa_ptr = sa_ptr; - - #ifdef DEBUG - printf("cryptography_encrypt \n"); - size_t j; - printf("Input payload length is %ld\n", (long int) len_data_in); - printf(KYEL "Printing Frame Data prior to encryption:\n\t"); - for (j = 0; j < len_data_in; j++) - { - printf("%02X", *(data_in + j)); - } - printf("\n" RESET); - #endif + iv = iv; + iv_len = iv_len; + padding = padding; + sa_ptr = sa_ptr; + +#ifdef DEBUG + printf("cryptography_encrypt \n"); + size_t j; + printf("Input payload length is %ld\n", (long int)len_data_in); + printf(KYEL "Printing Frame Data prior to encryption:\n\t"); + for (j = 0; j < len_data_in; j++) + { + printf("%02X", *(data_in + j)); + } + printf("\n" RESET); +#endif // Reference: https://www.wolfssl.com/documentation/manuals/wolfssl/group__AES.html switch (*ecs) @@ -416,13 +387,12 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, { status = wc_AesGcmEncrypt(&enc, data_out, data_in, len_data_in, iv, iv_len, NULL, 16, NULL, 0); if (status == -180) - { // Special error case as Wolf will not accept a zero value for MAC size + { // Special error case as Wolf will not accept a zero value for MAC size status = CRYPTO_LIB_SUCCESS; } } break; - case CRYPTO_CIPHER_AES256_CBC: status = wc_AesSetKey(&enc, key, len_key, iv, AES_ENCRYPTION); if (status == 0) @@ -440,54 +410,50 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, break; } - #ifdef DEBUG - printf("Output payload length is %ld\n", (long int) len_data_out); - printf(KYEL "Printing Frame Data after encryption:\n\t"); - for (j = 0; j < len_data_out; j++) - { - printf("%02X", *(data_out + j)); - } - printf("\n" RESET); - #endif +#ifdef DEBUG + printf("Output payload length is %ld\n", (long int)len_data_out); + printf(KYEL "Printing Frame Data after encryption:\n\t"); + for (j = 0; j < len_data_out; j++) + { + printf("%02X", *(data_out + j)); + } + printf("\n" RESET); +#endif return status; } -static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, // For key index or key references (when key not passed in explicitly via key param) - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t encrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies) +static int32_t cryptography_aead_encrypt( + uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, uint8_t *key, uint32_t len_key, + SecurityAssociation_t *sa_ptr, // For key index or key references (when key not passed in explicitly via key param) + uint8_t *iv, uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, uint32_t aad_len, uint8_t encrypt_bool, + uint8_t authenticate_bool, uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; - Aes enc; + Aes enc; // Unused in this implementation - acs = acs; - cam_cookies = cam_cookies; - len_data_out = len_data_out; - aad = aad; - aad_len = aad_len; - encrypt_bool = encrypt_bool; + acs = acs; + cam_cookies = cam_cookies; + len_data_out = len_data_out; + aad = aad; + aad_len = aad_len; + encrypt_bool = encrypt_bool; authenticate_bool = authenticate_bool; - aad_bool = aad_bool; - sa_ptr = sa_ptr; - - #ifdef DEBUG - size_t j; - printf("cryptography_aead_encrypt \n"); - printf("Input payload length is %ld\n", (long int) len_data_in); - printf(KYEL "Printing Frame Data prior to encryption:\n\t"); - for (j = 0; j < len_data_in; j++) - { - printf("%02X", *(data_in + j)); - } - printf("\n" RESET); - #endif + aad_bool = aad_bool; + sa_ptr = sa_ptr; + +#ifdef DEBUG + size_t j; + printf("cryptography_aead_encrypt \n"); + printf("Input payload length is %ld\n", (long int)len_data_in); + printf(KYEL "Printing Frame Data prior to encryption:\n\t"); + for (j = 0; j < len_data_in; j++) + { + printf("%02X", *(data_in + j)); + } + printf("\n" RESET); +#endif // Reference: https://www.wolfssl.com/documentation/manuals/wolfssl/group__AES.html switch (*ecs) @@ -498,13 +464,14 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, { if ((encrypt_bool == CRYPTO_TRUE) && (authenticate_bool == CRYPTO_TRUE)) { - status = wc_AesGcmEncrypt(&enc, data_out, data_in, len_data_in, iv, iv_len, mac, mac_size, aad, aad_len); + status = + wc_AesGcmEncrypt(&enc, data_out, data_in, len_data_in, iv, iv_len, mac, mac_size, aad, aad_len); } else if (encrypt_bool == CRYPTO_TRUE) { status = wc_AesGcmEncrypt(&enc, data_out, data_in, len_data_in, iv, iv_len, mac, 16, aad, aad_len); if (status == -180) - { // Special error case as Wolf will not accept a zero value for MAC size + { // Special error case as Wolf will not accept a zero value for MAC size status = CRYPTO_LIB_SUCCESS; } } @@ -524,40 +491,37 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, break; } - #ifdef DEBUG - printf("Output payload length is %ld\n", (long int) len_data_out); - printf(KYEL "Printing Frame Data after encryption:\n\t"); - for (j = 0; j < len_data_out; j++) - { - printf("%02X", *(data_out + j)); - } - printf("\n" RESET); - #endif +#ifdef DEBUG + printf("Output payload length is %ld\n", (long int)len_data_out); + printf(KYEL "Printing Frame Data after encryption:\n\t"); + for (j = 0; j < len_data_out; j++) + { + printf("%02X", *(data_out + j)); + } + printf("\n" RESET); +#endif return status; } -static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* ecs, uint8_t* acs, char* cam_cookies) +static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *ecs, uint8_t *acs, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; - Aes dec; + Aes dec; uint8_t calc_mac[16]; - + // Unused in this implementation - acs = acs; - cam_cookies = cam_cookies; + acs = acs; + cam_cookies = cam_cookies; len_data_out = len_data_out; - iv_len = iv_len; - sa_ptr = sa_ptr; + iv_len = iv_len; + sa_ptr = sa_ptr; - #ifdef DEBUG - printf("cryptography_decrypt \n"); - #endif +#ifdef DEBUG + printf("cryptography_decrypt \n"); +#endif // Reference: https://www.wolfssl.com/documentation/manuals/wolfssl/group__AES.html switch (*ecs) @@ -568,7 +532,7 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, { status = wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, calc_mac, 16, NULL, 0); if (status == -180) - { // Special error case as Wolf will not accept a zero value for MAC size + { // Special error case as Wolf will not accept a zero value for MAC size status = CRYPTO_LIB_SUCCESS; } } @@ -594,31 +558,27 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, return status; } -static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, - uint8_t* data_in, size_t len_data_in, - uint8_t* key, uint32_t len_key, - SecurityAssociation_t* sa_ptr, - uint8_t* iv, uint32_t iv_len, - uint8_t* mac, uint32_t mac_size, - uint8_t* aad, uint32_t aad_len, - uint8_t decrypt_bool, uint8_t authenticate_bool, - uint8_t aad_bool, uint8_t* ecs, uint8_t* acs, char* cam_cookies) +static int32_t cryptography_aead_decrypt(uint8_t *data_out, size_t len_data_out, uint8_t *data_in, size_t len_data_in, + uint8_t *key, uint32_t len_key, SecurityAssociation_t *sa_ptr, uint8_t *iv, + uint32_t iv_len, uint8_t *mac, uint32_t mac_size, uint8_t *aad, + uint32_t aad_len, uint8_t decrypt_bool, uint8_t authenticate_bool, + uint8_t aad_bool, uint8_t *ecs, uint8_t *acs, char *cam_cookies) { int32_t status = CRYPTO_LIB_SUCCESS; - Aes dec; - + Aes dec; + // Fix warnings - acs = acs; - cam_cookies = cam_cookies; - len_data_out = len_data_out; - decrypt_bool = decrypt_bool; + acs = acs; + cam_cookies = cam_cookies; + len_data_out = len_data_out; + decrypt_bool = decrypt_bool; authenticate_bool = authenticate_bool; - aad_bool = aad_bool; - sa_ptr = sa_ptr; + aad_bool = aad_bool; + sa_ptr = sa_ptr; - #ifdef DEBUG - printf("cryptography_aead_decrypt \n"); - #endif +#ifdef DEBUG + printf("cryptography_aead_decrypt \n"); +#endif // Reference: https://www.wolfssl.com/documentation/manuals/wolfssl/group__AES.html switch (*ecs) @@ -635,18 +595,21 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, if (len_data_in == 0) { // in place decryption - status = wc_AesGcmDecrypt(&dec, data_out, data_out, len_data_out, iv, iv_len, mac, mac_size, aad, aad_len); + status = wc_AesGcmDecrypt(&dec, data_out, data_out, len_data_out, iv, iv_len, mac, mac_size, + aad, aad_len); } else { - status = wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, mac_size, aad, aad_len); + status = wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, mac_size, + aad, aad_len); } } else { - status = wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, 16, aad, aad_len); + status = + wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, 16, aad, aad_len); if (status == -180) - { // Special error case as Wolf will not accept a zero value for MAC size + { // Special error case as Wolf will not accept a zero value for MAC size status = CRYPTO_LIB_SUCCESS; } } @@ -655,13 +618,14 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, { status = wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, 16, aad, aad_len); if (status == -180) - { // Special error case as Wolf will not accept a zero value for MAC size + { // Special error case as Wolf will not accept a zero value for MAC size status = CRYPTO_LIB_SUCCESS; } } else if (authenticate_bool == CRYPTO_TRUE) { - status = wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, mac_size, aad, aad_len); + status = + wc_AesGcmDecrypt(&dec, data_out, data_in, len_data_in, iv, iv_len, mac, mac_size, aad, aad_len); // If authentication only, don't decrypt the data. Just pass the data PDU through. memcpy(data_out, data_in, len_data_in); } @@ -692,7 +656,7 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, **/ int32_t cryptography_get_acs_algo(int8_t algo_enum) { - int32_t algo = CRYPTO_LIB_ERR_UNSUPPORTED_ACS; + int32_t algo = CRYPTO_LIB_ERR_UNSUPPORTED_ACS; // Unused by WolfSSL, simply leverage same CryptoLib enums switch (algo_enum) @@ -723,7 +687,7 @@ int32_t cryptography_get_acs_algo(int8_t algo_enum) **/ int32_t cryptography_get_ecs_algo(int8_t algo_enum) { - int32_t algo = CRYPTO_LIB_ERR_UNSUPPORTED_ECS; + int32_t algo = CRYPTO_LIB_ERR_UNSUPPORTED_ECS; // Unused by WolfSSL, simply leverage same CryptoLib enums switch (algo_enum) diff --git a/src/key/custom_stub/key_interface_custom_stub.template.c b/src/key/custom_stub/key_interface_custom_stub.template.c index 0f77762d..98eff9b7 100644 --- a/src/key/custom_stub/key_interface_custom_stub.template.c +++ b/src/key/custom_stub/key_interface_custom_stub.template.c @@ -23,6 +23,7 @@ static KeyInterfaceStruct key_if_struct; /* Functions */ KeyInterface get_key_interface_custom(void) { - fprintf(stderr, "ERROR: Loading custom key interface stub source code. Rebuild CryptoLib with -DKEY_CUSTOM=ON to use implementation.\n"); + fprintf(stderr, "ERROR: Loading custom key interface stub source code. Rebuild CryptoLib with -DKEY_CUSTOM=ON to " + "use implementation.\n"); return &key_if_struct; } diff --git a/src/key/internal/key_interface_internal.template.c b/src/key/internal/key_interface_internal.template.c index ef50efa4..ab331600 100644 --- a/src/key/internal/key_interface_internal.template.c +++ b/src/key/internal/key_interface_internal.template.c @@ -18,20 +18,20 @@ #include "key_interface.h" /* Variables */ -static crypto_key_t key_ring[NUM_KEYS] = {0}; +static crypto_key_t key_ring[NUM_KEYS] = {0}; static KeyInterfaceStruct key_if_struct; /* Prototypes */ -static crypto_key_t* get_key(uint32_t key_id); -static int32_t key_init(void); -static int32_t key_shutdown(void); +static crypto_key_t *get_key(uint32_t key_id); +static int32_t key_init(void); +static int32_t key_shutdown(void); /* Functions */ KeyInterface get_key_interface_internal(void) { /* Key Interface, SDLS */ - key_if_struct.get_key = get_key; - key_if_struct.key_init = key_init; + key_if_struct.get_key = get_key; + key_if_struct.key_init = key_init; key_if_struct.key_shutdown = key_shutdown; /* Key Interface, SDLS-EP */ @@ -39,15 +39,15 @@ KeyInterface get_key_interface_internal(void) return &key_if_struct; } -static crypto_key_t* get_key(uint32_t key_id) +static crypto_key_t *get_key(uint32_t key_id) { - crypto_key_t* key_ptr = NULL; - - if(key_id < NUM_KEYS) + crypto_key_t *key_ptr = NULL; + + if (key_id < NUM_KEYS) { key_ptr = &key_ring[key_id]; } - + return key_ptr; } @@ -55,28 +55,28 @@ static int32_t key_init(void) { int32_t status = CRYPTO_LIB_SUCCESS; // Initialize all to zero - for(uint32_t i = 0; i < NUM_KEYS; i++) + for (uint32_t i = 0; i < NUM_KEYS; i++) { - for(uint32_t j = 0; j < KEY_SIZE; j++) + for (uint32_t j = 0; j < KEY_SIZE; j++) { key_ring[i].value[j] = 0; } - key_ring[i].key_len = 0; + key_ring[i].key_len = 0; key_ring[i].key_state = 0; } // Master Keys // 0 - 000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F -> ACTIVE - key_ring[0].value[0] = 0x00; - key_ring[0].value[1] = 0x01; - key_ring[0].value[2] = 0x02; - key_ring[0].value[3] = 0x03; - key_ring[0].value[4] = 0x04; - key_ring[0].value[5] = 0x05; - key_ring[0].value[6] = 0x06; - key_ring[0].value[7] = 0x07; - key_ring[0].value[8] = 0x08; - key_ring[0].value[9] = 0x09; + key_ring[0].value[0] = 0x00; + key_ring[0].value[1] = 0x01; + key_ring[0].value[2] = 0x02; + key_ring[0].value[3] = 0x03; + key_ring[0].value[4] = 0x04; + key_ring[0].value[5] = 0x05; + key_ring[0].value[6] = 0x06; + key_ring[0].value[7] = 0x07; + key_ring[0].value[8] = 0x08; + key_ring[0].value[9] = 0x09; key_ring[0].value[10] = 0x0A; key_ring[0].value[11] = 0x0B; key_ring[0].value[12] = 0x0C; @@ -99,19 +99,19 @@ static int32_t key_init(void) key_ring[0].value[29] = 0x0D; key_ring[0].value[30] = 0x0E; key_ring[0].value[31] = 0x0F; - key_ring[0].key_len = 32; + key_ring[0].key_len = 32; key_ring[0].key_state = KEY_ACTIVE; // 1 - 101112131415161718191A1B1C1D1E1F101112131415161718191A1B1C1D1E1F -> ACTIVE - key_ring[1].value[0] = 0x10; - key_ring[1].value[1] = 0x11; - key_ring[1].value[2] = 0x12; - key_ring[1].value[3] = 0x13; - key_ring[1].value[4] = 0x14; - key_ring[1].value[5] = 0x15; - key_ring[1].value[6] = 0x16; - key_ring[1].value[7] = 0x17; - key_ring[1].value[8] = 0x18; - key_ring[1].value[9] = 0x19; + key_ring[1].value[0] = 0x10; + key_ring[1].value[1] = 0x11; + key_ring[1].value[2] = 0x12; + key_ring[1].value[3] = 0x13; + key_ring[1].value[4] = 0x14; + key_ring[1].value[5] = 0x15; + key_ring[1].value[6] = 0x16; + key_ring[1].value[7] = 0x17; + key_ring[1].value[8] = 0x18; + key_ring[1].value[9] = 0x19; key_ring[1].value[10] = 0x1A; key_ring[1].value[11] = 0x1B; key_ring[1].value[12] = 0x1C; @@ -134,19 +134,19 @@ static int32_t key_init(void) key_ring[1].value[29] = 0x1D; key_ring[1].value[30] = 0x1E; key_ring[1].value[31] = 0x1F; - key_ring[1].key_len = 32; + key_ring[1].key_len = 32; key_ring[1].key_state = KEY_ACTIVE; // 2 - 202122232425262728292A2B2C2D2E2F202122232425262728292A2B2C2D2E2F -> ACTIVE - key_ring[2].value[0] = 0x20; - key_ring[2].value[1] = 0x21; - key_ring[2].value[2] = 0x22; - key_ring[2].value[3] = 0x23; - key_ring[2].value[4] = 0x24; - key_ring[2].value[5] = 0x25; - key_ring[2].value[6] = 0x26; - key_ring[2].value[7] = 0x27; - key_ring[2].value[8] = 0x28; - key_ring[2].value[9] = 0x29; + key_ring[2].value[0] = 0x20; + key_ring[2].value[1] = 0x21; + key_ring[2].value[2] = 0x22; + key_ring[2].value[3] = 0x23; + key_ring[2].value[4] = 0x24; + key_ring[2].value[5] = 0x25; + key_ring[2].value[6] = 0x26; + key_ring[2].value[7] = 0x27; + key_ring[2].value[8] = 0x28; + key_ring[2].value[9] = 0x29; key_ring[2].value[10] = 0x2A; key_ring[2].value[11] = 0x2B; key_ring[2].value[12] = 0x2C; @@ -169,19 +169,19 @@ static int32_t key_init(void) key_ring[2].value[29] = 0x2D; key_ring[2].value[30] = 0x2E; key_ring[2].value[31] = 0x2F; - key_ring[2].key_len = 32; + key_ring[2].key_len = 32; key_ring[2].key_state = KEY_ACTIVE; - key_ring[3].value[0] = 0x30; - key_ring[3].value[1] = 0x31; - key_ring[3].value[2] = 0x32; - key_ring[3].value[3] = 0x33; - key_ring[3].value[4] = 0x34; - key_ring[3].value[5] = 0x35; - key_ring[3].value[6] = 0x36; - key_ring[3].value[7] = 0x37; - key_ring[3].value[8] = 0x38; - key_ring[3].value[9] = 0x39; + key_ring[3].value[0] = 0x30; + key_ring[3].value[1] = 0x31; + key_ring[3].value[2] = 0x32; + key_ring[3].value[3] = 0x33; + key_ring[3].value[4] = 0x34; + key_ring[3].value[5] = 0x35; + key_ring[3].value[6] = 0x36; + key_ring[3].value[7] = 0x37; + key_ring[3].value[8] = 0x38; + key_ring[3].value[9] = 0x39; key_ring[3].value[10] = 0x3A; key_ring[3].value[11] = 0x3B; key_ring[3].value[12] = 0x3C; @@ -204,19 +204,19 @@ static int32_t key_init(void) key_ring[3].value[29] = 0x3D; key_ring[3].value[30] = 0x3E; key_ring[3].value[31] = 0x3F; - key_ring[3].key_len = 32; + key_ring[3].key_len = 32; key_ring[3].key_state = KEY_ACTIVE; - - key_ring[4].value[0] = 0x40; - key_ring[4].value[1] = 0x41; - key_ring[4].value[2] = 0x42; - key_ring[4].value[3] = 0x43; - key_ring[4].value[4] = 0x44; - key_ring[4].value[5] = 0x45; - key_ring[4].value[6] = 0x46; - key_ring[4].value[7] = 0x47; - key_ring[4].value[8] = 0x48; - key_ring[4].value[9] = 0x49; + + key_ring[4].value[0] = 0x40; + key_ring[4].value[1] = 0x41; + key_ring[4].value[2] = 0x42; + key_ring[4].value[3] = 0x43; + key_ring[4].value[4] = 0x44; + key_ring[4].value[5] = 0x45; + key_ring[4].value[6] = 0x46; + key_ring[4].value[7] = 0x47; + key_ring[4].value[8] = 0x48; + key_ring[4].value[9] = 0x49; key_ring[4].value[10] = 0x4A; key_ring[4].value[11] = 0x4B; key_ring[4].value[12] = 0x4C; @@ -239,19 +239,19 @@ static int32_t key_init(void) key_ring[4].value[29] = 0x4D; key_ring[4].value[30] = 0x4E; key_ring[4].value[31] = 0x4F; - key_ring[4].key_len = 32; + key_ring[4].key_len = 32; key_ring[4].key_state = KEY_ACTIVE; - key_ring[9].value[0] = 0x90; - key_ring[9].value[1] = 0x91; - key_ring[9].value[2] = 0x92; - key_ring[9].value[3] = 0x93; - key_ring[9].value[4] = 0x94; - key_ring[9].value[5] = 0x95; - key_ring[9].value[6] = 0x96; - key_ring[9].value[7] = 0x97; - key_ring[9].value[8] = 0x98; - key_ring[9].value[9] = 0x99; + key_ring[9].value[0] = 0x90; + key_ring[9].value[1] = 0x91; + key_ring[9].value[2] = 0x92; + key_ring[9].value[3] = 0x93; + key_ring[9].value[4] = 0x94; + key_ring[9].value[5] = 0x95; + key_ring[9].value[6] = 0x96; + key_ring[9].value[7] = 0x97; + key_ring[9].value[8] = 0x98; + key_ring[9].value[9] = 0x99; key_ring[9].value[10] = 0x9A; key_ring[9].value[11] = 0x9B; key_ring[9].value[12] = 0x9C; @@ -274,21 +274,21 @@ static int32_t key_init(void) key_ring[9].value[29] = 0x9D; key_ring[9].value[30] = 0x9E; key_ring[9].value[31] = 0x9F; - key_ring[9].key_len = 32; + key_ring[9].key_len = 32; key_ring[9].key_state = KEY_ACTIVE; // Session Keys // 128 - 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -> ACTIVE - key_ring[128].value[0] = 0x01; - key_ring[128].value[1] = 0x23; - key_ring[128].value[2] = 0x45; - key_ring[128].value[3] = 0x67; - key_ring[128].value[4] = 0x89; - key_ring[128].value[5] = 0xAB; - key_ring[128].value[6] = 0xCD; - key_ring[128].value[7] = 0xEF; - key_ring[128].value[8] = 0x01; - key_ring[128].value[9] = 0x23; + key_ring[128].value[0] = 0x01; + key_ring[128].value[1] = 0x23; + key_ring[128].value[2] = 0x45; + key_ring[128].value[3] = 0x67; + key_ring[128].value[4] = 0x89; + key_ring[128].value[5] = 0xAB; + key_ring[128].value[6] = 0xCD; + key_ring[128].value[7] = 0xEF; + key_ring[128].value[8] = 0x01; + key_ring[128].value[9] = 0x23; key_ring[128].value[10] = 0x45; key_ring[128].value[11] = 0x67; key_ring[128].value[12] = 0x89; @@ -311,19 +311,19 @@ static int32_t key_init(void) key_ring[128].value[29] = 0xAB; key_ring[128].value[30] = 0xCD; key_ring[128].value[31] = 0xEF; - key_ring[128].key_len = 32; + key_ring[128].key_len = 32; key_ring[128].key_state = KEY_ACTIVE; // 129 - ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789 -> ACTIVE - key_ring[129].value[0] = 0xAB; - key_ring[129].value[1] = 0xCD; - key_ring[129].value[2] = 0xEF; - key_ring[129].value[3] = 0x01; - key_ring[129].value[4] = 0x23; - key_ring[129].value[5] = 0x45; - key_ring[129].value[6] = 0x67; - key_ring[129].value[7] = 0x89; - key_ring[129].value[8] = 0xAB; - key_ring[129].value[9] = 0xCD; + key_ring[129].value[0] = 0xAB; + key_ring[129].value[1] = 0xCD; + key_ring[129].value[2] = 0xEF; + key_ring[129].value[3] = 0x01; + key_ring[129].value[4] = 0x23; + key_ring[129].value[5] = 0x45; + key_ring[129].value[6] = 0x67; + key_ring[129].value[7] = 0x89; + key_ring[129].value[8] = 0xAB; + key_ring[129].value[9] = 0xCD; key_ring[129].value[10] = 0xEF; key_ring[129].value[11] = 0x01; key_ring[129].value[12] = 0x23; @@ -346,19 +346,19 @@ static int32_t key_init(void) key_ring[129].value[29] = 0x45; key_ring[129].value[30] = 0x67; key_ring[129].value[31] = 0x89; - key_ring[129].key_len = 32; + key_ring[129].key_len = 32; key_ring[129].key_state = KEY_ACTIVE; // 130 - FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210 -> ACTIVE - key_ring[130].value[0] = 0xFE; - key_ring[130].value[1] = 0xDC; - key_ring[130].value[2] = 0xBA; - key_ring[130].value[3] = 0x98; - key_ring[130].value[4] = 0x76; - key_ring[130].value[5] = 0x54; - key_ring[130].value[6] = 0x32; - key_ring[130].value[7] = 0x10; - key_ring[130].value[8] = 0xFE; - key_ring[130].value[9] = 0xDC; + key_ring[130].value[0] = 0xFE; + key_ring[130].value[1] = 0xDC; + key_ring[130].value[2] = 0xBA; + key_ring[130].value[3] = 0x98; + key_ring[130].value[4] = 0x76; + key_ring[130].value[5] = 0x54; + key_ring[130].value[6] = 0x32; + key_ring[130].value[7] = 0x10; + key_ring[130].value[8] = 0xFE; + key_ring[130].value[9] = 0xDC; key_ring[130].value[10] = 0xBA; key_ring[130].value[11] = 0x98; key_ring[130].value[12] = 0x76; @@ -381,19 +381,19 @@ static int32_t key_init(void) key_ring[130].value[29] = 0x54; key_ring[130].value[30] = 0x32; key_ring[130].value[31] = 0x10; - key_ring[130].key_len = 32; + key_ring[130].key_len = 32; key_ring[130].key_state = KEY_ACTIVE; // 131 - 9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA -> ACTIVE - key_ring[131].value[0] = 0x98; - key_ring[131].value[1] = 0x76; - key_ring[131].value[2] = 0x54; - key_ring[131].value[3] = 0x32; - key_ring[131].value[4] = 0x10; - key_ring[131].value[5] = 0xFE; - key_ring[131].value[6] = 0xDC; - key_ring[131].value[7] = 0xBA; - key_ring[131].value[8] = 0x98; - key_ring[131].value[9] = 0x76; + key_ring[131].value[0] = 0x98; + key_ring[131].value[1] = 0x76; + key_ring[131].value[2] = 0x54; + key_ring[131].value[3] = 0x32; + key_ring[131].value[4] = 0x10; + key_ring[131].value[5] = 0xFE; + key_ring[131].value[6] = 0xDC; + key_ring[131].value[7] = 0xBA; + key_ring[131].value[8] = 0x98; + key_ring[131].value[9] = 0x76; key_ring[131].value[10] = 0x54; key_ring[131].value[11] = 0x32; key_ring[131].value[12] = 0x10; @@ -416,19 +416,19 @@ static int32_t key_init(void) key_ring[131].value[29] = 0xFE; key_ring[131].value[30] = 0xDC; key_ring[131].value[31] = 0xBA; - key_ring[131].key_len = 32; + key_ring[131].key_len = 32; key_ring[131].key_state = KEY_ACTIVE; // 132 - 0123456789ABCDEFABCDEF01234567890123456789ABCDEFABCDEF0123456789 -> PRE_ACTIVATION - key_ring[132].value[0] = 0x01; - key_ring[132].value[1] = 0x23; - key_ring[132].value[2] = 0x45; - key_ring[132].value[3] = 0x67; - key_ring[132].value[4] = 0x89; - key_ring[132].value[5] = 0xAB; - key_ring[132].value[6] = 0xCD; - key_ring[132].value[7] = 0xEF; - key_ring[132].value[8] = 0xAB; - key_ring[132].value[9] = 0xCD; + key_ring[132].value[0] = 0x01; + key_ring[132].value[1] = 0x23; + key_ring[132].value[2] = 0x45; + key_ring[132].value[3] = 0x67; + key_ring[132].value[4] = 0x89; + key_ring[132].value[5] = 0xAB; + key_ring[132].value[6] = 0xCD; + key_ring[132].value[7] = 0xEF; + key_ring[132].value[8] = 0xAB; + key_ring[132].value[9] = 0xCD; key_ring[132].value[10] = 0xEF; key_ring[132].value[11] = 0x01; key_ring[132].value[12] = 0x23; @@ -451,19 +451,19 @@ static int32_t key_init(void) key_ring[132].value[29] = 0x45; key_ring[132].value[30] = 0x67; key_ring[132].value[31] = 0x89; - key_ring[132].key_len = 32; + key_ring[132].key_len = 32; key_ring[132].key_state = KEY_PREACTIVE; // 133 - ABCDEF01234567890123456789ABCDEFABCDEF01234567890123456789ABCDEF -> ACTIVE - key_ring[133].value[0] = 0xAB; - key_ring[133].value[1] = 0xCD; - key_ring[133].value[2] = 0xEF; - key_ring[133].value[3] = 0x01; - key_ring[133].value[4] = 0x23; - key_ring[133].value[5] = 0x45; - key_ring[133].value[6] = 0x67; - key_ring[133].value[7] = 0x89; - key_ring[133].value[8] = 0x01; - key_ring[133].value[9] = 0x23; + key_ring[133].value[0] = 0xAB; + key_ring[133].value[1] = 0xCD; + key_ring[133].value[2] = 0xEF; + key_ring[133].value[3] = 0x01; + key_ring[133].value[4] = 0x23; + key_ring[133].value[5] = 0x45; + key_ring[133].value[6] = 0x67; + key_ring[133].value[7] = 0x89; + key_ring[133].value[8] = 0x01; + key_ring[133].value[9] = 0x23; key_ring[133].value[10] = 0x45; key_ring[133].value[11] = 0x67; key_ring[133].value[12] = 0x89; @@ -486,19 +486,19 @@ static int32_t key_init(void) key_ring[133].value[29] = 0xAB; key_ring[133].value[30] = 0xCD; key_ring[133].value[31] = 0xEF; - key_ring[133].key_len = 32; + key_ring[133].key_len = 32; key_ring[133].key_state = KEY_ACTIVE; // 134 - ABCDEF0123456789FEDCBA9876543210ABCDEF0123456789FEDCBA9876543210 -> DEACTIVE - key_ring[134].value[0] = 0xAB; - key_ring[134].value[1] = 0xCD; - key_ring[134].value[2] = 0xEF; - key_ring[134].value[3] = 0x01; - key_ring[134].value[4] = 0x23; - key_ring[134].value[5] = 0x45; - key_ring[134].value[6] = 0x67; - key_ring[134].value[7] = 0x89; - key_ring[134].value[8] = 0xFE; - key_ring[134].value[9] = 0xDC; + key_ring[134].value[0] = 0xAB; + key_ring[134].value[1] = 0xCD; + key_ring[134].value[2] = 0xEF; + key_ring[134].value[3] = 0x01; + key_ring[134].value[4] = 0x23; + key_ring[134].value[5] = 0x45; + key_ring[134].value[6] = 0x67; + key_ring[134].value[7] = 0x89; + key_ring[134].value[8] = 0xFE; + key_ring[134].value[9] = 0xDC; key_ring[134].value[10] = 0xBA; key_ring[134].value[11] = 0x98; key_ring[134].value[12] = 0x76; @@ -521,20 +521,20 @@ static int32_t key_init(void) key_ring[134].value[29] = 0x54; key_ring[134].value[30] = 0x32; key_ring[134].value[31] = 0x10; - key_ring[134].key_len = 32; + key_ring[134].key_len = 32; key_ring[134].key_state = KEY_DEACTIVATED; // 135 - ABCDEF0123456789FEDCBA9876543210ABCDEF0123456789FEDCBA9876543210 -> DEACTIVE - key_ring[135].value[0] = 0x00; - key_ring[135].value[1] = 0x00; - key_ring[135].value[2] = 0x00; - key_ring[135].value[3] = 0x00; - key_ring[135].value[4] = 0x00; - key_ring[135].value[5] = 0x00; - key_ring[135].value[6] = 0x00; - key_ring[135].value[7] = 0x00; - key_ring[135].value[8] = 0x00; - key_ring[135].value[9] = 0x00; + key_ring[135].value[0] = 0x00; + key_ring[135].value[1] = 0x00; + key_ring[135].value[2] = 0x00; + key_ring[135].value[3] = 0x00; + key_ring[135].value[4] = 0x00; + key_ring[135].value[5] = 0x00; + key_ring[135].value[6] = 0x00; + key_ring[135].value[7] = 0x00; + key_ring[135].value[8] = 0x00; + key_ring[135].value[9] = 0x00; key_ring[135].value[10] = 0x00; key_ring[135].value[11] = 0x00; key_ring[135].value[12] = 0x00; @@ -557,22 +557,22 @@ static int32_t key_init(void) key_ring[135].value[29] = 0x00; key_ring[135].value[30] = 0x00; key_ring[135].value[31] = 0x00; - key_ring[135].key_len = 32; + key_ring[135].key_len = 32; key_ring[135].key_state = KEY_DEACTIVATED; // 136 - ff9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f9 // Reference: // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - key_ring[136].value[0] = 0xff; - key_ring[136].value[1] = 0x9f; - key_ring[136].value[2] = 0x92; - key_ring[136].value[3] = 0x84; - key_ring[136].value[4] = 0xcf; - key_ring[136].value[5] = 0x59; - key_ring[136].value[6] = 0x9e; - key_ring[136].value[7] = 0xac; - key_ring[136].value[8] = 0x3b; - key_ring[136].value[9] = 0x11; + key_ring[136].value[0] = 0xff; + key_ring[136].value[1] = 0x9f; + key_ring[136].value[2] = 0x92; + key_ring[136].value[3] = 0x84; + key_ring[136].value[4] = 0xcf; + key_ring[136].value[5] = 0x59; + key_ring[136].value[6] = 0x9e; + key_ring[136].value[7] = 0xac; + key_ring[136].value[8] = 0x3b; + key_ring[136].value[9] = 0x11; key_ring[136].value[10] = 0x99; key_ring[136].value[11] = 0x05; key_ring[136].value[12] = 0xa7; @@ -595,12 +595,12 @@ static int32_t key_init(void) key_ring[136].value[29] = 0x76; key_ring[136].value[30] = 0x70; key_ring[136].value[31] = 0xf9; - key_ring[136].key_len = 32; + key_ring[136].key_len = 32; key_ring[136].key_state = KEY_DEACTIVATED; - #ifdef DEBUG - printf(KGRN "Key internal interface intialized \n" RESET); - #endif +#ifdef DEBUG + printf(KGRN "Key internal interface intialized \n" RESET); +#endif return status; } diff --git a/src/key/internal_stub/key_interface_internal_stub.template.c b/src/key/internal_stub/key_interface_internal_stub.template.c index fdb4b81e..a7337378 100644 --- a/src/key/internal_stub/key_interface_internal_stub.template.c +++ b/src/key/internal_stub/key_interface_internal_stub.template.c @@ -24,6 +24,7 @@ static KeyInterfaceStruct key_if_struct; /* Functions */ KeyInterface get_key_interface_internal(void) { - fprintf(stderr,"ERROR: Loading internal key interface stub source code. Rebuild CryptoLib with -DKEY_INTERNAL=ON to use implementation.\n"); + fprintf(stderr, "ERROR: Loading internal key interface stub source code. Rebuild CryptoLib with -DKEY_INTERNAL=ON " + "to use implementation.\n"); return &key_if_struct; } diff --git a/src/key/kmc/key_interface_kmc.template.c b/src/key/kmc/key_interface_kmc.template.c index 6a3fd525..3cba9cff 100644 --- a/src/key/kmc/key_interface_kmc.template.c +++ b/src/key/kmc/key_interface_kmc.template.c @@ -22,20 +22,20 @@ static KeyInterfaceStruct key_if_struct; /* Prototypes */ -static crypto_key_t* get_key(uint32_t key_id); -static int32_t key_init(void); -static int32_t key_shutdown(void); +static crypto_key_t *get_key(uint32_t key_id); +static int32_t key_init(void); +static int32_t key_shutdown(void); /* Functions */ KeyInterface get_key_interface_kmc(void) { - key_if_struct.get_key = get_key; - key_if_struct.key_init = key_init; + key_if_struct.get_key = get_key; + key_if_struct.key_init = key_init; key_if_struct.key_shutdown = key_shutdown; return &key_if_struct; } -static crypto_key_t* get_key(uint32_t key_id) +static crypto_key_t *get_key(uint32_t key_id) { /* Avoid set but not used warning */ key_id = key_id; diff --git a/src/key/kmc_stub/key_interface_kmc_stub.template.c b/src/key/kmc_stub/key_interface_kmc_stub.template.c index fd318910..1969b9f3 100644 --- a/src/key/kmc_stub/key_interface_kmc_stub.template.c +++ b/src/key/kmc_stub/key_interface_kmc_stub.template.c @@ -24,6 +24,7 @@ static KeyInterfaceStruct key_if_struct; /* Functions */ KeyInterface get_key_interface_kmc(void) { - fprintf(stderr,"ERROR: Loading KMC key interface stub source code. Rebuild CryptoLib with -DKEY_KMC=ON to use implementation.\n"); + fprintf(stderr, "ERROR: Loading KMC key interface stub source code. Rebuild CryptoLib with -DKEY_KMC=ON to use " + "implementation.\n"); return &key_if_struct; } diff --git a/src/mc/custom_stub/mc_interface_custom_stub.template.c b/src/mc/custom_stub/mc_interface_custom_stub.template.c index 3eb5595e..32861f79 100644 --- a/src/mc/custom_stub/mc_interface_custom_stub.template.c +++ b/src/mc/custom_stub/mc_interface_custom_stub.template.c @@ -24,6 +24,7 @@ static McInterfaceStruct mc_if_struct; /* Functions */ McInterface get_mc_interface_custom(void) { - fprintf(stderr,"ERROR: Loading custom monitoring and control interface stub source code. Rebuild CryptoLib with -DMC_CUSTOM=ON to use implementation.\n"); + fprintf(stderr, "ERROR: Loading custom monitoring and control interface stub source code. Rebuild CryptoLib with " + "-DMC_CUSTOM=ON to use implementation.\n"); return &mc_if_struct; } diff --git a/src/mc/disabled/mc_interface_disabled.template.c b/src/mc/disabled/mc_interface_disabled.template.c index 01c0e1bc..27b142f1 100644 --- a/src/mc/disabled/mc_interface_disabled.template.c +++ b/src/mc/disabled/mc_interface_disabled.template.c @@ -22,7 +22,7 @@ static McInterfaceStruct mc_if_struct; /* Prototypes */ static int32_t mc_initialize(void); -static void mc_log(int32_t error_code); +static void mc_log(int32_t error_code); static int32_t mc_shutdown(void); /* Functions */ @@ -30,8 +30,8 @@ McInterface get_mc_interface_disabled(void) { /* MC Interface, SDLS */ mc_if_struct.mc_initialize = mc_initialize; - mc_if_struct.mc_log = mc_log; - mc_if_struct.mc_shutdown = mc_shutdown; + mc_if_struct.mc_log = mc_log; + mc_if_struct.mc_shutdown = mc_shutdown; /* MC Interface, SDLS-EP */ /* diff --git a/src/mc/disabled_stub/mc_interface_disabled_stub.template.c b/src/mc/disabled_stub/mc_interface_disabled_stub.template.c index 76026dc0..4b942a19 100644 --- a/src/mc/disabled_stub/mc_interface_disabled_stub.template.c +++ b/src/mc/disabled_stub/mc_interface_disabled_stub.template.c @@ -24,6 +24,7 @@ static McInterfaceStruct mc_if_struct; /* Functions */ McInterface get_mc_interface_disabled(void) { - fprintf(stderr,"ERROR: Loading disabled monitoring and control interface stub source code. Rebuild CryptoLib with -DMC_DISABLED=ON to use implementation.\n"); + fprintf(stderr, "ERROR: Loading disabled monitoring and control interface stub source code. Rebuild CryptoLib with " + "-DMC_DISABLED=ON to use implementation.\n"); return &mc_if_struct; } diff --git a/src/mc/internal/mc_interface_internal.template.c b/src/mc/internal/mc_interface_internal.template.c index 974fd567..b0c40516 100644 --- a/src/mc/internal/mc_interface_internal.template.c +++ b/src/mc/internal/mc_interface_internal.template.c @@ -19,12 +19,12 @@ #include /* Variables */ -static FILE* mc_file_ptr; +static FILE *mc_file_ptr; static McInterfaceStruct mc_if_struct; /* Prototypes */ static int32_t mc_initialize(void); -static void mc_log(int32_t error_code); +static void mc_log(int32_t error_code); static int32_t mc_shutdown(void); /* Functions */ @@ -32,8 +32,8 @@ McInterface get_mc_interface_internal(void) { /* MC Interface, SDLS */ mc_if_struct.mc_initialize = mc_initialize; - mc_if_struct.mc_log = mc_log; - mc_if_struct.mc_shutdown = mc_shutdown; + mc_if_struct.mc_log = mc_log; + mc_if_struct.mc_shutdown = mc_shutdown; /* MC Interface, SDLS-EP */ /* @@ -51,7 +51,7 @@ McInterface get_mc_interface_internal(void) static int32_t mc_initialize(void) { int32_t status = CRYPTO_LIB_SUCCESS; - + /* Open log */ mc_file_ptr = fopen(MC_LOG_PATH, "a"); if (mc_file_ptr == NULL) @@ -59,30 +59,28 @@ static int32_t mc_initialize(void) status = CRYPTO_LIB_ERR_MC_INIT; printf(KRED "ERROR: Monitoring and control initialization - internal failed\n" RESET); } - + return status; } static void mc_log(int32_t error_code) { - time_t rawtime; - struct tm* timeinfo; + time_t rawtime; + struct tm *timeinfo; time(&rawtime); timeinfo = localtime(&rawtime); /* Write to log if error code is valid */ if (error_code != CRYPTO_LIB_SUCCESS) { - fprintf(mc_file_ptr, "[%d%d%d,%d:%d:%d], %d\n", - timeinfo->tm_year + 1900, timeinfo->tm_mon + 1, timeinfo->tm_mday, - timeinfo->tm_hour, timeinfo->tm_min, timeinfo->tm_sec, error_code); - - /* Also print error if debug enabled */ - #ifdef DEBUG - printf("MC_Log: Error, [%d%d%d,%d:%d:%d], %d\n", - timeinfo->tm_year + 1900, timeinfo->tm_mon + 1, timeinfo->tm_mday, - timeinfo->tm_hour, timeinfo->tm_min, timeinfo->tm_sec, error_code); - #endif + fprintf(mc_file_ptr, "[%d%d%d,%d:%d:%d], %d\n", timeinfo->tm_year + 1900, timeinfo->tm_mon + 1, + timeinfo->tm_mday, timeinfo->tm_hour, timeinfo->tm_min, timeinfo->tm_sec, error_code); + +/* Also print error if debug enabled */ +#ifdef DEBUG + printf("MC_Log: Error, [%d%d%d,%d:%d:%d], %d\n", timeinfo->tm_year + 1900, timeinfo->tm_mon + 1, + timeinfo->tm_mday, timeinfo->tm_hour, timeinfo->tm_min, timeinfo->tm_sec, error_code); +#endif } return; diff --git a/src/mc/internal_stub/mc_interface_internal_stub.template.c b/src/mc/internal_stub/mc_interface_internal_stub.template.c index 03badea1..8a302641 100644 --- a/src/mc/internal_stub/mc_interface_internal_stub.template.c +++ b/src/mc/internal_stub/mc_interface_internal_stub.template.c @@ -24,6 +24,7 @@ static McInterfaceStruct mc_if_struct; /* Functions */ McInterface get_mc_interface_internal(void) { - fprintf(stderr,"ERROR: Loading internal monitoring and control interface stub source code. Rebuild CryptoLib with -DMC_INTERNAL=ON to use implementation.\n"); + fprintf(stderr, "ERROR: Loading internal monitoring and control interface stub source code. Rebuild CryptoLib with " + "-DMC_INTERNAL=ON to use implementation.\n"); return &mc_if_struct; } diff --git a/src/sa/custom_stub/sa_interface_custom.stub.c b/src/sa/custom_stub/sa_interface_custom.stub.c index abe38c10..6a8760af 100644 --- a/src/sa/custom_stub/sa_interface_custom.stub.c +++ b/src/sa/custom_stub/sa_interface_custom.stub.c @@ -20,6 +20,7 @@ static SaInterfaceStruct sa_if_struct; /* Functions */ SaInterface get_sa_interface_custom(void) { - fprintf(stderr,"ERROR: Loading custom SA interface stub source code. Rebuild CryptoLib with -DSA_CUSTOM=ON to use proper internal implementation.\n"); + fprintf(stderr, "ERROR: Loading custom SA interface stub source code. Rebuild CryptoLib with -DSA_CUSTOM=ON to use " + "proper internal implementation.\n"); return &sa_if_struct; } diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 0b716d71..df29c0cf 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -21,15 +21,15 @@ static int32_t sa_config(void); static int32_t sa_init(void); static int32_t sa_close(void); // Security Association Interaction Functions -static int32_t sa_get_from_spi(uint16_t, SecurityAssociation_t**); -static int32_t sa_get_operational_sa_from_gvcid(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t**); -static int32_t sa_save_sa(SecurityAssociation_t* sa); +static int32_t sa_get_from_spi(uint16_t, SecurityAssociation_t **); +static int32_t sa_get_operational_sa_from_gvcid(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t **); +static int32_t sa_save_sa(SecurityAssociation_t *sa); // Security Association Utility Functions static int32_t sa_stop(void); -static int32_t sa_start(TC_t* tc_frame); +static int32_t sa_start(TC_t *tc_frame); static int32_t sa_expire(void); static int32_t sa_rekey(void); -static int32_t sa_status(uint8_t* ); +static int32_t sa_status(uint8_t *); static int32_t sa_create(void); static int32_t sa_setARSN(void); static int32_t sa_setARSNW(void); @@ -39,7 +39,7 @@ static int32_t sa_delete(void); ** Global Variables */ // Security -static SaInterfaceStruct sa_if_struct; +static SaInterfaceStruct sa_if_struct; static SecurityAssociation_t sa[NUM_SA]; /** @@ -48,21 +48,21 @@ static SecurityAssociation_t sa[NUM_SA]; **/ SaInterface get_sa_interface_inmemory(void) { - sa_if_struct.sa_config = sa_config; - sa_if_struct.sa_init = sa_init; - sa_if_struct.sa_close = sa_close; - sa_if_struct.sa_get_from_spi = sa_get_from_spi; + sa_if_struct.sa_config = sa_config; + sa_if_struct.sa_init = sa_init; + sa_if_struct.sa_close = sa_close; + sa_if_struct.sa_get_from_spi = sa_get_from_spi; sa_if_struct.sa_get_operational_sa_from_gvcid = sa_get_operational_sa_from_gvcid; - sa_if_struct.sa_stop = sa_stop; - sa_if_struct.sa_save_sa = sa_save_sa; - sa_if_struct.sa_start = sa_start; - sa_if_struct.sa_expire = sa_expire; - sa_if_struct.sa_rekey = sa_rekey; - sa_if_struct.sa_status = sa_status; - sa_if_struct.sa_create = sa_create; - sa_if_struct.sa_setARSN = sa_setARSN; - sa_if_struct.sa_setARSNW = sa_setARSNW; - sa_if_struct.sa_delete = sa_delete; + sa_if_struct.sa_stop = sa_stop; + sa_if_struct.sa_save_sa = sa_save_sa; + sa_if_struct.sa_start = sa_start; + sa_if_struct.sa_expire = sa_expire; + sa_if_struct.sa_rekey = sa_rekey; + sa_if_struct.sa_status = sa_status; + sa_if_struct.sa_create = sa_create; + sa_if_struct.sa_setARSN = sa_setARSN; + sa_if_struct.sa_setARSNW = sa_setARSNW; + sa_if_struct.sa_delete = sa_delete; return &sa_if_struct; } @@ -72,11 +72,11 @@ SaInterface get_sa_interface_inmemory(void) **/ int32_t sa_load_file() { - FILE *sa_save_file; - int32_t status = CRYPTO_LIB_SUCCESS; - int success_flag = 0; + FILE *sa_save_file; + int32_t status = CRYPTO_LIB_SUCCESS; + int success_flag = 0; - sa_save_file = fopen(CRYPTO_SA_SAVE, "rb+"); // Should this be rb instead of wb+ + sa_save_file = fopen(CRYPTO_SA_SAVE, "rb+"); // Should this be rb instead of wb+ if (sa_save_file == NULL) { @@ -85,15 +85,16 @@ int32_t sa_load_file() #endif status = CRYPTO_LIB_ERR_FAIL_SA_LOAD; } - else{ + else + { #ifdef SA_DEBUG printf("Opened sa_save_file successfully!\n"); #endif } - if( status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { success_flag = fread(&sa[0], SA_SIZE, NUM_SA, sa_save_file); - if(success_flag) + if (success_flag) { status = CRYPTO_LIB_SUCCESS; #ifdef SA_DEBUG @@ -109,7 +110,8 @@ int32_t sa_load_file() } } - if(sa_save_file != NULL) fclose(sa_save_file); + if (sa_save_file != NULL) + fclose(sa_save_file); return status; } @@ -117,55 +119,55 @@ int32_t sa_load_file() * @brief Function: update_sa_from_ptr * Updates SA Array with individual SA pointer. **/ -void update_sa_from_ptr(SecurityAssociation_t* sa_ptr) +void update_sa_from_ptr(SecurityAssociation_t *sa_ptr) { - int location = sa_ptr->spi; - sa[location].spi = sa_ptr->spi; + int location = sa_ptr->spi; + sa[location].spi = sa_ptr->spi; sa[location].ekid = sa_ptr->ekid; sa[location].akid = sa_ptr->akid; memcpy(sa[location].ek_ref, sa_ptr->ek_ref, REF_SIZE); memcpy(sa[location].ak_ref, sa_ptr->ak_ref, REF_SIZE); - sa[location].sa_state = sa_ptr->sa_state; - sa[location].gvcid_blk = sa_ptr->gvcid_blk; - sa[location].lpid = sa_ptr->lpid; - sa[location].est = sa_ptr->est; - sa[location].ast = sa_ptr->ast; - sa[location].shivf_len = sa_ptr->shivf_len; - sa[location].shsnf_len = sa_ptr->shsnf_len; - sa[location].shplf_len = sa_ptr->shplf_len; + sa[location].sa_state = sa_ptr->sa_state; + sa[location].gvcid_blk = sa_ptr->gvcid_blk; + sa[location].lpid = sa_ptr->lpid; + sa[location].est = sa_ptr->est; + sa[location].ast = sa_ptr->ast; + sa[location].shivf_len = sa_ptr->shivf_len; + sa[location].shsnf_len = sa_ptr->shsnf_len; + sa[location].shplf_len = sa_ptr->shplf_len; sa[location].stmacf_len = sa_ptr->stmacf_len; - sa[location].ecs = sa_ptr->ecs; - sa[location].ecs_len = sa_ptr->ecs_len; - for(int i = 0; iiv_len; i++) + sa[location].ecs = sa_ptr->ecs; + sa[location].ecs_len = sa_ptr->ecs_len; + for (int i = 0; i < sa_ptr->iv_len; i++) { sa[location].iv[i] = sa_ptr->iv[i]; } - sa[location].iv_len = sa_ptr->iv_len; + sa[location].iv_len = sa_ptr->iv_len; sa[location].acs_len = sa_ptr->acs_len; - sa[location].acs = sa_ptr->acs; + sa[location].acs = sa_ptr->acs; sa[location].abm_len = sa_ptr->abm_len; - for(int i = 0; iabm_len; i++) + for (int i = 0; i < sa_ptr->abm_len; i++) { sa[location].abm[i] = sa_ptr->abm[i]; } sa[location].arsn_len = sa_ptr->arsn_len; - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < sa_ptr->arsn_len; i++) { sa[location].arsn[i] = sa_ptr->arsn[i]; } sa[location].arsnw_len = sa_ptr->arsnw_len; - sa[location].arsnw = sa_ptr->arsnw; + sa[location].arsnw = sa_ptr->arsnw; } /** * @brief Function: sa_perform_save * Saves SA Array to file **/ -int32_t sa_perform_save(SecurityAssociation_t* sa_ptr) +int32_t sa_perform_save(SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - FILE* sa_save_file; - int success_flag = 0; + FILE *sa_save_file; + int success_flag = 0; update_sa_from_ptr(sa_ptr); @@ -176,18 +178,18 @@ int32_t sa_perform_save(SecurityAssociation_t* sa_ptr) status = CRYPTO_LIB_ERR_FAIL_SA_SAVE; } - if(status == CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { - success_flag = fwrite(sa, SA_SIZE, NUM_SA, sa_save_file); + success_flag = fwrite(sa, SA_SIZE, NUM_SA, sa_save_file); - if(success_flag) + if (success_flag) { status = CRYPTO_LIB_SUCCESS; #ifdef SA_DEBUG printf("SA Written Successfully to file!\n"); #endif - } + } else { status = CRYPTO_LIB_ERR_FAIL_SA_SAVE; @@ -206,16 +208,17 @@ int32_t sa_perform_save(SecurityAssociation_t* sa_ptr) * @param sa: SecurityAssociation_t* * @return int32: Success/Failure **/ -static int32_t sa_save_sa(SecurityAssociation_t* sa) +static int32_t sa_save_sa(SecurityAssociation_t *sa) { - int32_t status = CRYPTO_LIB_SUCCESS; - int ignore_save = 1; + int32_t status = CRYPTO_LIB_SUCCESS; + int ignore_save = 1; #ifdef SA_FILE - status = sa_perform_save(sa); + status = sa_perform_save(sa); ignore_save = 0; #endif - if (ignore_save) sa = sa; + if (ignore_save) + sa = sa; return status; } @@ -225,339 +228,338 @@ static int32_t sa_save_sa(SecurityAssociation_t* sa) **/ void sa_populate(void) { -// Security Associations + // Security Associations // EMPTY SA - Not Used (SA_NONE) - sa[0].spi = 0; - sa[0].sa_state = SA_UNKEYED; - sa[0].est = 0; - sa[0].ast = 0; - sa[0].shivf_len = 0; - sa[0].shsnf_len = 0; - sa[0].arsn_len = 0; - sa[0].arsnw_len = 0; - sa[0].arsnw = 0; - sa[0].gvcid_blk.tfvn = 0; - sa[0].gvcid_blk.scid = 0; - sa[0].gvcid_blk.vcid = 0; + sa[0].spi = 0; + sa[0].sa_state = SA_UNKEYED; + sa[0].est = 0; + sa[0].ast = 0; + sa[0].shivf_len = 0; + sa[0].shsnf_len = 0; + sa[0].arsn_len = 0; + sa[0].arsnw_len = 0; + sa[0].arsnw = 0; + sa[0].gvcid_blk.tfvn = 0; + sa[0].gvcid_blk.scid = 0; + sa[0].gvcid_blk.vcid = 0; sa[0].gvcid_blk.mapid = TYPE_TC; // TC - CLEAR MODE (Operational) // IV = 0 ... 0, IV-Len = 12, TFVN = 0, VCID = 0, MAC-Len = 0, ARSNW = 5 // EKID = 1 - sa[1].spi = 1; - sa[1].sa_state = SA_OPERATIONAL; - sa[1].est = 0; - sa[1].ast = 0; - sa[1].shivf_len = 12; - sa[1].iv_len = 12; - sa[1].shsnf_len = 2; - sa[1].arsnw = 5; - sa[1].arsnw_len = 1; - sa[1].arsn_len = 2; - sa[1].gvcid_blk.tfvn = 0; - sa[1].gvcid_blk.scid = SCID & 0x3FF; - sa[1].gvcid_blk.vcid = 0; + sa[1].spi = 1; + sa[1].sa_state = SA_OPERATIONAL; + sa[1].est = 0; + sa[1].ast = 0; + sa[1].shivf_len = 12; + sa[1].iv_len = 12; + sa[1].shsnf_len = 2; + sa[1].arsnw = 5; + sa[1].arsnw_len = 1; + sa[1].arsn_len = 2; + sa[1].gvcid_blk.tfvn = 0; + sa[1].gvcid_blk.scid = SCID & 0x3FF; + sa[1].gvcid_blk.vcid = 0; sa[1].gvcid_blk.mapid = TYPE_TC; - + // TC - Encryption Only - AES-GCM-256 (Keyed) // IV = 0...0, IV-Len = 12, TFVN = 0, VCID = 0; MAC-Len = 0, ARSNW = 5 // EKID = 2 - sa[2].spi = 2; - sa[2].ekid = 2; - sa[2].sa_state = SA_KEYED; - sa[2].ecs_len = 1; - sa[2].ecs = CRYPTO_CIPHER_AES256_GCM; - sa[2].est = 1; - sa[2].ast = 0; - sa[2].shivf_len = 12; - sa[2].iv_len = 12; - sa[2].arsnw_len = 1; - sa[2].arsnw = 5; - sa[2].arsn_len = ((sa[2].arsnw * 2) + 1); - sa[2].gvcid_blk.tfvn = 0; - sa[2].gvcid_blk.scid = SCID & 0x3FF; - sa[2].gvcid_blk.vcid = 0; + sa[2].spi = 2; + sa[2].ekid = 2; + sa[2].sa_state = SA_KEYED; + sa[2].ecs_len = 1; + sa[2].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[2].est = 1; + sa[2].ast = 0; + sa[2].shivf_len = 12; + sa[2].iv_len = 12; + sa[2].arsnw_len = 1; + sa[2].arsnw = 5; + sa[2].arsn_len = ((sa[2].arsnw * 2) + 1); + sa[2].gvcid_blk.tfvn = 0; + sa[2].gvcid_blk.scid = SCID & 0x3FF; + sa[2].gvcid_blk.vcid = 0; sa[2].gvcid_blk.mapid = TYPE_TC; // TC - Authentication Only - HMAC_SHA512 (Keyed) // IV = 0...0, IV-Len = 12, MAC-Len = 16, TFVN = 0, VCID = 0, ARSNW = 5 // AKID = 3 - sa[3].spi = 3; - sa[3].akid = 3; - sa[3].sa_state = SA_KEYED; - sa[3].acs_len = 1; - sa[3].acs = CRYPTO_MAC_HMAC_SHA512; - sa[3].est = 0; - sa[3].ast = 1; - sa[3].shivf_len = 12; - sa[3].iv_len = 12; - sa[3].shsnf_len = 2; - sa[3].arsn_len = 2; - sa[3].arsnw_len = 1; - sa[3].arsnw = 5; - sa[3].stmacf_len = 16; - sa[3].gvcid_blk.tfvn = 0; - sa[3].gvcid_blk.scid = SCID & 0x3FF; - sa[3].gvcid_blk.vcid = 0; + sa[3].spi = 3; + sa[3].akid = 3; + sa[3].sa_state = SA_KEYED; + sa[3].acs_len = 1; + sa[3].acs = CRYPTO_MAC_HMAC_SHA512; + sa[3].est = 0; + sa[3].ast = 1; + sa[3].shivf_len = 12; + sa[3].iv_len = 12; + sa[3].shsnf_len = 2; + sa[3].arsn_len = 2; + sa[3].arsnw_len = 1; + sa[3].arsnw = 5; + sa[3].stmacf_len = 16; + sa[3].gvcid_blk.tfvn = 0; + sa[3].gvcid_blk.scid = SCID & 0x3FF; + sa[3].gvcid_blk.vcid = 0; sa[3].gvcid_blk.mapid = TYPE_TC; // TC - Authenticated Encryption - AES-GCM-256 (Keyed) // IV = 0 ... 0, IV-Len = 12, MAC-Len = 16, TFVN = 0, VCID = 0, ARSNW = 5 // EKID = 4 - sa[4].spi = 4; - sa[4].ekid = 4; - sa[4].sa_state = SA_KEYED; - sa[4].ecs_len = 1; - sa[4].ecs = CRYPTO_CIPHER_AES256_GCM; - sa[4].est = 1; - sa[4].ast = 1; - sa[4].shivf_len = 12; - sa[4].iv_len = 12; - sa[4].abm_len = ABM_SIZE; - sa[4].arsnw_len = 1; - sa[4].arsnw = 5; - sa[4].arsn_len = ((sa[4].arsnw * 2) + 1); - sa[4].stmacf_len = 16; - sa[4].gvcid_blk.tfvn = 0; - sa[4].gvcid_blk.scid = SCID & 0x3FF; - sa[4].gvcid_blk.vcid = 0; + sa[4].spi = 4; + sa[4].ekid = 4; + sa[4].sa_state = SA_KEYED; + sa[4].ecs_len = 1; + sa[4].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[4].est = 1; + sa[4].ast = 1; + sa[4].shivf_len = 12; + sa[4].iv_len = 12; + sa[4].abm_len = ABM_SIZE; + sa[4].arsnw_len = 1; + sa[4].arsnw = 5; + sa[4].arsn_len = ((sa[4].arsnw * 2) + 1); + sa[4].stmacf_len = 16; + sa[4].gvcid_blk.tfvn = 0; + sa[4].gvcid_blk.scid = SCID & 0x3FF; + sa[4].gvcid_blk.vcid = 0; sa[4].gvcid_blk.mapid = TYPE_TC; // TM - CLEAR MODE (Keyed) // IV = 0...0, IV-Len = 12, MAC-Len = 0, TFVN = 0, VCID = 0, ARSNW = 5 // EKID = 5 - sa[5].spi = 5; - sa[5].sa_state = SA_KEYED; - sa[5].est = 0; - sa[5].ast = 0; - sa[5].shivf_len = 12; - sa[5].iv_len = 12; - sa[5].shsnf_len = 2; - sa[5].arsnw = 5; - sa[5].arsnw_len = 1; - sa[5].arsn_len = 2; - sa[5].gvcid_blk.tfvn = 0; - sa[5].gvcid_blk.scid = SCID & 0x3FF; - sa[5].gvcid_blk.vcid = 1; + sa[5].spi = 5; + sa[5].sa_state = SA_KEYED; + sa[5].est = 0; + sa[5].ast = 0; + sa[5].shivf_len = 12; + sa[5].iv_len = 12; + sa[5].shsnf_len = 2; + sa[5].arsnw = 5; + sa[5].arsnw_len = 1; + sa[5].arsn_len = 2; + sa[5].gvcid_blk.tfvn = 0; + sa[5].gvcid_blk.scid = SCID & 0x3FF; + sa[5].gvcid_blk.vcid = 1; sa[5].gvcid_blk.mapid = TYPE_TM; // TM - Encryption Only - AES-CBC-256 (Keyed) // IV = 0...0, IV-Len = 16, TFVN = 0, VCID = 0; MAC-Len = 0, ARSNW = 5 // EKID = 6 - sa[6].spi = 6; - sa[6].ekid = 6; - sa[6].sa_state = SA_KEYED; - sa[6].ecs_len = 1; - sa[6].ecs = CRYPTO_CIPHER_AES256_CBC; - sa[6].est = 1; - sa[6].ast = 0; - sa[6].shivf_len = 16; - sa[6].iv_len = 16; - sa[6].shplf_len = 1; - sa[6].stmacf_len = 0; - sa[6].arsn_len = 2; - sa[6].arsnw_len = 1; - sa[6].arsnw = 5; - sa[6].gvcid_blk.tfvn = 0; - sa[6].gvcid_blk.scid = SCID & 0x3FF; - sa[6].gvcid_blk.vcid = 0; + sa[6].spi = 6; + sa[6].ekid = 6; + sa[6].sa_state = SA_KEYED; + sa[6].ecs_len = 1; + sa[6].ecs = CRYPTO_CIPHER_AES256_CBC; + sa[6].est = 1; + sa[6].ast = 0; + sa[6].shivf_len = 16; + sa[6].iv_len = 16; + sa[6].shplf_len = 1; + sa[6].stmacf_len = 0; + sa[6].arsn_len = 2; + sa[6].arsnw_len = 1; + sa[6].arsnw = 5; + sa[6].gvcid_blk.tfvn = 0; + sa[6].gvcid_blk.scid = SCID & 0x3FF; + sa[6].gvcid_blk.vcid = 0; sa[6].gvcid_blk.mapid = TYPE_TM; // TM - Authentication Only HMAC_SHA512 (Keyed) // IV = 0...0, IV-Len = 12, MAC-Len = 16, TFVN = 0, VCID = 0, ARSNW = 5 // AKID = 7 - sa[7].spi = 7; - sa[7].akid = 7; - sa[7].sa_state = SA_KEYED; - sa[7].acs_len = 1; - sa[7].acs = CRYPTO_MAC_HMAC_SHA512; - sa[7].est = 0; - sa[7].ast = 1; - sa[7].shivf_len = 12; - sa[7].iv_len = 12; - sa[7].shsnf_len = 2; - sa[7].arsn_len = 2; - sa[7].arsnw_len = 1; - sa[7].arsnw = 5; - sa[7].stmacf_len = 16; - sa[7].gvcid_blk.tfvn = 0; - sa[7].gvcid_blk.scid = SCID & 0x3FF; - sa[7].gvcid_blk.vcid = 0; + sa[7].spi = 7; + sa[7].akid = 7; + sa[7].sa_state = SA_KEYED; + sa[7].acs_len = 1; + sa[7].acs = CRYPTO_MAC_HMAC_SHA512; + sa[7].est = 0; + sa[7].ast = 1; + sa[7].shivf_len = 12; + sa[7].iv_len = 12; + sa[7].shsnf_len = 2; + sa[7].arsn_len = 2; + sa[7].arsnw_len = 1; + sa[7].arsnw = 5; + sa[7].stmacf_len = 16; + sa[7].gvcid_blk.tfvn = 0; + sa[7].gvcid_blk.scid = SCID & 0x3FF; + sa[7].gvcid_blk.vcid = 0; sa[7].gvcid_blk.mapid = TYPE_TM; // TM - Authenticated Encryption AES-CBC-256 (Keyed) // IV = 0...0, IV-Len = 16, MAC-Len = 16, TFVN = 0, VCID = 0, ARSNW = 5 // EKID = 8 - sa[8].spi = 8; - sa[8].ekid = 8; - sa[8].sa_state = SA_KEYED; - sa[8].ecs_len = 1; - sa[8].ecs = CRYPTO_CIPHER_AES256_CBC; - sa[8].est = 1; - sa[8].ast = 1; - sa[8].shplf_len = 1; - sa[8].shivf_len = 16; - sa[8].iv_len = 16; - sa[8].shsnf_len = 2; - sa[8].arsn_len = 2; - sa[8].arsnw_len = 1; - sa[8].arsnw = 5; - sa[8].stmacf_len = 16; - sa[8].gvcid_blk.tfvn = 0; - sa[8].gvcid_blk.scid = SCID & 0x3FF; - sa[8].gvcid_blk.vcid = 0; - sa[8].gvcid_blk.mapid = TYPE_TM; - + sa[8].spi = 8; + sa[8].ekid = 8; + sa[8].sa_state = SA_KEYED; + sa[8].ecs_len = 1; + sa[8].ecs = CRYPTO_CIPHER_AES256_CBC; + sa[8].est = 1; + sa[8].ast = 1; + sa[8].shplf_len = 1; + sa[8].shivf_len = 16; + sa[8].iv_len = 16; + sa[8].shsnf_len = 2; + sa[8].arsn_len = 2; + sa[8].arsnw_len = 1; + sa[8].arsnw = 5; + sa[8].stmacf_len = 16; + sa[8].gvcid_blk.tfvn = 0; + sa[8].gvcid_blk.scid = SCID & 0x3FF; + sa[8].gvcid_blk.vcid = 0; + sa[8].gvcid_blk.mapid = TYPE_TM; + // AOS - Clear Mode // IV = 0...0, IV-Len = 12, MAC-Len = 0, TFVN = 1, VCID = 0, ARSNW = 5 // EKID = 9 - sa[9].spi = 9; - sa[9].sa_state = SA_KEYED; - sa[9].est = 0; - sa[9].ast = 0; - sa[9].shivf_len = 12; - sa[9].iv_len = 12; - sa[9].shsnf_len = 2; - sa[9].arsnw = 5; - sa[9].arsnw_len = 1; - sa[9].arsn_len = 2; - sa[9].gvcid_blk.tfvn = 0x01; - sa[9].gvcid_blk.scid = SCID & 0x3FF; - sa[9].gvcid_blk.vcid = 0; + sa[9].spi = 9; + sa[9].sa_state = SA_KEYED; + sa[9].est = 0; + sa[9].ast = 0; + sa[9].shivf_len = 12; + sa[9].iv_len = 12; + sa[9].shsnf_len = 2; + sa[9].arsnw = 5; + sa[9].arsnw_len = 1; + sa[9].arsn_len = 2; + sa[9].gvcid_blk.tfvn = 0x01; + sa[9].gvcid_blk.scid = SCID & 0x3FF; + sa[9].gvcid_blk.vcid = 0; sa[9].gvcid_blk.mapid = 0; // AOS - Authentication Only, HMAC_SHA512 (Keyed) // IV = 0...0, IV-Len = 16, MAC-Len = 16, TFVN = 1, VCID = 0, ARSNW = 5 // AKID = 10 - sa[10].spi = 10; - sa[10].akid = 10; - sa[10].sa_state = SA_OPERATIONAL; - sa[10].est = 0; - sa[10].ast = 1; - sa[10].acs_len = 1; - sa[10].acs = CRYPTO_MAC_HMAC_SHA512; - sa[10].stmacf_len = 16; - sa[10].arsnw = 5; - sa[10].arsnw_len = 1; - sa[10].arsn_len = 2; - sa[10].abm_len = ABM_SIZE; - sa[10].gvcid_blk.tfvn = 0x01; - sa[10].gvcid_blk.scid = SCID & 0x3FF; - sa[10].gvcid_blk.vcid = 0; + sa[10].spi = 10; + sa[10].akid = 10; + sa[10].sa_state = SA_OPERATIONAL; + sa[10].est = 0; + sa[10].ast = 1; + sa[10].acs_len = 1; + sa[10].acs = CRYPTO_MAC_HMAC_SHA512; + sa[10].stmacf_len = 16; + sa[10].arsnw = 5; + sa[10].arsnw_len = 1; + sa[10].arsn_len = 2; + sa[10].abm_len = ABM_SIZE; + sa[10].gvcid_blk.tfvn = 0x01; + sa[10].gvcid_blk.scid = SCID & 0x3FF; + sa[10].gvcid_blk.vcid = 0; sa[10].gvcid_blk.mapid = 0; // AOS - Encryption Only, AES-GCM-256 (Keyed) // IV = 0...0, IV-Len = 16, MAC-Len = 0, TFVN = 1, VCID = 0, ARSNW = 5 // EKID = 11 - sa[11].spi = 11; - sa[11].ekid = 11; - sa[11].sa_state = SA_KEYED; - sa[11].est = 1; - sa[11].ast = 0; - sa[11].ecs_len = 1; - sa[11].shplf_len = 1; - sa[11].ecs = CRYPTO_CIPHER_AES256_CBC; - sa[11].iv_len = 16; - sa[11].shivf_len = 16; - sa[11].stmacf_len = 0; - sa[11].shsnf_len = 2; - sa[11].arsn_len = 2; - sa[11].arsnw_len = 1; - sa[11].arsnw = 5; - sa[11].gvcid_blk.tfvn = 0x01; - sa[11].gvcid_blk.scid = SCID & 0x3FF; - sa[11].gvcid_blk.vcid = 0; + sa[11].spi = 11; + sa[11].ekid = 11; + sa[11].sa_state = SA_KEYED; + sa[11].est = 1; + sa[11].ast = 0; + sa[11].ecs_len = 1; + sa[11].shplf_len = 1; + sa[11].ecs = CRYPTO_CIPHER_AES256_CBC; + sa[11].iv_len = 16; + sa[11].shivf_len = 16; + sa[11].stmacf_len = 0; + sa[11].shsnf_len = 2; + sa[11].arsn_len = 2; + sa[11].arsnw_len = 1; + sa[11].arsnw = 5; + sa[11].gvcid_blk.tfvn = 0x01; + sa[11].gvcid_blk.scid = SCID & 0x3FF; + sa[11].gvcid_blk.vcid = 0; sa[11].gvcid_blk.mapid = 0; // AOS - Authenticated Encryption, AES-CBC-256 (Keyed) // IV = 0...0, IV-Len = 16, MAC-Len = 16, TFVN = 1, VCID = 0, ARSNW = 5 // EKID = 12 - sa[12].spi = 12; - sa[12].ekid = 12; - sa[12].sa_state = SA_KEYED; - sa[12].est = 1; - sa[12].ast = 1; - sa[12].ecs_len = 1; - sa[12].ecs = CRYPTO_CIPHER_AES256_GCM; - sa[12].iv_len = 16; - sa[12].shivf_len = 16; - sa[12].stmacf_len = 16; - sa[12].shsnf_len = 2; - sa[12].arsn_len = 2; - sa[12].arsnw_len = 1; - sa[12].arsnw = 5; + sa[12].spi = 12; + sa[12].ekid = 12; + sa[12].sa_state = SA_KEYED; + sa[12].est = 1; + sa[12].ast = 1; + sa[12].ecs_len = 1; + sa[12].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[12].iv_len = 16; + sa[12].shivf_len = 16; + sa[12].stmacf_len = 16; + sa[12].shsnf_len = 2; + sa[12].arsn_len = 2; + sa[12].arsnw_len = 1; + sa[12].arsnw = 5; sa[12].gvcid_blk.tfvn = 0x01; sa[12].gvcid_blk.scid = SCID & 0x3FF; sa[12].gvcid_blk.vcid = 0; - -// EP - Testing SAs + // EP - Testing SAs // TC - NULL (SA_None) - sa[13].spi = 13; - sa[13].sa_state = SA_NONE; - sa[13].est = 0; - sa[13].ast = 0; - sa[13].shivf_len = 12; - sa[13].iv_len = 12; - sa[13].shsnf_len = 2; - sa[13].arsnw = 5; - sa[13].arsnw_len = 1; - sa[13].arsn_len = 2; - sa[13].gvcid_blk.tfvn = 2; - sa[13].gvcid_blk.scid = SCID & 0x3FF; - sa[13].gvcid_blk.vcid = 0; + sa[13].spi = 13; + sa[13].sa_state = SA_NONE; + sa[13].est = 0; + sa[13].ast = 0; + sa[13].shivf_len = 12; + sa[13].iv_len = 12; + sa[13].shsnf_len = 2; + sa[13].arsnw = 5; + sa[13].arsnw_len = 1; + sa[13].arsn_len = 2; + sa[13].gvcid_blk.tfvn = 2; + sa[13].gvcid_blk.scid = SCID & 0x3FF; + sa[13].gvcid_blk.vcid = 0; sa[13].gvcid_blk.mapid = TYPE_TC; // TC - Keyed - sa[14].spi = 14; - sa[14].ekid = 14; - sa[14].sa_state = SA_KEYED; - sa[14].est = 0; - sa[14].ast = 0; - sa[14].shivf_len = 12; - sa[14].iv_len = 12; - sa[14].shsnf_len = 2; - sa[14].arsnw = 5; - sa[14].arsnw_len = 1; - sa[14].arsn_len = 2; - sa[14].gvcid_blk.tfvn = 2; - sa[14].gvcid_blk.scid = SCID & 0x3FF; - sa[14].gvcid_blk.vcid = 1; + sa[14].spi = 14; + sa[14].ekid = 14; + sa[14].sa_state = SA_KEYED; + sa[14].est = 0; + sa[14].ast = 0; + sa[14].shivf_len = 12; + sa[14].iv_len = 12; + sa[14].shsnf_len = 2; + sa[14].arsnw = 5; + sa[14].arsnw_len = 1; + sa[14].arsn_len = 2; + sa[14].gvcid_blk.tfvn = 2; + sa[14].gvcid_blk.scid = SCID & 0x3FF; + sa[14].gvcid_blk.vcid = 1; sa[14].gvcid_blk.mapid = TYPE_TC; // TC - Unkeyed - sa[14].spi = 14; - sa[14].ekid = 14; - sa[14].sa_state = SA_UNKEYED; - sa[14].est = 0; - sa[14].ast = 0; - sa[14].shivf_len = 12; - sa[14].iv_len = 12; - sa[14].shsnf_len = 2; - sa[14].arsnw = 5; - sa[14].arsnw_len = 1; - sa[14].arsn_len = 2; - sa[14].gvcid_blk.tfvn = 2; - sa[14].gvcid_blk.scid = SCID & 0x3FF; - sa[14].gvcid_blk.vcid = 2; + sa[14].spi = 14; + sa[14].ekid = 14; + sa[14].sa_state = SA_UNKEYED; + sa[14].est = 0; + sa[14].ast = 0; + sa[14].shivf_len = 12; + sa[14].iv_len = 12; + sa[14].shsnf_len = 2; + sa[14].arsnw = 5; + sa[14].arsnw_len = 1; + sa[14].arsn_len = 2; + sa[14].gvcid_blk.tfvn = 2; + sa[14].gvcid_blk.scid = SCID & 0x3FF; + sa[14].gvcid_blk.vcid = 2; sa[14].gvcid_blk.mapid = TYPE_TC; // TC - Operational - sa[15].spi = 15; - sa[15].ekid = 15; - sa[15].sa_state = SA_OPERATIONAL; - sa[15].est = 0; - sa[15].ast = 0; - sa[15].shivf_len = 12; - sa[15].iv_len = 12; - sa[15].shsnf_len = 2; - sa[15].arsnw = 5; - sa[15].arsnw_len = 1; - sa[15].arsn_len = 2; - sa[15].gvcid_blk.tfvn = 2; - sa[15].gvcid_blk.scid = SCID & 0x3FF; - sa[15].gvcid_blk.vcid = 3; + sa[15].spi = 15; + sa[15].ekid = 15; + sa[15].sa_state = SA_OPERATIONAL; + sa[15].est = 0; + sa[15].ast = 0; + sa[15].shivf_len = 12; + sa[15].iv_len = 12; + sa[15].shsnf_len = 2; + sa[15].arsnw = 5; + sa[15].arsnw_len = 1; + sa[15].arsn_len = 2; + sa[15].gvcid_blk.tfvn = 2; + sa[15].gvcid_blk.scid = SCID & 0x3FF; + sa[15].gvcid_blk.vcid = 3; sa[15].gvcid_blk.mapid = TYPE_TC; sa_perform_save(&sa[0]); @@ -571,36 +573,38 @@ void sa_populate(void) int32_t key_validation(void) { int32_t status = CRYPTO_LIB_SUCCESS; - int i = 0; - int j = 0; - for(i = 0; i < NUM_SA; i++) + int i = 0; + int j = 0; + for (i = 0; i < NUM_SA; i++) { uint16_t i_ekid = sa[i].ekid; uint16_t i_akid = sa[i].akid; - - if(i_ekid == i_akid) + + if (i_ekid == i_akid) { status = CRYPTO_LIB_ERR_KEY_VALIDATION; #ifdef DEBUG printf(KRED "SA Key Validation FAILURE!\n"); printf("Key Duplication: SA #%d, EKID: %d, AKID: %d\n", i, i_ekid, i_akid); - printf("\n"RESET); -#endif + printf("\n" RESET); +#endif break; } - for(j = i+1; j < NUM_SA; j++) + for (j = i + 1; j < NUM_SA; j++) { uint16_t j_ekid = sa[j].ekid; uint16_t j_akid = sa[j].akid; - - if((i_ekid == j_ekid) || (i_ekid == j_akid) || (i_akid == j_ekid) || (i_akid == j_akid) || (j_ekid == j_akid)) + + if ((i_ekid == j_ekid) || (i_ekid == j_akid) || (i_akid == j_ekid) || (i_akid == j_akid) || + (j_ekid == j_akid)) { status = CRYPTO_LIB_ERR_KEY_VALIDATION; #ifdef DEBUG printf(KRED "SA Key Validation FAILURE!\n"); - printf("Key Duplication SA: %d, EKID: %d, AKID: %d\n\tSA: %d, EKID: %d, AKID: %d\n", i, i_ekid, i_akid, j, j_ekid, j_akid); - printf("\n"RESET); + printf("Key Duplication SA: %d, EKID: %d, AKID: %d\n\tSA: %d, EKID: %d, AKID: %d\n", i, i_ekid, i_akid, + j, j_ekid, j_akid); + printf("\n" RESET); #endif break; } @@ -615,14 +619,14 @@ int32_t key_validation(void) **/ int32_t sa_config(void) { - int32_t status = CRYPTO_LIB_SUCCESS; - int use_internal = 1; + int32_t status = CRYPTO_LIB_SUCCESS; + int use_internal = 1; #ifdef SA_FILE - use_internal = 0; + use_internal = 0; #endif - if(use_internal) + if (use_internal) { sa_populate(); #ifdef KEY_VALIDATION @@ -643,30 +647,30 @@ int32_t sa_init(void) int use_internal = 1; - #ifdef SA_FILE - use_internal = 0; - status = sa_load_file(); - if (status != CRYPTO_LIB_SUCCESS) - { - #ifdef DEBUG - printf("SA Load Failure!\n"); - printf("Falling back to in-memory SA!\n"); - use_internal = 1; - status = CRYPTO_LIB_SUCCESS; - #endif - } - #endif +#ifdef SA_FILE + use_internal = 0; + status = sa_load_file(); + if (status != CRYPTO_LIB_SUCCESS) + { +#ifdef DEBUG + printf("SA Load Failure!\n"); + printf("Falling back to in-memory SA!\n"); + use_internal = 1; + status = CRYPTO_LIB_SUCCESS; +#endif + } +#endif - if(use_internal) + if (use_internal) { for (int x = 0; x < NUM_SA; x++) { - sa[x].spi = x; - sa[x].ekid = x; - sa[x].akid = x; - sa[x].sa_state = SA_NONE; - sa[x].ecs_len = 0; - sa[x].ecs = 0; + sa[x].spi = x; + sa[x].ekid = x; + sa[x].akid = x; + sa[x].sa_state = SA_NONE; + sa[x].ecs_len = 0; + sa[x].ecs = 0; sa[x].shivf_len = 0; for (int y = 0; y < IV_SIZE; y++) { @@ -677,16 +681,16 @@ int32_t sa_init(void) { sa[x].abm[y] = 0; } - for( int y = 0; y < REF_SIZE; y++) + for (int y = 0; y < REF_SIZE; y++) { sa[x].ek_ref[y] = '\0'; sa[x].ak_ref[y] = '\0'; } - sa[x].abm_len = 0; - sa[x].acs_len = 0; - sa[x].acs = 0; + sa[x].abm_len = 0; + sa[x].acs_len = 0; + sa[x].acs = 0; sa[x].shsnf_len = 0; - sa[x].arsn_len = 0; + sa[x].arsn_len = 0; for (int y = 0; y < ARSN_SIZE; y++) { sa[x].arsn[y] = 0; @@ -697,7 +701,7 @@ int32_t sa_init(void) #ifdef KEY_VALIDATION status = key_validation(); #endif - } + } return status; } @@ -720,7 +724,7 @@ static int32_t sa_close(void) * @param security_association: SecurityAssociation_t** * @return int32: Success/Failure **/ -static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t** security_association) +static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t **security_association) { int32_t status = CRYPTO_LIB_SUCCESS; // Check if spi index in sa array @@ -745,25 +749,26 @@ static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t** security_as return status; } -int32_t sa_get_operational_sa_from_gvcid_find_iv(uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid, SecurityAssociation_t** security_association) +int32_t sa_get_operational_sa_from_gvcid_find_iv(uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid, + SecurityAssociation_t **security_association) { int32_t status = CRYPTO_LIB_ERR_NO_OPERATIONAL_SA; - int i = 0; + int i = 0; for (i = 0; i < NUM_SA; i++) { // If valid match found - if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid == scid) && - (sa[i].gvcid_blk.vcid == vcid) && (sa[i].sa_state == SA_OPERATIONAL) && - (crypto_config.unique_sa_per_mapid == TC_UNIQUE_SA_PER_MAP_ID_FALSE || - sa[i].gvcid_blk.mapid == mapid)) - // only require MapID match is unique SA per MapID set (only relevant - // when using segmentation hdrs) + if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid == scid) && (sa[i].gvcid_blk.vcid == vcid) && + (sa[i].sa_state == SA_OPERATIONAL) && + (crypto_config.unique_sa_per_mapid == TC_UNIQUE_SA_PER_MAP_ID_FALSE || sa[i].gvcid_blk.mapid == mapid)) + // only require MapID match is unique SA per MapID set (only relevant + // when using segmentation hdrs) { *security_association = &sa[i]; // Must have IV if using libgcrypt and auth/enc - // if (sa[i].iv == NULL && (sa[i].ast == 1 || sa[i].est == 1) && crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + // if (sa[i].iv == NULL && (sa[i].ast == 1 || sa[i].est == 1) && crypto_config.cryptography_type != + // CRYPTOGRAPHY_TYPE_KMCCRYPTO) // { // //status = CRYPTO_LIB_ERR_NULL_IV; // //return status; @@ -773,7 +778,7 @@ int32_t sa_get_operational_sa_from_gvcid_find_iv(uint8_t tfvn, uint16_t scid, ui { status = CRYPTO_LIB_ERR_NULL_ABM; return status; - } + } #ifdef SA_DEBUG printf("Valid operational SA found at index %d.\n", i); @@ -789,12 +794,11 @@ int32_t sa_get_operational_sa_from_gvcid_find_iv(uint8_t tfvn, uint16_t scid, ui return status; } -void sa_mismatched_tfvn_error(int * i_p, int32_t* status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) +void sa_mismatched_tfvn_error(int *i_p, int32_t *status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) { int i = *i_p; - if ((sa[i].gvcid_blk.tfvn != tfvn) && (sa[i].gvcid_blk.scid == scid) && - (sa[i].gvcid_blk.vcid == vcid) && - (sa[i].gvcid_blk.mapid == mapid && sa[i].sa_state == SA_OPERATIONAL)) + if ((sa[i].gvcid_blk.tfvn != tfvn) && (sa[i].gvcid_blk.scid == scid) && (sa[i].gvcid_blk.vcid == vcid) && + (sa[i].gvcid_blk.mapid == mapid && sa[i].sa_state == SA_OPERATIONAL)) { #ifdef SA_DEBUG printf(KRED "An operational SA was found - but mismatched tfvn.\n" RESET); @@ -807,12 +811,11 @@ void sa_mismatched_tfvn_error(int * i_p, int32_t* status, uint8_t tfvn, uint16_t *i_p = i; } -void sa_mismatched_scid(int* i_p, int32_t* status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) +void sa_mismatched_scid(int *i_p, int32_t *status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) { int i = *i_p; - if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid != scid) && - (sa[i].gvcid_blk.vcid == vcid) && - (sa[i].gvcid_blk.mapid == mapid && sa[i].sa_state == SA_OPERATIONAL)) + if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid != scid) && (sa[i].gvcid_blk.vcid == vcid) && + (sa[i].gvcid_blk.mapid == mapid && sa[i].sa_state == SA_OPERATIONAL)) { #ifdef SA_DEBUG printf(KRED "An operational SA was found - but mismatched scid.\n" RESET); @@ -825,12 +828,11 @@ void sa_mismatched_scid(int* i_p, int32_t* status, uint8_t tfvn, uint16_t scid, *i_p = i; } -void sa_mismatched_vcid(int* i_p, int32_t* status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) +void sa_mismatched_vcid(int *i_p, int32_t *status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) { int i = *i_p; - if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid == scid) && - (sa[i].gvcid_blk.vcid != vcid) && - (sa[i].gvcid_blk.mapid == mapid && sa[i].sa_state == SA_OPERATIONAL)) + if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid == scid) && (sa[i].gvcid_blk.vcid != vcid) && + (sa[i].gvcid_blk.mapid == mapid && sa[i].sa_state == SA_OPERATIONAL)) { #ifdef SA_DEBUG printf(KRED "An operational SA was found - but mismatched vcid.\n" RESET); @@ -841,12 +843,11 @@ void sa_mismatched_vcid(int* i_p, int32_t* status, uint8_t tfvn, uint16_t scid, *i_p = i; } -void sa_mismatched_mapid(int* i_p, int32_t* status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) +void sa_mismatched_mapid(int *i_p, int32_t *status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) { int i = *i_p; - if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid == scid) && - (sa[i].gvcid_blk.vcid == vcid) && - (sa[i].gvcid_blk.mapid != mapid && sa[i].sa_state == SA_OPERATIONAL)) + if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid == scid) && (sa[i].gvcid_blk.vcid == vcid) && + (sa[i].gvcid_blk.mapid != mapid && sa[i].sa_state == SA_OPERATIONAL)) { #ifdef SA_DEBUG printf(KRED "An operational SA was found - but mismatched mapid.\n" RESET); @@ -856,11 +857,10 @@ void sa_mismatched_mapid(int* i_p, int32_t* status, uint8_t tfvn, uint16_t scid, *i_p = i; } -void sa_non_operational_sa(int* i_p, int32_t* status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) +void sa_non_operational_sa(int *i_p, int32_t *status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) { int i = *i_p; - if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid == scid) && - (sa[i].gvcid_blk.vcid == vcid) && + if ((sa[i].gvcid_blk.tfvn == tfvn) && (sa[i].gvcid_blk.scid == scid) && (sa[i].gvcid_blk.vcid == vcid) && (sa[i].gvcid_blk.mapid == mapid && sa[i].sa_state != SA_OPERATIONAL)) { #ifdef SA_DEBUG @@ -881,14 +881,15 @@ void sa_debug_block(uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) printf(KYEL "\tvcid %d\n" RESET, vcid); printf(KYEL "\tmapid %02X\n" RESET, mapid); #endif -// Ignore Unused Variables - (void) tfvn; - (void) scid; - (void) vcid; - (void) mapid; + // Ignore Unused Variables + (void)tfvn; + (void)scid; + (void)vcid; + (void)mapid; } -int32_t sa_get_operational_sa_from_gvcid_generate_error(int32_t* status, uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid) +int32_t sa_get_operational_sa_from_gvcid_generate_error(int32_t *status, uint8_t tfvn, uint16_t scid, uint16_t vcid, + uint8_t mapid) { int i = 0; @@ -903,34 +904,34 @@ int32_t sa_get_operational_sa_from_gvcid_generate_error(int32_t* status, uint8_t // ordering so the 'most accurate' SA's error is returned // (determined by matching header fields L to R) sa_mismatched_tfvn_error(&i, status, tfvn, scid, vcid, mapid); - if(*status != CRYPTO_LIB_SUCCESS) + if (*status != CRYPTO_LIB_SUCCESS) { sa_debug_block(tfvn, scid, vcid, mapid); - return *status; + return *status; } sa_mismatched_scid(&i, status, tfvn, scid, vcid, mapid); - if(*status != CRYPTO_LIB_SUCCESS) + if (*status != CRYPTO_LIB_SUCCESS) { sa_debug_block(tfvn, scid, vcid, mapid); - return *status; + return *status; } sa_mismatched_vcid(&i, status, tfvn, scid, vcid, mapid); - if(*status != CRYPTO_LIB_SUCCESS) + if (*status != CRYPTO_LIB_SUCCESS) { sa_debug_block(tfvn, scid, vcid, mapid); - return *status; + return *status; } sa_mismatched_mapid(&i, status, tfvn, scid, vcid, mapid); - if(*status != CRYPTO_LIB_SUCCESS) + if (*status != CRYPTO_LIB_SUCCESS) { sa_debug_block(tfvn, scid, vcid, mapid); - return *status; + return *status; } sa_non_operational_sa(&i, status, tfvn, scid, vcid, mapid); - if(*status != CRYPTO_LIB_SUCCESS) + if (*status != CRYPTO_LIB_SUCCESS) { sa_debug_block(tfvn, scid, vcid, mapid); - return *status; + return *status; } } } @@ -947,7 +948,7 @@ int32_t sa_get_operational_sa_from_gvcid_generate_error(int32_t* status, uint8_t * @return int32: Success/Failure **/ static int32_t sa_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid, - SecurityAssociation_t** security_association) + SecurityAssociation_t **security_association) { int32_t status = CRYPTO_LIB_ERR_NO_OPERATIONAL_SA; @@ -959,7 +960,6 @@ static int32_t sa_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uin return status; } - /* ** Security Association Management Services */ @@ -968,14 +968,14 @@ static int32_t sa_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uin * @param tc_frame: TC_t * @return int32: Success/Failure **/ -static int32_t sa_start(TC_t* tc_frame) +static int32_t sa_start(TC_t *tc_frame) { // Local variables - uint8_t count = 0; - uint16_t spi = 0x0000; + uint8_t count = 0; + uint16_t spi = 0x0000; crypto_gvcid_t gvcid; - int x; - int i; + int x; + int i; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; @@ -989,8 +989,8 @@ static int32_t sa_start(TC_t* tc_frame) // 2 : User Flag (uf) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) - sa[spi].lpid = - (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; + sa[spi].lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | + sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_KEYED) { @@ -1016,16 +1016,16 @@ static int32_t sa_start(TC_t* tc_frame) { // Clear all GVCIDs for provided SPI if (gvcid.mapid == TYPE_TC) { - sa[spi].gvcid_blk.tfvn = 0; - sa[spi].gvcid_blk.scid = 0; - sa[spi].gvcid_blk.vcid = 0; + sa[spi].gvcid_blk.tfvn = 0; + sa[spi].gvcid_blk.scid = 0; + sa[spi].gvcid_blk.vcid = 0; sa[spi].gvcid_blk.mapid = 0; } // Write channel to SA if (gvcid.mapid != TYPE_MAP) { // TC - sa[spi].gvcid_blk.tfvn = gvcid.tfvn; - sa[spi].gvcid_blk.scid = gvcid.scid; + sa[spi].gvcid_blk.tfvn = gvcid.tfvn; + sa[spi].gvcid_blk.scid = gvcid.scid; sa[spi].gvcid_blk.mapid = gvcid.mapid; } else @@ -1035,23 +1035,23 @@ static int32_t sa_start(TC_t* tc_frame) } // TM if (gvcid.vcid != tm_frame_pri_hdr.vcid) // TODO Check this tm_frame.tm_header.vcid) - { // Clear all GVCIDs for provided SPI + { // Clear all GVCIDs for provided SPI if (gvcid.mapid == TYPE_TM) { for (i = 0; i < NUM_GVCID; i++) { // TM - sa[spi].gvcid_blk.tfvn = 0; - sa[spi].gvcid_blk.scid = 0; - sa[spi].gvcid_blk.vcid = 0; + sa[spi].gvcid_blk.tfvn = 0; + sa[spi].gvcid_blk.scid = 0; + sa[spi].gvcid_blk.vcid = 0; sa[spi].gvcid_blk.mapid = 0; } } // Write channel to SA if (gvcid.mapid != TYPE_MAP) - { // TM - sa[spi].gvcid_blk.tfvn = gvcid.tfvn; // Hope for the best - sa[spi].gvcid_blk.scid = gvcid.scid; // Hope for the best - sa[spi].gvcid_blk.vcid = gvcid.vcid; // Hope for the best + { // TM + sa[spi].gvcid_blk.tfvn = gvcid.tfvn; // Hope for the best + sa[spi].gvcid_blk.scid = gvcid.scid; // Hope for the best + sa[spi].gvcid_blk.vcid = gvcid.vcid; // Hope for the best sa[spi].gvcid_blk.mapid = gvcid.mapid; // Hope for the best } else @@ -1064,18 +1064,18 @@ static int32_t sa_start(TC_t* tc_frame) printf("SPI %d changed to OPERATIONAL state. \n", spi); switch (gvcid.mapid) { - case TYPE_TC: - printf("Type TC, "); - break; - case TYPE_MAP: - printf("Type MAP, "); - break; - case TYPE_TM: - printf("Type TM, "); - break; - default: - printf("Type Unknown, "); - break; + case TYPE_TC: + printf("Type TC, "); + break; + case TYPE_MAP: + printf("Type MAP, "); + break; + case TYPE_TM: + printf("Type TM, "); + break; + default: + printf("Type Unknown, "); + break; } #endif @@ -1108,7 +1108,7 @@ static int32_t sa_stop(void) { // Local variables uint16_t spi = 0x0000; - int x; + int x; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; @@ -1123,22 +1123,22 @@ static int32_t sa_stop(void) // 2 : User Flag (uf) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) - sa[spi].lpid = - (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; + sa[spi].lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | + sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_OPERATIONAL) { // Remove all GVC/GMAP IDs - sa[spi].gvcid_blk.tfvn = 0; - sa[spi].gvcid_blk.scid = 0; - sa[spi].gvcid_blk.vcid = 0; + sa[spi].gvcid_blk.tfvn = 0; + sa[spi].gvcid_blk.scid = 0; + sa[spi].gvcid_blk.vcid = 0; sa[spi].gvcid_blk.mapid = 0; for (x = 0; x < NUM_GVCID; x++) { // TM - sa[spi].gvcid_blk.tfvn = 0; // TODO REVISIT - sa[spi].gvcid_blk.scid = 0; // TODO REVISIT - sa[spi].gvcid_blk.vcid = 0; // TODO REVISIT + sa[spi].gvcid_blk.tfvn = 0; // TODO REVISIT + sa[spi].gvcid_blk.scid = 0; // TODO REVISIT + sa[spi].gvcid_blk.vcid = 0; // TODO REVISIT sa[spi].gvcid_blk.mapid = 0; // TODO REVISIT } @@ -1172,12 +1172,12 @@ static int32_t sa_stop(void) static int32_t sa_rekey(void) { // Local variables - uint16_t spi = 0x0000; - int count = 0; - int x = 0; + uint16_t spi = 0x0000; + int count = 0; + int x = 0; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; + spi = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; count = count + 2; // Check SPI exists and in 'Unkeyed' state @@ -1189,13 +1189,13 @@ static int32_t sa_rekey(void) // 2 : User Flag (uf) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) - sa[spi].lpid = - (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; + sa[spi].lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | + sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_UNKEYED) { // Encryption Key sa[spi].ekid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; - count = count + 2; + count = count + 2; // Authentication Key // sa[spi].akid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count+1]; @@ -1276,8 +1276,8 @@ static int32_t sa_expire(void) // 2 : User Flag (uf) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) - sa[spi].lpid = - (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; + sa[spi].lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | + sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_KEYED) { // Change to 'Unkeyed' state @@ -1306,9 +1306,9 @@ static int32_t sa_expire(void) static int32_t sa_create(void) { // Local variables - uint8_t count = 6; - uint16_t spi = 0x0000; - int x; + uint8_t count = 6; + uint16_t spi = 0x0000; + int x; // Read sdls_frame.pdu.data spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; @@ -1325,17 +1325,17 @@ static int32_t sa_create(void) // 2 : User Flag (uf) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) - sa[spi].lpid = - (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; + sa[spi].lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | + sdls_frame.pdu.hdr.pid; // Write SA Configuration - sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; - sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; - sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); - sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; - sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); + sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; + sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; + sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); + sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; + sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); - sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); + sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); for (x = 0; x < sa[spi].ecs_len; x++) { sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]); @@ -1351,7 +1351,7 @@ static int32_t sa_create(void) sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1])); - count = count + 2; + count = count + 2; for (x = 0; x < sa[spi].abm_len; x++) { sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); @@ -1410,8 +1410,8 @@ static int32_t sa_delete(void) // 2 : User Flag (uf) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) - sa[spi].lpid = - (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; + sa[spi].lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | + sdls_frame.pdu.hdr.pid; if (sa[spi].sa_state == SA_UNKEYED) { // Change to 'None' state @@ -1443,7 +1443,7 @@ static int32_t sa_setARSN(void) { // Local variables uint16_t spi = 0x0000; - int x; + int x; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; @@ -1538,20 +1538,20 @@ static int32_t sa_setARSNW(void) * @param ingest: uint8_t* * @return int32: count **/ -static int32_t sa_status(uint8_t* ingest) +static int32_t sa_status(uint8_t *ingest) { // TODO: Count is not being returned yet int32_t status = CRYPTO_LIB_SUCCESS; - if(ingest == NULL) + if (ingest == NULL) { status = CRYPTO_LIB_ERROR; } - + if (status == CRYPTO_LIB_SUCCESS) { // Local variables - int count = 0; - uint16_t spi = 0x0000; + int count = 0; + uint16_t spi = 0x0000; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; @@ -1563,8 +1563,8 @@ static int32_t sa_status(uint8_t* ingest) printf("SIZE: %ld\n", SDLS_SA_STATUS_RPLY_SIZE); // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_SA_STATUS_RPLY_SIZE * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; + count = Crypto_Prep_Reply(sdls_ep_reply, 128); // PDU sdls_ep_reply[count++] = (spi & 0xFF00) >> 8; sdls_ep_reply[count++] = (spi & 0x00FF); diff --git a/src/sa/internal_stub/sa_interface_inmemory.stub.c b/src/sa/internal_stub/sa_interface_inmemory.stub.c index f13cf67d..2e130210 100644 --- a/src/sa/internal_stub/sa_interface_inmemory.stub.c +++ b/src/sa/internal_stub/sa_interface_inmemory.stub.c @@ -18,6 +18,7 @@ static SaInterfaceStruct sa_routine; SaInterface get_sa_interface_inmemory(void) { - fprintf(stderr,"ERROR: Loading internal stub source code. Rebuild CryptoLib with -DSA_MARIADB=OFF to use proper internal implementation.\n"); + fprintf(stderr, "ERROR: Loading internal stub source code. Rebuild CryptoLib with -DSA_MARIADB=OFF to use proper " + "internal implementation.\n"); return &sa_routine; } diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index a91cd712..06273cfe 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -28,15 +28,15 @@ static int32_t sa_config(void); static int32_t sa_init(void); static int32_t sa_close(void); // Security Association Interaction Functions -static int32_t sa_get_from_spi(uint16_t, SecurityAssociation_t**); -static int32_t sa_get_operational_sa_from_gvcid(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t**); -static int32_t sa_save_sa(SecurityAssociation_t* sa); +static int32_t sa_get_from_spi(uint16_t, SecurityAssociation_t **); +static int32_t sa_get_operational_sa_from_gvcid(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t **); +static int32_t sa_save_sa(SecurityAssociation_t *sa); // Security Association Utility Functions static int32_t sa_stop(void); -static int32_t sa_start(TC_t* tc_frame); +static int32_t sa_start(TC_t *tc_frame); static int32_t sa_expire(void); static int32_t sa_rekey(void); -static int32_t sa_status(uint8_t* ); +static int32_t sa_status(uint8_t *); static int32_t sa_create(void); static int32_t sa_setARSN(void); static int32_t sa_setARSNW(void); @@ -44,54 +44,54 @@ static int32_t sa_delete(void); // MySQL local functions static int32_t finish_with_error(MYSQL **con_loc, int err); // MySQL Queries -static const char* SQL_SADB_GET_SA_BY_SPI = - "SELECT " - "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" - ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" - " FROM security_associations WHERE spi='%d'"; -static const char* SQL_SADB_GET_SA_BY_GVCID = - "SELECT " - "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" - ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" - " FROM security_associations WHERE tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d' AND sa_state='%d'"; -static const char* SQL_SADB_UPDATE_IV_ARC_BY_SPI = - "UPDATE security_associations" - " SET iv=X'%s', arsn=X'%s'" - " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; -static const char* SQL_SADB_UPDATE_IV_ARC_BY_SPI_NULL_IV = - "UPDATE security_associations" - " SET arsn=X'%s'" - " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; +static const char *SQL_SADB_GET_SA_BY_SPI = + "SELECT " + "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" + ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" + " FROM security_associations WHERE spi='%d'"; +static const char *SQL_SADB_GET_SA_BY_GVCID = + "SELECT " + "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" + ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" + " FROM security_associations WHERE tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d' AND sa_state='%d'"; +static const char *SQL_SADB_UPDATE_IV_ARC_BY_SPI = + "UPDATE security_associations" + " SET iv=X'%s', arsn=X'%s'" + " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; +static const char *SQL_SADB_UPDATE_IV_ARC_BY_SPI_NULL_IV = + "UPDATE security_associations" + " SET arsn=X'%s'" + " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; // sa_if mariaDB private helper functions -static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** security_association); -static int32_t convert_hexstring_to_byte_array(char* hexstr, uint8_t* byte_array); -static void convert_byte_array_to_hexstring(void* src_buffer, size_t buffer_length, char* dest_str); +static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **security_association); +static int32_t convert_hexstring_to_byte_array(char *hexstr, uint8_t *byte_array); +static void convert_byte_array_to_hexstring(void *src_buffer, size_t buffer_length, char *dest_str); /* ** Global Variables */ // Security static SaInterfaceStruct sa_if_struct; -static MYSQL *con; +static MYSQL *con; SaInterface get_sa_interface_mariadb(void) { - sa_if_struct.sa_config = sa_config; - sa_if_struct.sa_init = sa_init; - sa_if_struct.sa_close = sa_close; - sa_if_struct.sa_get_from_spi = sa_get_from_spi; + sa_if_struct.sa_config = sa_config; + sa_if_struct.sa_init = sa_init; + sa_if_struct.sa_close = sa_close; + sa_if_struct.sa_get_from_spi = sa_get_from_spi; sa_if_struct.sa_get_operational_sa_from_gvcid = sa_get_operational_sa_from_gvcid; - sa_if_struct.sa_stop = sa_stop; - sa_if_struct.sa_save_sa = sa_save_sa; - sa_if_struct.sa_start = sa_start; - sa_if_struct.sa_expire = sa_expire; - sa_if_struct.sa_rekey = sa_rekey; - sa_if_struct.sa_status = sa_status; - sa_if_struct.sa_create = sa_create; - sa_if_struct.sa_setARSN = sa_setARSN; - sa_if_struct.sa_setARSNW = sa_setARSNW; - sa_if_struct.sa_delete = sa_delete; + sa_if_struct.sa_stop = sa_stop; + sa_if_struct.sa_save_sa = sa_save_sa; + sa_if_struct.sa_start = sa_start; + sa_if_struct.sa_expire = sa_expire; + sa_if_struct.sa_rekey = sa_rekey; + sa_if_struct.sa_status = sa_status; + sa_if_struct.sa_create = sa_create; + sa_if_struct.sa_setARSN = sa_setARSN; + sa_if_struct.sa_setARSNW = sa_setARSNW; + sa_if_struct.sa_delete = sa_delete; return &sa_if_struct; } @@ -108,23 +108,23 @@ static int32_t sa_init(void) con = mysql_init(con); if (con != NULL) { - //mysql_options is removed in MariaDB C connector v3, using mysql_optionsv - // Lots of small configuration differences between MySQL connector & MariaDB Connector - // Only MariaDB Connector is implemented here: - // https://wikidev.in/wiki/C/mysql_mysql_h/mysql_options | https://mariadb.com/kb/en/mysql_optionsv/ - if(sa_mariadb_config->mysql_mtls_key != NULL) + // mysql_options is removed in MariaDB C connector v3, using mysql_optionsv + // Lots of small configuration differences between MySQL connector & MariaDB Connector + // Only MariaDB Connector is implemented here: + // https://wikidev.in/wiki/C/mysql_mysql_h/mysql_options | https://mariadb.com/kb/en/mysql_optionsv/ + if (sa_mariadb_config->mysql_mtls_key != NULL) { mysql_optionsv(con, MYSQL_OPT_SSL_KEY, sa_mariadb_config->mysql_mtls_key); } - if(sa_mariadb_config->mysql_mtls_cert != NULL) + if (sa_mariadb_config->mysql_mtls_cert != NULL) { mysql_optionsv(con, MYSQL_OPT_SSL_CERT, sa_mariadb_config->mysql_mtls_cert); } - if(sa_mariadb_config->mysql_mtls_ca != NULL) + if (sa_mariadb_config->mysql_mtls_ca != NULL) { mysql_optionsv(con, MYSQL_OPT_SSL_CA, sa_mariadb_config->mysql_mtls_ca); } - if(sa_mariadb_config->mysql_mtls_capath != NULL) + if (sa_mariadb_config->mysql_mtls_capath != NULL) { mysql_optionsv(con, MYSQL_OPT_SSL_CAPATH, sa_mariadb_config->mysql_mtls_capath); } @@ -138,21 +138,22 @@ static int32_t sa_init(void) } if (sa_mariadb_config->mysql_require_secure_transport == CRYPTO_TRUE) { - mysql_optionsv(con, MYSQL_OPT_SSL_ENFORCE,&(sa_mariadb_config->mysql_require_secure_transport)); + mysql_optionsv(con, MYSQL_OPT_SSL_ENFORCE, &(sa_mariadb_config->mysql_require_secure_transport)); } - //if encrypted connection (TLS) connection. No need for SSL Key - if (mysql_real_connect(con, sa_mariadb_config->mysql_hostname, - sa_mariadb_config->mysql_username, - sa_mariadb_config->mysql_password, - sa_mariadb_config->mysql_database, - sa_mariadb_config->mysql_port, NULL, 0) == NULL) + // if encrypted connection (TLS) connection. No need for SSL Key + if (mysql_real_connect(con, sa_mariadb_config->mysql_hostname, sa_mariadb_config->mysql_username, + sa_mariadb_config->mysql_password, sa_mariadb_config->mysql_database, + sa_mariadb_config->mysql_port, NULL, 0) == NULL) { - //0,NULL,0 are port number, unix socket, client flag + // 0,NULL,0 are port number, unix socket, client flag finish_with_error(&con, SADB_MARIADB_CONNECTION_FAILED); status = CRYPTO_LIB_ERROR; - } else { + } + else + { status = CRYPTO_LIB_SUCCESS; - if (status == CRYPTO_LIB_SUCCESS) { + if (status == CRYPTO_LIB_SUCCESS) + { #ifdef DEBUG printf("sa_init created mysql connection successfully. \n"); #endif @@ -161,27 +162,27 @@ static int32_t sa_init(void) } else { - //error - fprintf(stderr, "Error: sa_init() MySQL API function mysql_init() returned a connection object that is NULL\n"); + // error + fprintf(stderr, + "Error: sa_init() MySQL API function mysql_init() returned a connection object that is NULL\n"); } - } return status; -}//end int32_t sa_init() +} // end int32_t sa_init() static int32_t sa_close(void) { - if(con) + if (con) { mysql_close(con); con = NULL; } - + return CRYPTO_LIB_SUCCESS; } // Security Association Interaction Functions -static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t** security_association) +static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t **security_association) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -193,7 +194,7 @@ static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t** security_as return status; } static int32_t sa_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid, - SecurityAssociation_t** security_association) + SecurityAssociation_t **security_association) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -204,7 +205,7 @@ static int32_t sa_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uin return status; } -static int32_t sa_save_sa(SecurityAssociation_t* sa) +static int32_t sa_save_sa(SecurityAssociation_t *sa) { int32_t status = CRYPTO_LIB_SUCCESS; if (sa == NULL) @@ -212,33 +213,31 @@ static int32_t sa_save_sa(SecurityAssociation_t* sa) return SADB_NULL_SA_USED; } - char update_sa_query[2048]; - char* iv_h = malloc(sa->iv_len * 2 + 1); - - if(sa->iv != NULL){ + char update_sa_query[2048]; + char *iv_h = malloc(sa->iv_len * 2 + 1); + + if (sa->iv != NULL) + { convert_byte_array_to_hexstring(sa->iv, sa->iv_len, iv_h); } - - char* arsn_h = malloc(sa->arsn_len * 2 + 1); + + char *arsn_h = malloc(sa->arsn_len * 2 + 1); convert_byte_array_to_hexstring(sa->arsn, sa->arsn_len, arsn_h); - if(sa->iv != NULL){ - snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, - iv_h, - arsn_h, sa->spi, sa->gvcid_blk.tfvn, - sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); - + if (sa->iv != NULL) + { + snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, iv_h, arsn_h, sa->spi, + sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); + free(iv_h); } else { - snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI_NULL_IV, - arsn_h, - sa->spi, sa->gvcid_blk.tfvn, - sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); + snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI_NULL_IV, arsn_h, sa->spi, + sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); free(iv_h); } - + free(arsn_h); #ifdef SA_DEBUG fprintf(stderr, "MySQL Insert SA Query: %s \n", update_sa_query); @@ -265,7 +264,7 @@ static int32_t sa_stop(void) { return CRYPTO_LIB_SUCCESS; } -static int32_t sa_start(TC_t* tc_frame) +static int32_t sa_start(TC_t *tc_frame) { tc_frame = tc_frame; return CRYPTO_LIB_SUCCESS; @@ -278,7 +277,7 @@ static int32_t sa_rekey(void) { return CRYPTO_LIB_SUCCESS; } -static int32_t sa_status(uint8_t* ingest) +static int32_t sa_status(uint8_t *ingest) { ingest = ingest; return CRYPTO_LIB_SUCCESS; @@ -301,10 +300,10 @@ static int32_t sa_delete(void) } // sa_if private helper functions -static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** security_association) +static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **security_association) { - int32_t status = CRYPTO_LIB_SUCCESS; - SecurityAssociation_t* sa = calloc(1,sizeof(SecurityAssociation_t)); + int32_t status = CRYPTO_LIB_SUCCESS; + SecurityAssociation_t *sa = calloc(1, sizeof(SecurityAssociation_t)); #ifdef SA_DEBUG fprintf(stderr, "MySQL Query: %s \n", query); @@ -325,7 +324,7 @@ static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** se } int num_rows = mysql_num_rows(result); - if(num_rows == 0) // No rows returned in query!! + if (num_rows == 0) // No rows returned in query!! { status = finish_with_error(&con, SADB_QUERY_EMPTY_RESULTS); return status; @@ -333,18 +332,18 @@ static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** se int num_fields = mysql_num_fields(result); - MYSQL_ROW row; + MYSQL_ROW row; MYSQL_FIELD *field; - char* field_names[num_fields]; //[64]; 64 == max length of column name in MySQL + char *field_names[num_fields]; //[64]; 64 == max length of column name in MySQL // TODO -- Need to store mysql query hex string and then malloc sa->iv according to size. // TODO -- IV && arsn && abm as uint8_t* instead of uint8[]!!! - char* iv_byte_str = NULL; - char* arc_byte_str = NULL; - char* abm_byte_str = NULL; - char* ecs_byte_str = NULL; - char* acs_byte_str = NULL; + char *iv_byte_str = NULL; + char *arc_byte_str = NULL; + char *abm_byte_str = NULL; + char *ecs_byte_str = NULL; + char *acs_byte_str = NULL; while ((row = mysql_fetch_row(result))) { for (int i = 0; i < num_fields; i++) @@ -371,24 +370,26 @@ static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** se } if (strcmp(field_names[i], "ekid") == 0) { - if(crypto_config.cryptography_type==CRYPTOGRAPHY_TYPE_LIBGCRYPT) + if (crypto_config.cryptography_type == CRYPTOGRAPHY_TYPE_LIBGCRYPT) { sa->ekid = atoi(row[i]); - } else // Cryptography Type KMC Crypto Service with PKCS12 String Key References + } + else // Cryptography Type KMC Crypto Service with PKCS12 String Key References { sa->ekid = 0; - memcpy(sa->ek_ref, row[i], strlen(row[i])+1); + memcpy(sa->ek_ref, row[i], strlen(row[i]) + 1); } continue; } if (strcmp(field_names[i], "akid") == 0) { - if(crypto_config.cryptography_type==CRYPTOGRAPHY_TYPE_LIBGCRYPT) + if (crypto_config.cryptography_type == CRYPTOGRAPHY_TYPE_LIBGCRYPT) { sa->akid = atoi(row[i]); - } else // Cryptography Type KMC Crypto Service with PKCS12 String Key References + } + else // Cryptography Type KMC Crypto Service with PKCS12 String Key References { - memcpy(sa->ak_ref, row[i], strlen(row[i])+1); + memcpy(sa->ak_ref, row[i], strlen(row[i]) + 1); } continue; } @@ -515,16 +516,22 @@ static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** se // printf("\n"); } - if(iv_byte_str != NULL){ - if(sa->iv_len > 0) convert_hexstring_to_byte_array(iv_byte_str, sa->iv); + if (iv_byte_str != NULL) + { + if (sa->iv_len > 0) + convert_hexstring_to_byte_array(iv_byte_str, sa->iv); } - - if(sa->arsn_len > 0) convert_hexstring_to_byte_array(arc_byte_str, sa->arsn); - if(sa->abm_len > 0) convert_hexstring_to_byte_array(abm_byte_str, sa->abm); - if(sa->ecs_len > 0) convert_hexstring_to_byte_array(ecs_byte_str, &sa->ecs); - if(sa->acs_len > 0) convert_hexstring_to_byte_array(acs_byte_str, &sa->acs); - //arsnw_len is not necessary for mariadb interface, putty dummy/default value for prints. + if (sa->arsn_len > 0) + convert_hexstring_to_byte_array(arc_byte_str, sa->arsn); + if (sa->abm_len > 0) + convert_hexstring_to_byte_array(abm_byte_str, sa->abm); + if (sa->ecs_len > 0) + convert_hexstring_to_byte_array(ecs_byte_str, &sa->ecs); + if (sa->acs_len > 0) + convert_hexstring_to_byte_array(acs_byte_str, &sa->acs); + + // arsnw_len is not necessary for mariadb interface, putty dummy/default value for prints. sa->arsnw_len = 1; #ifdef DEBUG @@ -537,13 +544,13 @@ static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** se return status; } -static int32_t convert_hexstring_to_byte_array(char* source_str, uint8_t* dest_buffer) +static int32_t convert_hexstring_to_byte_array(char *source_str, uint8_t *dest_buffer) { // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 - char* line = source_str; - char* data = line; - int offset; + char *line = source_str; + char *data = line; + int offset; unsigned int read_byte; - uint32_t data_len = 0; + uint32_t data_len = 0; while (sscanf(data, " %02x%n", &read_byte, &offset) == 1) { @@ -553,16 +560,16 @@ static int32_t convert_hexstring_to_byte_array(char* source_str, uint8_t* dest_b return data_len; } -static void convert_byte_array_to_hexstring(void* src_buffer, size_t buffer_length, char* dest_str) +static void convert_byte_array_to_hexstring(void *src_buffer, size_t buffer_length, char *dest_str) { - unsigned char* bytes = src_buffer; + unsigned char *bytes = src_buffer; if (src_buffer != NULL) { for (size_t i = 0; i < buffer_length; i++) { - uint8_t nib1 = (bytes[i] >> 4) & 0x0F; - uint8_t nib2 = (bytes[i]) & 0x0F; + uint8_t nib1 = (bytes[i] >> 4) & 0x0F; + uint8_t nib2 = (bytes[i]) & 0x0F; dest_str[i * 2 + 0] = nib1 < 0xA ? '0' + nib1 : 'A' + nib1 - 0xA; dest_str[i * 2 + 1] = nib2 < 0xA ? '0' + nib2 : 'A' + nib2 - 0xA; } @@ -572,7 +579,8 @@ static void convert_byte_array_to_hexstring(void* src_buffer, size_t buffer_leng static int32_t finish_with_error(MYSQL **con_loc, int err) { - fprintf(stderr, "%s\n", mysql_error(*con_loc)); // todo - if query fails, need to push failure message to error stack + fprintf(stderr, "%s\n", + mysql_error(*con_loc)); // todo - if query fails, need to push failure message to error stack mysql_close(*con_loc); *con_loc = NULL; return err; diff --git a/src/sa/mariadb_stub/sa_interface_mariadb.stub.c b/src/sa/mariadb_stub/sa_interface_mariadb.stub.c index 38d998d7..b347f7b3 100644 --- a/src/sa/mariadb_stub/sa_interface_mariadb.stub.c +++ b/src/sa/mariadb_stub/sa_interface_mariadb.stub.c @@ -18,6 +18,7 @@ static SaInterfaceStruct sa_routine; SaInterface get_sa_interface_mariadb(void) { - fprintf(stderr,"ERROR: Loading mariadb stub source code. Rebuild CryptoLib with -DSA_MARIADB=ON to use proper MariaDB implementation.\n"); + fprintf(stderr, "ERROR: Loading mariadb stub source code. Rebuild CryptoLib with -DSA_MARIADB=ON to use proper " + "MariaDB implementation.\n"); return &sa_routine; } \ No newline at end of file diff --git a/support/standalone/standalone.c b/support/standalone/standalone.c index 32019ee2..d3092d5b 100644 --- a/support/standalone/standalone.c +++ b/support/standalone/standalone.c @@ -27,11 +27,10 @@ ** Global Variables */ static volatile uint8_t keepRunning = CRYPTO_LIB_SUCCESS; -static volatile uint8_t tc_seq_num = 0; -static volatile uint8_t tc_vcid = CRYPTO_STANDALONE_FRAMING_VCID; -static volatile uint8_t tc_debug = 0; -static volatile uint8_t tm_debug = 0; - +static volatile uint8_t tc_seq_num = 0; +static volatile uint8_t tc_vcid = CRYPTO_STANDALONE_FRAMING_VCID; +static volatile uint8_t tc_debug = 0; +static volatile uint8_t tm_debug = 0; /* ** Functions @@ -47,9 +46,9 @@ int32_t crypto_standalone_check_number_arguments(int actual, int expected) return status; } -void crypto_standalone_to_lower(char* str) +void crypto_standalone_to_lower(char *str) { - char* ptr = str; + char *ptr = str; while (*ptr) { *ptr = tolower((unsigned char)*ptr); @@ -72,10 +71,10 @@ void crypto_standalone_print_help(void) "\n"); } -int32_t crypto_standalone_get_command(const char* str) +int32_t crypto_standalone_get_command(const char *str) { int32_t status = CRYPTO_CMD_UNKNOWN; - char lcmd[CRYPTO_MAX_INPUT_TOKEN_SIZE]; + char lcmd[CRYPTO_MAX_INPUT_TOKEN_SIZE]; strncpy(lcmd, str, CRYPTO_MAX_INPUT_TOKEN_SIZE); crypto_standalone_to_lower(lcmd); @@ -111,138 +110,139 @@ int32_t crypto_standalone_get_command(const char* str) return status; } -int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char* tokens) +int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char *tokens) { int32_t status = CRYPTO_LIB_SUCCESS; /* Process command */ switch (cc) { - case CRYPTO_CMD_HELP: - crypto_standalone_print_help(); - break; + case CRYPTO_CMD_HELP: + crypto_standalone_print_help(); + break; - case CRYPTO_CMD_EXIT: - keepRunning = CRYPTO_LIB_ERROR; - break; + case CRYPTO_CMD_EXIT: + keepRunning = CRYPTO_LIB_ERROR; + break; - case CRYPTO_CMD_NOOP: - if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) - { - printf("NOOP command success\n"); - } - break; + case CRYPTO_CMD_NOOP: + if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) + { + printf("NOOP command success\n"); + } + break; - case CRYPTO_CMD_RESET: - if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) - { - status = crypto_reset(); - printf("Reset command received\n"); - } - break; + case CRYPTO_CMD_RESET: + if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) + { + status = crypto_reset(); + printf("Reset command received\n"); + } + break; - case CRYPTO_CMD_VCID: - if (crypto_standalone_check_number_arguments(num_tokens, 1) == CRYPTO_LIB_SUCCESS) - { - uint8_t vcid = (uint8_t) atoi(&tokens[0]); - /* Confirm new VCID valid */ - if (vcid < 64) + case CRYPTO_CMD_VCID: + if (crypto_standalone_check_number_arguments(num_tokens, 1) == CRYPTO_LIB_SUCCESS) { - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* test_association = NULL; - sa_if->sa_get_from_spi(vcid, &test_association); - - /* Handle special case for VCID */ - if(vcid == 1) + uint8_t vcid = (uint8_t)atoi(&tokens[0]); + /* Confirm new VCID valid */ + if (vcid < 64) { - printf("Special case for VCID 1! \n"); - vcid = 0; - } + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *test_association = NULL; + sa_if->sa_get_from_spi(vcid, &test_association); - if ((test_association->sa_state == SA_OPERATIONAL) && - (test_association->gvcid_blk.mapid == TYPE_TC) && - (test_association->gvcid_blk.scid == SCID)) - { - tc_vcid = vcid; - printf("Changed active virtual channel (VCID) to %d \n", tc_vcid); + /* Handle special case for VCID */ + if (vcid == 1) + { + printf("Special case for VCID 1! \n"); + vcid = 0; + } + + if ((test_association->sa_state == SA_OPERATIONAL) && + (test_association->gvcid_blk.mapid == TYPE_TC) && (test_association->gvcid_blk.scid == SCID)) + { + tc_vcid = vcid; + printf("Changed active virtual channel (VCID) to %d \n", tc_vcid); + } + else + { + printf("Error - virtual channel (VCID) %d is invalid! Sticking with prior vcid %d \n", vcid, + tc_vcid); + } } else { - printf("Error - virtual channel (VCID) %d is invalid! Sticking with prior vcid %d \n", vcid, tc_vcid); + printf("Error - virtual channl (VCID) %d must be less than 64! Sticking with prior vcid %d \n", + vcid, tc_vcid); } } - else - { - printf("Error - virtual channl (VCID) %d must be less than 64! Sticking with prior vcid %d \n", vcid, tc_vcid); - } - } - break; + break; - case CRYPTO_CMD_TC_DEBUG: - if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) - { - if (tc_debug == 0) + case CRYPTO_CMD_TC_DEBUG: + if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) { - tc_debug = 1; - printf("Enabled TC debug prints! \n"); - } - else - { - tc_debug = 0; - printf("Disabled TC debug prints! \n"); + if (tc_debug == 0) + { + tc_debug = 1; + printf("Enabled TC debug prints! \n"); + } + else + { + tc_debug = 0; + printf("Disabled TC debug prints! \n"); + } } - } - break; + break; - case CRYPTO_CMD_TM_DEBUG: - if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) - { - if (tm_debug == 0) + case CRYPTO_CMD_TM_DEBUG: + if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) { - tm_debug = 1; - printf("Enabled TM debug prints! \n"); - } - else - { - tm_debug = 0; - printf("Disabled TM debug prints! \n"); + if (tm_debug == 0) + { + tm_debug = 1; + printf("Enabled TM debug prints! \n"); + } + else + { + tm_debug = 0; + printf("Disabled TM debug prints! \n"); + } } - } - break; + break; - default: - printf("Invalid command format, type 'help' for more info\n"); - status = CRYPTO_LIB_ERROR; - break; + default: + printf("Invalid command format, type 'help' for more info\n"); + status = CRYPTO_LIB_ERROR; + break; } return status; } -int32_t crypto_host_to_ip(const char * hostname, char* ip) +int32_t crypto_host_to_ip(const char *hostname, char *ip) { - struct hostent *he; + struct hostent *he; struct in_addr **addr_list; - - if ( (he = gethostbyname( hostname ) ) == NULL ) + + if ((he = gethostbyname(hostname)) == NULL) { return 1; } - addr_list = (struct in_addr **) he->h_addr_list; + addr_list = (struct in_addr **)he->h_addr_list; - for(int i=0; addr_list[i] != NULL; i++) + for (int i = 0; addr_list[i] != NULL; i++) { - strcpy(ip, inet_ntoa(*addr_list[i]) ); + strcpy(ip, inet_ntoa(*addr_list[i])); return 0; } return 1; } -int32_t crypto_standalone_udp_init(udp_info_t* sock, int32_t port, uint8_t bind_sock) +int32_t crypto_standalone_udp_init(udp_info_t *sock, int32_t port, uint8_t bind_sock) { - int status = CRYPTO_LIB_SUCCESS; - int optval; + int status = CRYPTO_LIB_SUCCESS; + int optval; socklen_t optlen; sock->port = port; @@ -256,15 +256,15 @@ int32_t crypto_standalone_udp_init(udp_info_t* sock, int32_t port, uint8_t bind_ /* Determine IP */ sock->saddr.sin_family = AF_INET; - if(inet_addr(sock->ip_address) != INADDR_NONE) + if (inet_addr(sock->ip_address) != INADDR_NONE) { sock->saddr.sin_addr.s_addr = inet_addr(sock->ip_address); } else { char ip[16]; - int check = crypto_host_to_ip(sock->ip_address, ip); - if(check == 0) + int check = crypto_host_to_ip(sock->ip_address, ip); + if (check == 0) { sock->saddr.sin_addr.s_addr = inet_addr(ip); } @@ -274,7 +274,7 @@ int32_t crypto_standalone_udp_init(udp_info_t* sock, int32_t port, uint8_t bind_ /* Bind */ if (bind_sock > 0) { - status = bind(sock->sockfd, (struct sockaddr*)&sock->saddr, sizeof(sock->saddr)); + status = bind(sock->sockfd, (struct sockaddr *)&sock->saddr, sizeof(sock->saddr)); if (status != 0) { printf(" udp_init: Socker bind error with port %d \n", sock->port); @@ -309,7 +309,7 @@ int32_t crypto_reset(void) return status; } -void crypto_standalone_tc_frame(uint8_t* in_data, uint16_t in_length, uint8_t* out_data, uint16_t* out_length) +void crypto_standalone_tc_frame(uint8_t *in_data, uint16_t in_length, uint8_t *out_data, uint16_t *out_length) { /* TC Length */ *out_length = (uint16_t)CRYPTO_STANDALONE_FRAMING_TC_DATA_LEN + 6; @@ -332,16 +332,16 @@ void crypto_standalone_tc_frame(uint8_t* in_data, uint16_t in_length, uint8_t* o /* SDLS Trailer */ } -void *crypto_standalone_tc_apply(void* socks) +void *crypto_standalone_tc_apply(void *socks) { - int32_t status = CRYPTO_LIB_SUCCESS; - udp_interface_t* tc_socks = (udp_interface_t*)socks; - udp_info_t* tc_read_sock = &tc_socks->read; - udp_info_t* tc_write_sock = &tc_socks->write; + int32_t status = CRYPTO_LIB_SUCCESS; + udp_interface_t *tc_socks = (udp_interface_t *)socks; + udp_info_t *tc_read_sock = &tc_socks->read; + udp_info_t *tc_write_sock = &tc_socks->write; - uint8_t tc_apply_in[TC_MAX_FRAME_SIZE]; + uint8_t tc_apply_in[TC_MAX_FRAME_SIZE]; uint16_t tc_in_len = 0; - uint8_t* tc_out_ptr; + uint8_t *tc_out_ptr; uint16_t tc_out_len = 0; #ifdef CRYPTO_STANDALONE_HANDLE_FRAMING @@ -356,7 +356,8 @@ void *crypto_standalone_tc_apply(void* socks) while (keepRunning == CRYPTO_LIB_SUCCESS) { /* Receive */ - status = recvfrom(tc_read_sock->sockfd, tc_apply_in, sizeof(tc_apply_in), 0, (struct sockaddr*)&tc_read_sock->ip_address, (socklen_t*)&sockaddr_size); + status = recvfrom(tc_read_sock->sockfd, tc_apply_in, sizeof(tc_apply_in), 0, + (struct sockaddr *)&tc_read_sock->ip_address, (socklen_t *)&sockaddr_size); if (status != -1) { tc_in_len = status; @@ -374,7 +375,7 @@ void *crypto_standalone_tc_apply(void* socks) #ifdef CRYPTO_STANDALONE_HANDLE_FRAMING crypto_standalone_tc_frame(tc_apply_in, tc_in_len, tc_framed, &tc_out_len); memcpy(tc_apply_in, tc_framed, tc_out_len); - tc_in_len = tc_out_len; + tc_in_len = tc_out_len; tc_out_len = 0; if (tc_debug == 1) { @@ -402,7 +403,8 @@ void *crypto_standalone_tc_apply(void* socks) } /* Reply */ - status = sendto(tc_write_sock->sockfd, tc_out_ptr, tc_out_len, 0, (struct sockaddr*)&tc_write_sock->saddr, sizeof(tc_write_sock->saddr)); + status = sendto(tc_write_sock->sockfd, tc_out_ptr, tc_out_len, 0, + (struct sockaddr *)&tc_write_sock->saddr, sizeof(tc_write_sock->saddr)); if ((status == -1) || (status != tc_out_len)) { printf("crypto_standalone_tc_apply - Reply error %d \n", status); @@ -415,14 +417,15 @@ void *crypto_standalone_tc_apply(void* socks) /* Reset */ memset(tc_apply_in, 0x00, sizeof(tc_apply_in)); - tc_in_len = 0; + tc_in_len = 0; tc_out_len = 0; - if (!tc_out_ptr) free(tc_out_ptr); + if (!tc_out_ptr) + free(tc_out_ptr); if (tc_debug == 1) { - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG +#ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG printf("\n"); - #endif +#endif } } @@ -434,10 +437,11 @@ void *crypto_standalone_tc_apply(void* socks) return tc_read_sock; } -void crypto_standalone_tm_frame(uint8_t* in_data, uint16_t in_length, uint8_t* out_data, uint16_t* out_length, uint16_t spi) +void crypto_standalone_tm_frame(uint8_t *in_data, uint16_t in_length, uint8_t *out_data, uint16_t *out_length, + uint16_t spi) { - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *sa_ptr = NULL; sa_if->sa_get_from_spi(spi, &sa_ptr); if (!sa_ptr) @@ -446,7 +450,7 @@ void crypto_standalone_tm_frame(uint8_t* in_data, uint16_t in_length, uint8_t* o } // Calculate security headers and trailers - uint8_t header_length = 6 + 2 + sa_ptr->shivf_len + sa_ptr->shplf_len + sa_ptr->shsnf_len + 40; // TODO: Why +40? + uint8_t header_length = 6 + 2 + sa_ptr->shivf_len + sa_ptr->shplf_len + sa_ptr->shsnf_len + 40; // TODO: Why +40? uint8_t trailer_length = sa_ptr->stmacf_len; if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { @@ -460,7 +464,7 @@ void crypto_standalone_tm_frame(uint8_t* in_data, uint16_t in_length, uint8_t* o memcpy(out_data, &in_data[header_length], in_length - header_length - trailer_length); } -void crypto_standalone_tm_debug_recv(int32_t status, int tm_process_len, uint8_t* tm_process_in) +void crypto_standalone_tm_debug_recv(int32_t status, int tm_process_len, uint8_t *tm_process_in) { if (tm_debug == 1) { @@ -473,7 +477,7 @@ void crypto_standalone_tm_debug_recv(int32_t status, int tm_process_len, uint8_t } } -void crypto_standalone_tm_debug_process(uint8_t* tm_process_in) +void crypto_standalone_tm_debug_process(uint8_t *tm_process_in) { if (tm_debug == 1) { @@ -487,19 +491,20 @@ void crypto_standalone_tm_debug_process(uint8_t* tm_process_in) } } -void crypto_standalone_spp_telem_or_idle(int32_t* status_p, uint8_t* tm_ptr, uint16_t* spp_len_p, udp_interface_t* tm_socks, int* tm_process_len_p) +void crypto_standalone_spp_telem_or_idle(int32_t *status_p, uint8_t *tm_ptr, uint16_t *spp_len_p, + udp_interface_t *tm_socks, int *tm_process_len_p) { - int32_t status = *status_p; - uint16_t spp_len = *spp_len_p; - int tm_process_len = *tm_process_len_p; + int32_t status = *status_p; + uint16_t spp_len = *spp_len_p; + int tm_process_len = *tm_process_len_p; - udp_info_t* tm_write_sock = &tm_socks->write; + udp_info_t *tm_write_sock = &tm_socks->write; if ((tm_ptr[0] == 0x08) || ((tm_ptr[0] == 0x03) && tm_ptr[1] == 0xff)) { spp_len = (((0xFFFF & tm_ptr[4]) << 8) | tm_ptr[5]) + 7; #ifdef CRYPTO_STANDALONE_TM_PROCESS_DEBUG - printf("crypto_standalone_tm_process - SPP[%d]: 0x", spp_len); + printf("crypto_standalone_tm_process - SPP[%d]: 0x", spp_len); for (int i = 0; i < spp_len; i++) { printf("%02x", tm_ptr[i]); @@ -507,9 +512,10 @@ void crypto_standalone_spp_telem_or_idle(int32_t* status_p, uint8_t* tm_ptr, uin printf("\n"); #endif // Send all SPP telemetry packets - if (tm_ptr[0] == 0x08) + if (tm_ptr[0] == 0x08) { - status = sendto(tm_write_sock->sockfd, tm_ptr, spp_len, 0, (struct sockaddr*)&tm_write_sock->saddr, sizeof(tm_write_sock->saddr)); + status = sendto(tm_write_sock->sockfd, tm_ptr, spp_len, 0, (struct sockaddr *)&tm_write_sock->saddr, + sizeof(tm_write_sock->saddr)); } // Only send idle packets if configured to do so else @@ -518,7 +524,8 @@ void crypto_standalone_spp_telem_or_idle(int32_t* status_p, uint8_t* tm_ptr, uin // Don't forward idle packets status = spp_len; #else - status = sendto(tm_write_sock->sockfd, tm_ptr, spp_len, 0, (struct sockaddr*)&tm_write_sock->saddr, sizeof(tm_write_sock->saddr)); + status = sendto(tm_write_sock->sockfd, tm_ptr, spp_len, 0, (struct sockaddr *)&tm_write_sock->saddr, + sizeof(tm_write_sock->saddr)); #endif } @@ -527,13 +534,11 @@ void crypto_standalone_spp_telem_or_idle(int32_t* status_p, uint8_t* tm_ptr, uin { printf("crypto_standalone_tm_process - Reply error %d \n", status); } - tm_ptr = &tm_ptr[spp_len]; + tm_ptr = &tm_ptr[spp_len]; tm_process_len = tm_process_len - spp_len; } - else if ((tm_ptr[0] == 0xFF && tm_ptr[1] == 0x48) || - (tm_ptr[0] == 0x00 && tm_ptr[1] == 0x00) || - (tm_ptr[0] == 0x02 && tm_ptr[1] == 0x00) || - (tm_ptr[0] == 0xFF && tm_ptr[1] == 0xFF)) + else if ((tm_ptr[0] == 0xFF && tm_ptr[1] == 0x48) || (tm_ptr[0] == 0x00 && tm_ptr[1] == 0x00) || + (tm_ptr[0] == 0x02 && tm_ptr[1] == 0x00) || (tm_ptr[0] == 0xFF && tm_ptr[1] == 0xFF)) { // TODO: Why 0x0200? // Idle Frame @@ -542,7 +547,8 @@ void crypto_standalone_spp_telem_or_idle(int32_t* status_p, uint8_t* tm_ptr, uin // Don't forward idle frame status = spp_len; #else - status = sendto(tm_write_sock->sockfd, tm_ptr, spp_len, 0, (struct sockaddr*)&tm_write_sock->saddr, sizeof(tm_write_sock->saddr)); + status = sendto(tm_write_sock->sockfd, tm_ptr, spp_len, 0, (struct sockaddr *)&tm_write_sock->saddr, + sizeof(tm_write_sock->saddr)); if ((status == -1) || (status != spp_len)) { printf("crypto_standalone_tm_process - Reply error %d \n", status); @@ -553,29 +559,30 @@ void crypto_standalone_spp_telem_or_idle(int32_t* status_p, uint8_t* tm_ptr, uin } else { - printf("crypto_standalone_tm_process - SPP loop error, expected idle packet or frame! tm_ptr = 0x%02x%02x \n", tm_ptr[0], tm_ptr[1]); + printf("crypto_standalone_tm_process - SPP loop error, expected idle packet or frame! tm_ptr = 0x%02x%02x \n", + tm_ptr[0], tm_ptr[1]); tm_process_len = 0; } - *status_p = status; - *spp_len_p = spp_len; + *status_p = status; + *spp_len_p = spp_len; *tm_process_len_p = tm_process_len; } -void* crypto_standalone_tm_process(void* socks) +void *crypto_standalone_tm_process(void *socks) { - int32_t status = CRYPTO_LIB_SUCCESS; - udp_interface_t* tm_socks = (udp_interface_t*)socks; - udp_info_t* tm_read_sock = &tm_socks->read; - udp_info_t* tm_write_sock = &tm_socks->write; - - uint8_t tm_process_in[TM_CADU_SIZE]; // Accounts for ASM automatically based on #def - int tm_process_len = 0; - uint16_t spp_len = 0; - uint8_t* tm_ptr; + int32_t status = CRYPTO_LIB_SUCCESS; + udp_interface_t *tm_socks = (udp_interface_t *)socks; + udp_info_t *tm_read_sock = &tm_socks->read; + udp_info_t *tm_write_sock = &tm_socks->write; + + uint8_t tm_process_in[TM_CADU_SIZE]; // Accounts for ASM automatically based on #def + int tm_process_len = 0; + uint16_t spp_len = 0; + uint8_t *tm_ptr; uint16_t tm_out_len = 0; #ifdef CRYPTO_STANDALONE_HANDLE_FRAMING - uint8_t tm_framed[TM_CADU_SIZE]; + uint8_t tm_framed[TM_CADU_SIZE]; uint16_t tm_framed_len = 0; #endif @@ -584,7 +591,8 @@ void* crypto_standalone_tm_process(void* socks) while (keepRunning == CRYPTO_LIB_SUCCESS) { /* Receive */ - status = recvfrom(tm_read_sock->sockfd, tm_process_in, sizeof(tm_process_in), 0, (struct sockaddr*)&tm_read_sock->ip_address, (socklen_t*)&sockaddr_size); + status = recvfrom(tm_read_sock->sockfd, tm_process_in, sizeof(tm_process_in), 0, + (struct sockaddr *)&tm_read_sock->ip_address, (socklen_t *)&sockaddr_size); if (status != -1) { tm_process_len = status; @@ -595,7 +603,8 @@ void* crypto_standalone_tm_process(void* socks) // Process Security skipping prepended ASM crypto_standalone_tm_debug_process(tm_process_in); // Account for ASM length - status = Crypto_TM_ProcessSecurity(tm_process_in + 4, (const uint16_t)tm_process_len - 4, &tm_ptr, &tm_out_len); + status = + Crypto_TM_ProcessSecurity(tm_process_in + 4, (const uint16_t)tm_process_len - 4, &tm_ptr, &tm_out_len); #else if (tm_debug == 1) { @@ -634,12 +643,13 @@ void* crypto_standalone_tm_process(void* socks) #endif memcpy(tm_process_in, tm_framed, tm_framed_len); tm_process_len = tm_framed_len; - tm_framed_len = 0; - + tm_framed_len = 0; + if (tm_debug == 1) // Note: Need logic to allow broken packet assembly { - printf("crypto_standalone_tm_process: 2 - beginning after first header pointer - deframed[%d]: 0x", tm_process_len); + printf("crypto_standalone_tm_process: 2 - beginning after first header pointer - deframed[%d]: 0x", + tm_process_len); for (int i = 0; i < tm_process_len; i++) { printf("%02x", tm_framed[i]); @@ -690,15 +700,15 @@ void crypto_standalone_cleanup(const int signal) return; } -int main(int argc, char* argv[]) +int main(int argc, char *argv[]) { int32_t status = CRYPTO_LIB_SUCCESS; - char input_buf[CRYPTO_MAX_INPUT_BUF]; - char input_tokens[CRYPTO_MAX_INPUT_TOKENS][CRYPTO_MAX_INPUT_TOKEN_SIZE]; - int num_input_tokens; - int cmd; - char* token_ptr; + char input_buf[CRYPTO_MAX_INPUT_BUF]; + char input_tokens[CRYPTO_MAX_INPUT_TOKENS][CRYPTO_MAX_INPUT_TOKEN_SIZE]; + int num_input_tokens; + int cmd; + char *token_ptr; udp_interface_t tc_apply; udp_interface_t tm_process; @@ -706,14 +716,14 @@ int main(int argc, char* argv[]) pthread_t tc_apply_thread; pthread_t tm_process_thread; - tc_apply.read.ip_address = CRYPTOLIB_HOSTNAME; - tc_apply.read.port = TC_APPLY_PORT; - tc_apply.write.ip_address = SC_HOSTNAME; - tc_apply.write.port = TC_APPLY_FWD_PORT; - tm_process.read.ip_address = CRYPTOLIB_HOSTNAME; - tm_process.read.port = TM_PROCESS_PORT; + tc_apply.read.ip_address = CRYPTOLIB_HOSTNAME; + tc_apply.read.port = TC_APPLY_PORT; + tc_apply.write.ip_address = SC_HOSTNAME; + tc_apply.write.port = TC_APPLY_FWD_PORT; + tm_process.read.ip_address = CRYPTOLIB_HOSTNAME; + tm_process.read.port = TM_PROCESS_PORT; tm_process.write.ip_address = GSW_HOSTNAME; - tm_process.write.port = TM_PROCESS_FWD_PORT; + tm_process.write.port = TM_PROCESS_FWD_PORT; printf("Starting CryptoLib in standalone mode! \n"); if (argc != 1) @@ -727,8 +737,8 @@ int main(int argc, char* argv[]) /* Startup delay */ sleep(10); - //printf("Press enter once ground software has finished initializing...\n"); - //fgets(input_buf, CRYPTO_MAX_INPUT_BUF, stdin); + // printf("Press enter once ground software has finished initializing...\n"); + // fgets(input_buf, CRYPTO_MAX_INPUT_BUF, stdin); /* Initialize CryptoLib */ status = crypto_reset(); @@ -757,7 +767,7 @@ int main(int argc, char* argv[]) } } } - + if (keepRunning == CRYPTO_LIB_SUCCESS) { status = crypto_standalone_udp_init(&tm_process.read, TM_PROCESS_PORT, 1); @@ -809,7 +819,7 @@ int main(int argc, char* argv[]) while (keepRunning == CRYPTO_LIB_SUCCESS) { num_input_tokens = -1; - cmd = CRYPTO_CMD_UNKNOWN; + cmd = CRYPTO_CMD_UNKNOWN; /* Read user input */ printf(CRYPTO_PROMPT); diff --git a/support/standalone/standalone.h b/support/standalone/standalone.h index 2da7bc90..af5a7c68 100644 --- a/support/standalone/standalone.h +++ b/support/standalone/standalone.h @@ -24,7 +24,6 @@ extern "C" { #endif - /* ** Includes */ @@ -32,7 +31,7 @@ extern "C" #include #include #include -#include //hostent +#include //hostent #include #include #include @@ -43,24 +42,23 @@ extern "C" #include "crypto.h" #include "crypto_config.h" - /* ** Configuration */ -#define CRYPTOLIB_HOSTNAME "cryptolib" -#define GSW_HOSTNAME "cosmos" -#define SC_HOSTNAME "radio_sim" -#define TC_APPLY_PORT 6010 -#define TC_APPLY_FWD_PORT 8010 -#define TM_PROCESS_PORT 8011 +#define CRYPTOLIB_HOSTNAME "cryptolib" +#define GSW_HOSTNAME "cosmos" +#define SC_HOSTNAME "radio_sim" +#define TC_APPLY_PORT 6010 +#define TC_APPLY_FWD_PORT 8010 +#define TM_PROCESS_PORT 8011 #define TM_PROCESS_FWD_PORT 6011 -//#define CRYPTO_STANDALONE_TC_APPLY_DEBUG -//#define CRYPTO_STANDALONE_TM_PROCESS_DEBUG + //#define CRYPTO_STANDALONE_TC_APPLY_DEBUG + //#define CRYPTO_STANDALONE_TM_PROCESS_DEBUG #define CRYPTO_STANDALONE_HANDLE_FRAMING -#define CRYPTO_STANDALONE_FRAMING_SCID 3 -#define CRYPTO_STANDALONE_FRAMING_VCID 0x00 +#define CRYPTO_STANDALONE_FRAMING_SCID 3 +#define CRYPTO_STANDALONE_FRAMING_VCID 0x00 #define CRYPTO_STANDALONE_FRAMING_TC_DATA_LEN 512 /* @@ -69,16 +67,15 @@ extern "C" #define CRYPTO_STANDALONE_DISCARD_IDLE_PACKETS #define CRYPTO_STANDALONE_DISCARD_IDLE_FRAMES - /* ** Defines */ -#define CRYPTO_PROMPT "cryptolib> " -#define CRYPTO_MAX_INPUT_BUF 512 -#define CRYPTO_MAX_INPUT_TOKENS 32 +#define CRYPTO_PROMPT "cryptolib> " +#define CRYPTO_MAX_INPUT_BUF 512 +#define CRYPTO_MAX_INPUT_TOKENS 32 #define CRYPTO_MAX_INPUT_TOKEN_SIZE 64 -#define CRYPTO_CMD_UNKNOWN -1 +#define CRYPTO_CMD_UNKNOWN -1 #define CRYPTO_CMD_HELP 0 #define CRYPTO_CMD_EXIT 1 #define CRYPTO_CMD_NOOP 2 @@ -87,45 +84,43 @@ extern "C" #define CRYPTO_CMD_TC_DEBUG 5 #define CRYPTO_CMD_TM_DEBUG 6 - -/* -** Structures -*/ -typedef struct -{ - int sockfd; - char* ip_address; - int port; - struct sockaddr_in saddr; -} udp_info_t; - -typedef struct -{ - udp_info_t read; - udp_info_t write; -} udp_interface_t; - - -/* -** Prototypes -*/ -int32_t crypto_standalone_check_number_arguments(int actual, int expected); -void crypto_standalone_to_lower(char* str); -void crypto_standalone_print_help(void); -int32_t crypto_standalone_get_command(const char* str); -int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char* tokens); -int32_t crypto_host_to_ip(const char * hostname, char* ip); -int32_t crypto_standalone_udp_init(udp_info_t* sock, int32_t port, uint8_t bind_sock); -int32_t crypto_reset(void); -void crypto_standalone_tc_frame(uint8_t* in_data, uint16_t in_length, uint8_t* out_data, uint16_t* out_length); -void* crypto_standalone_tc_apply(void* socks); -void crypto_standalone_tm_frame(uint8_t* in_data, uint16_t in_length, uint8_t* out_data, uint16_t* out_length, uint16_t spi); -void* crypto_standalone_tm_process(void* socks); -void crypto_standalone_cleanup(const int signal); - + /* + ** Structures + */ + typedef struct + { + int sockfd; + char *ip_address; + int port; + struct sockaddr_in saddr; + } udp_info_t; + + typedef struct + { + udp_info_t read; + udp_info_t write; + } udp_interface_t; + + /* + ** Prototypes + */ + int32_t crypto_standalone_check_number_arguments(int actual, int expected); + void crypto_standalone_to_lower(char *str); + void crypto_standalone_print_help(void); + int32_t crypto_standalone_get_command(const char *str); + int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char *tokens); + int32_t crypto_host_to_ip(const char *hostname, char *ip); + int32_t crypto_standalone_udp_init(udp_info_t *sock, int32_t port, uint8_t bind_sock); + int32_t crypto_reset(void); + void crypto_standalone_tc_frame(uint8_t *in_data, uint16_t in_length, uint8_t *out_data, uint16_t *out_length); + void *crypto_standalone_tc_apply(void *socks); + void crypto_standalone_tm_frame(uint8_t *in_data, uint16_t in_length, uint8_t *out_data, uint16_t *out_length, + uint16_t spi); + void *crypto_standalone_tm_process(void *socks); + void crypto_standalone_cleanup(const int signal); #ifdef __cplusplus } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_STANDALONE_H +#endif // CRYPTOLIB_STANDALONE_H diff --git a/test/core/apply_security.c b/test/core/apply_security.c index a2c3dd51..1186dd7d 100644 --- a/test/core/apply_security.c +++ b/test/core/apply_security.c @@ -23,18 +23,18 @@ #include "apply_security.h" -int main(int argc, char* argv[]) +int main(int argc, char *argv[]) { - char* buffer = NULL; - const char* filename; - long buffer_size; - char st[64]; - char* security_type = st; + char *buffer = NULL; + const char *filename; + long buffer_size; + char st[64]; + char *security_type = st; if (argc == 3) { security_type = argv[1]; - filename = argv[2]; + filename = argv[2]; } else { @@ -48,7 +48,7 @@ int main(int argc, char* argv[]) return CRYPTO_LIB_ERROR; } buffer = c_read_file(filename, &buffer_size); - if(buffer == NULL) + if (buffer == NULL) return -1; debug_printf("File buffer size:%lu\n", buffer_size); @@ -60,21 +60,21 @@ int main(int argc, char* argv[]) // Setup & Initialize CryptoLib // Crypto_Init(); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Call ApplySecurity on buffer contents depending on type. if (strcmp(security_type, "tc") == 0) { - Crypto_TC_ApplySecurity((uint8_t* )buffer, (const uint16_t)buffer_size_i, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)buffer, (const uint16_t)buffer_size_i, &ptr_enc_frame, &enc_frame_len); } else if (strcmp(security_type, "tm") == 0) { - //Crypto_TM_ApplySecurity(); + // Crypto_TM_ApplySecurity(); } else if (strcmp(security_type, "aos") == 0) { - Crypto_AOS_ApplySecurity((uint8_t* )buffer, (int *)&buffer_size_i); + Crypto_AOS_ApplySecurity((uint8_t *)buffer, (int *)&buffer_size_i); } #ifdef TC_DEBUG diff --git a/test/core/crypto_sequence.c b/test/core/crypto_sequence.c index e8ffc5ba..c64bdfa5 100644 --- a/test/core/crypto_sequence.c +++ b/test/core/crypto_sequence.c @@ -22,12 +22,12 @@ #include "crypto_sequence.h" -int main(int argc, char* argv[]) +int main(int argc, char *argv[]) { - char* buffer; - const char* filename; - long buffer_size; - char* security_type; + char *buffer; + const char *filename; + long buffer_size; + char *security_type; if (argc < 3 || argc % 2 == 0) { @@ -48,10 +48,10 @@ int main(int argc, char* argv[]) // Setup & Initialize CryptoLib Crypto_Init(); - int arg_index = 0; - uint8_t* ptr_enc_frame = NULL; + int arg_index = 0; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len; - uint8_t* ptr_dec_frame = NULL; + uint8_t *ptr_dec_frame = NULL; uint16_t dec_frame_len; while (arg_index != argc - 1) @@ -70,7 +70,7 @@ int main(int argc, char* argv[]) // Call Apply/ProcessSecurity on buffer contents depending on type. if (strcmp(security_type, "tc_a") == 0) { - Crypto_TC_ApplySecurity((const uint8_t* )buffer, (const uint16_t)buffer_size_i, &ptr_enc_frame, + Crypto_TC_ApplySecurity((const uint8_t *)buffer, (const uint16_t)buffer_size_i, &ptr_enc_frame, &enc_frame_len); } else if (strcmp(security_type, "tm_a") == 0) @@ -80,22 +80,22 @@ int main(int argc, char* argv[]) else if (strcmp(security_type, "aos_a") == 0) { printf("!!1\n"); - Crypto_AOS_ApplySecurity((uint8_t* )buffer, (int *)&buffer_size_i); + Crypto_AOS_ApplySecurity((uint8_t *)buffer, (int *)&buffer_size_i); printf("!!2\n"); } else if (strcmp(security_type, "tc_p") == 0) { - TC_t* tc_sdls_processed_frame = malloc(sizeof(TC_t)); - Crypto_TC_ProcessSecurity((uint8_t* )buffer, (int *)&buffer_size_i, tc_sdls_processed_frame); + TC_t *tc_sdls_processed_frame = malloc(sizeof(TC_t)); + Crypto_TC_ProcessSecurity((uint8_t *)buffer, (int *)&buffer_size_i, tc_sdls_processed_frame); free(tc_sdls_processed_frame); } else if (strcmp(security_type, "tm_p") == 0) { - Crypto_TM_ProcessSecurity((uint8_t* )buffer, buffer_size_i, &ptr_dec_frame, &dec_frame_len); + Crypto_TM_ProcessSecurity((uint8_t *)buffer, buffer_size_i, &ptr_dec_frame, &dec_frame_len); } else if (strcmp(security_type, "aos_p") == 0) { - Crypto_AOS_ProcessSecurity((uint8_t* )buffer, (int *)&buffer_size_i); + Crypto_AOS_ProcessSecurity((uint8_t *)buffer, (int *)&buffer_size_i); } free(buffer); } diff --git a/test/core/process_security.c b/test/core/process_security.c index efcc4917..f4a26c2d 100644 --- a/test/core/process_security.c +++ b/test/core/process_security.c @@ -23,17 +23,17 @@ #include "process_security.h" -int main(int argc, char* argv[]) +int main(int argc, char *argv[]) { - char* buffer; - const char* filename; - long buffer_size; - char* security_type; + char *buffer; + const char *filename; + long buffer_size; + char *security_type; if (argc == 3) { security_type = argv[1]; - filename = argv[2]; + filename = argv[2]; } else { @@ -56,23 +56,23 @@ int main(int argc, char* argv[]) // Setup & Initialize CryptoLib Crypto_Init(); - uint8_t* ptr_dec_frame = NULL; + uint8_t *ptr_dec_frame = NULL; uint16_t dec_frame_len; // Call ProcessSecurity on buffer contents depending on type. if (strcmp(security_type, "tc") == 0) { - TC_t* tc_sdls_processed_frame = malloc(sizeof(TC_t)); - Crypto_TC_ProcessSecurity((uint8_t* )buffer, &buffer_size_i, tc_sdls_processed_frame); + TC_t *tc_sdls_processed_frame = malloc(sizeof(TC_t)); + Crypto_TC_ProcessSecurity((uint8_t *)buffer, &buffer_size_i, tc_sdls_processed_frame); free(tc_sdls_processed_frame); } else if (strcmp(security_type, "tm") == 0) { - Crypto_TM_ProcessSecurity((uint8_t* )buffer, buffer_size_i, &ptr_dec_frame, &dec_frame_len); + Crypto_TM_ProcessSecurity((uint8_t *)buffer, buffer_size_i, &ptr_dec_frame, &dec_frame_len); } else if (strcmp(security_type, "aos") == 0) { - Crypto_AOS_ProcessSecurity((uint8_t* )buffer, &buffer_size_i); + Crypto_AOS_ProcessSecurity((uint8_t *)buffer, &buffer_size_i); } free(buffer); diff --git a/test/core/shared_util.c b/test/core/shared_util.c index e5377fcc..0f5111b4 100644 --- a/test/core/shared_util.c +++ b/test/core/shared_util.c @@ -32,7 +32,7 @@ char *c_read_file(const char *f_name, long *f_size) { char *buffer = 0; - long length; + long length; FILE *f = fopen(f_name, "rb"); if (f) { @@ -69,9 +69,9 @@ int convert_hexstring_to_byte_array(char *source_str, char *dest_buffer) { char *line = source_str; char *data = line; - int offset; - int read_byte; - int data_len = 0; + int offset; + int read_byte; + int data_len = 0; while (sscanf(data, " %02x%n", &read_byte, &offset) == 1) { @@ -93,7 +93,7 @@ int convert_hexstring_to_byte_array(char *source_str, char *dest_buffer) void hex_conversion(char *buffer_h, char **buffer_b, int *buffer_b_length) { // Convert input plaintext - *buffer_b = (char *)malloc((strlen(buffer_h) / 2) * sizeof(char)); + *buffer_b = (char *)malloc((strlen(buffer_h) / 2) * sizeof(char)); *buffer_b_length = convert_hexstring_to_byte_array(buffer_h, *buffer_b); } @@ -130,9 +130,9 @@ void debug_hexprintf(const char *bin_data, int size_bin_data) // https://stackoverflow.com/questions/6357031/how-do-you-convert-a-byte-array-to-a-hexadecimal-string-in-c // https://stackoverflow.com/questions/5040920/converting-from-signed-char-to-unsigned-char-and-back-again char *u_bin_data = (char *)bin_data; - char output[(size_bin_data * 2) + 1]; + char output[(size_bin_data * 2) + 1]; char *ptr = &output[0]; - int i; + int i; for (i = 0; i < size_bin_data; i++) { ptr += sprintf(ptr, "%02X", u_bin_data[i]); @@ -143,7 +143,7 @@ void debug_hexprintf(const char *bin_data, int size_bin_data) void debug_hexprintf(const char *bin_data, int size_bin_data) { // TODO - is this function / argument necessary? - bin_data = bin_data; + bin_data = bin_data; size_bin_data = size_bin_data; // Do nothing, DEBUG preprocessor disabled. } diff --git a/test/format.py b/test/format.py new file mode 100644 index 00000000..778a822d --- /dev/null +++ b/test/format.py @@ -0,0 +1,64 @@ +""" +RUN THIS FILE FROM THE REPO ROOT DIRECTORY! +""" + + +import os +import subprocess +import pathspec + +def load_gitignore_patterns(gitignore_path): + """ + Loads patterns from a .gitignore file. + + :param gitignore_path: Path to the .gitignore file. + :return: A pathspec.PathSpec object containing the patterns from .gitignore. + """ + with open(gitignore_path, 'r') as file: + patterns = file.readlines() + return pathspec.PathSpec.from_lines('gitwildmatch', patterns) + +def should_ignore(file_path, gitignore_spec): + """ + Checks if a file should be ignored based on .gitignore patterns. + + :param file_path: The path to the file. + :param gitignore_spec: The PathSpec object with .gitignore patterns. + :return: True if the file should be ignored, False otherwise. + """ + return gitignore_spec.match_file(file_path) + +def format_files(directory): + """ + Recursively formats all .c and .h files in the given directory using clang-format, + ignoring any files listed in the .gitignore. + + :param directory: The root directory to start searching for files. + """ + # Load .gitignore patterns if the .gitignore file exists + gitignore_path = os.path.join(directory, '.gitignore') + gitignore_spec = load_gitignore_patterns(gitignore_path) if os.path.exists(gitignore_path) else None + + for root, _, files in os.walk(directory): + for file in files: + if file.endswith(('.c', '.h')): + file_path = os.path.relpath(os.path.join(root, file), directory) + + # Check if the file is ignored by .gitignore + if gitignore_spec and should_ignore(file_path, gitignore_spec): + print(f"Ignored: {file_path}") + continue + + try: + # Run clang-format on the file + subprocess.run(["clang-format", "-i", "--style=file", os.path.join(directory, file_path)], check=True) + print(f"Formatted: {file_path}") + except subprocess.CalledProcessError as e: + print(f"Failed to format {file_path}: {e}") + +if __name__ == "__main__": + # Get the current working directory + current_directory = os.getcwd() + + # Run the formatting process + format_files(current_directory) diff --git a/test/include/apply_security.h b/test/include/apply_security.h index 141f9b63..e2740d4a 100644 --- a/test/include/apply_security.h +++ b/test/include/apply_security.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_APPLY_SECURITY_H +#endif // CRYPTOLIB_APPLY_SECURITY_H diff --git a/test/include/crypto_sequence.h b/test/include/crypto_sequence.h index 2a3a52bd..fadd2e66 100644 --- a/test/include/crypto_sequence.h +++ b/test/include/crypto_sequence.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_CRYPTO_SEQUENCE_H +#endif // CRYPTOLIB_CRYPTO_SEQUENCE_H diff --git a/test/include/et_dt_validation.h b/test/include/et_dt_validation.h index ebc3b2cf..9a8a44b0 100644 --- a/test/include/et_dt_validation.h +++ b/test/include/et_dt_validation.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_ET_DT_VALIDATION_H \ No newline at end of file +#endif // CRYPTOLIB_ET_DT_VALIDATION_H \ No newline at end of file diff --git a/test/include/process_security.h b/test/include/process_security.h index 6172a8b6..6b0956e5 100644 --- a/test/include/process_security.h +++ b/test/include/process_security.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_PROCESS_SECURITY_H +#endif // CRYPTOLIB_PROCESS_SECURITY_H diff --git a/test/include/shared_util.h b/test/include/shared_util.h index 91cc93f1..41220ff3 100644 --- a/test/include/shared_util.h +++ b/test/include/shared_util.h @@ -33,16 +33,16 @@ extern "C" #include "crypto_error.h" - char* c_read_file(const char* f_name, long *f_size); + char *c_read_file(const char *f_name, long *f_size); - void debug_printf(const char* format, ...); - void debug_hexprintf(const char* bin_data, int size_bin_data); + void debug_printf(const char *format, ...); + void debug_hexprintf(const char *bin_data, int size_bin_data); - void hex_conversion(char* buffer_h, char** buffer_b, int *buffer_b_length); - int convert_hexstring_to_byte_array(char* source_str, char* dest_buffer); + void hex_conversion(char *buffer_h, char **buffer_b, int *buffer_b_length); + int convert_hexstring_to_byte_array(char *source_str, char *dest_buffer); #ifdef __cplusplus } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_SHARED_UTIL_H +#endif // CRYPTOLIB_SHARED_UTIL_H diff --git a/test/include/ut_aos_apply.h b/test/include/ut_aos_apply.h index bf2e1e16..4e53dafb 100644 --- a/test/include/ut_aos_apply.h +++ b/test/include/ut_aos_apply.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_AOS_APPLY_H \ No newline at end of file +#endif // CRYPTOLIB_UT_AOS_APPLY_H \ No newline at end of file diff --git a/test/include/ut_aos_process.h b/test/include/ut_aos_process.h index 134ea9df..fae02f91 100644 --- a/test/include/ut_aos_process.h +++ b/test/include/ut_aos_process.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_AOS_PROCESS_H \ No newline at end of file +#endif // CRYPTOLIB_UT_AOS_PROCESS_H \ No newline at end of file diff --git a/test/include/ut_crypto.h b/test/include/ut_crypto.h index 65808902..fb5cfe74 100644 --- a/test/include/ut_crypto.h +++ b/test/include/ut_crypto.h @@ -33,4 +33,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_CRYPTO_H \ No newline at end of file +#endif // CRYPTOLIB_UT_CRYPTO_H \ No newline at end of file diff --git a/test/include/ut_crypto_config.h b/test/include/ut_crypto_config.h index 3a8ab36d..a94e6106 100644 --- a/test/include/ut_crypto_config.h +++ b/test/include/ut_crypto_config.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_CRYPTO_CONFIG_H \ No newline at end of file +#endif // CRYPTOLIB_UT_CRYPTO_CONFIG_H \ No newline at end of file diff --git a/test/include/ut_crypto_mc.h b/test/include/ut_crypto_mc.h index b20c699b..8714465e 100644 --- a/test/include/ut_crypto_mc.h +++ b/test/include/ut_crypto_mc.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_CRYPTO_MC_H \ No newline at end of file +#endif // CRYPTOLIB_UT_CRYPTO_MC_H \ No newline at end of file diff --git a/test/include/ut_ep_key_mgmt.h b/test/include/ut_ep_key_mgmt.h index 201b3e89..8c426258 100644 --- a/test/include/ut_ep_key_mgmt.h +++ b/test/include/ut_ep_key_mgmt.h @@ -15,4 +15,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_EP_KEY_MGMT_H \ No newline at end of file +#endif // CRYPTOLIB_UT_EP_KEY_MGMT_H \ No newline at end of file diff --git a/test/include/ut_ep_mc.h b/test/include/ut_ep_mc.h index 6c1c2448..1c6e2030 100644 --- a/test/include/ut_ep_mc.h +++ b/test/include/ut_ep_mc.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_EP_MC_H \ No newline at end of file +#endif // CRYPTOLIB_UT_EP_MC_H \ No newline at end of file diff --git a/test/include/ut_ep_sa_mgmt.h b/test/include/ut_ep_sa_mgmt.h index 4ce37519..5be62077 100644 --- a/test/include/ut_ep_sa_mgmt.h +++ b/test/include/ut_ep_sa_mgmt.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_EP_SA_MGMT_H \ No newline at end of file +#endif // CRYPTOLIB_UT_EP_SA_MGMT_H \ No newline at end of file diff --git a/test/include/ut_mariadb.h b/test/include/ut_mariadb.h index 69f573de..aaeb37a6 100644 --- a/test/include/ut_mariadb.h +++ b/test/include/ut_mariadb.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_MARIA_DB_H \ No newline at end of file +#endif // CRYPTOLIB_UT_MARIA_DB_H \ No newline at end of file diff --git a/test/include/ut_sa_save.h b/test/include/ut_sa_save.h index 65ba9683..0a527d92 100644 --- a/test/include/ut_sa_save.h +++ b/test/include/ut_sa_save.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_SA_SAVE_H \ No newline at end of file +#endif // CRYPTOLIB_UT_SA_SAVE_H \ No newline at end of file diff --git a/test/include/ut_tc_apply.h b/test/include/ut_tc_apply.h index 6ff4ab77..1c913960 100644 --- a/test/include/ut_tc_apply.h +++ b/test/include/ut_tc_apply.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_TC_APPLY_H \ No newline at end of file +#endif // CRYPTOLIB_UT_TC_APPLY_H \ No newline at end of file diff --git a/test/include/ut_tc_process.h b/test/include/ut_tc_process.h index 717b4b80..7598a7f3 100644 --- a/test/include/ut_tc_process.h +++ b/test/include/ut_tc_process.h @@ -32,5 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif - -#endif //CRYPTOLIB_UT_TC_PROCESS_H \ No newline at end of file +#endif // CRYPTOLIB_UT_TC_PROCESS_H \ No newline at end of file diff --git a/test/include/ut_tm_apply.h b/test/include/ut_tm_apply.h index 650553f3..c8e1f076 100644 --- a/test/include/ut_tm_apply.h +++ b/test/include/ut_tm_apply.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_TM_APPLY_H \ No newline at end of file +#endif // CRYPTOLIB_UT_TM_APPLY_H \ No newline at end of file diff --git a/test/include/ut_tm_process.h b/test/include/ut_tm_process.h index 4c9db198..b6db75a0 100644 --- a/test/include/ut_tm_process.h +++ b/test/include/ut_tm_process.h @@ -32,4 +32,4 @@ extern "C" } /* Close scope of 'extern "C"' declaration which encloses file. */ #endif -#endif //CRYPTOLIB_UT_TM_PROCESS_H \ No newline at end of file +#endif // CRYPTOLIB_UT_TM_PROCESS_H \ No newline at end of file diff --git a/test/include/utest.h b/test/include/utest.h index e666dd2d..e49ccec6 100644 --- a/test/include/utest.h +++ b/test/include/utest.h @@ -65,11 +65,11 @@ #endif #if defined(_MSC_VER) && (_MSC_VER < 1920) -typedef __int64 utest_int64_t; +typedef __int64 utest_int64_t; typedef unsigned __int64 utest_uint64_t; #else #include -typedef int64_t utest_int64_t; +typedef int64_t utest_int64_t; typedef uint64_t utest_uint64_t; #endif @@ -89,9 +89,7 @@ typedef uint64_t utest_uint64_t; #define UTEST_C_FUNC #endif -#if defined(_MSC_VER) \ - || defined(__MINGW64__) \ - || defined(__MINGW32__) +#if defined(_MSC_VER) || defined(__MINGW64__) || defined(__MINGW32__) #if defined(__MINGW64__) || defined(__MINGW32__) #pragma GCC diagnostic push @@ -106,25 +104,26 @@ typedef uint64_t utest_uint64_t; #pragma warning(pop) typedef LARGE_INTEGER utest_large_integer; -#else -//use old QueryPerformanceCounter definitions (not sure is this needed in some edge cases or not) -//on Win7 with VS2015 these extern declaration cause "second C linkage of overloaded function not allowed" error -typedef union { - struct { - unsigned long LowPart; - long HighPart; - } DUMMYSTRUCTNAME; - struct { - unsigned long LowPart; - long HighPart; - } u; - utest_int64_t QuadPart; +#else +// use old QueryPerformanceCounter definitions (not sure is this needed in some edge cases or not) +// on Win7 with VS2015 these extern declaration cause "second C linkage of overloaded function not allowed" error +typedef union +{ + struct + { + unsigned long LowPart; + long HighPart; + } DUMMYSTRUCTNAME; + struct + { + unsigned long LowPart; + long HighPart; + } u; + utest_int64_t QuadPart; } utest_large_integer; -UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceCounter( - utest_large_integer *); -UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency( - utest_large_integer *); +UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceCounter(utest_large_integer *); +UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency(utest_large_integer *); #if defined(__MINGW64__) || defined(__MINGW32__) #pragma GCC diagnostic pop @@ -173,9 +172,8 @@ UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency( #define UTEST_INLINE inline #if defined(__clang__) -#define UTEST_INITIALIZER_BEGIN_DISABLE_WARNINGS \ - _Pragma("clang diagnostic push") \ - _Pragma("clang diagnostic ignored \"-Wglobal-constructors\"") +#define UTEST_INITIALIZER_BEGIN_DISABLE_WARNINGS \ + _Pragma("clang diagnostic push") _Pragma("clang diagnostic ignored \"-Wglobal-constructors\"") #define UTEST_INITIALIZER_END_DISABLE_WARNINGS _Pragma("clang diagnostic pop") #else @@ -183,10 +181,14 @@ UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency( #define UTEST_INITIALIZER_END_DISABLE_WARNINGS #endif -#define UTEST_INITIALIZER(f) \ - struct f##_cpp_struct { f##_cpp_struct(); }; \ - UTEST_INITIALIZER_BEGIN_DISABLE_WARNINGS static f##_cpp_struct f##_cpp_global UTEST_INITIALIZER_END_DISABLE_WARNINGS; \ - f##_cpp_struct::f##_cpp_struct() +#define UTEST_INITIALIZER(f) \ + struct f##_cpp_struct \ + { \ + f##_cpp_struct(); \ + }; \ + UTEST_INITIALIZER_BEGIN_DISABLE_WARNINGS static f##_cpp_struct f##_cpp_global \ + UTEST_INITIALIZER_END_DISABLE_WARNINGS; \ + f##_cpp_struct::f##_cpp_struct() #elif defined(_MSC_VER) #define UTEST_INLINE __forceinline @@ -197,9 +199,8 @@ UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency( #endif #if defined(__clang__) -#define UTEST_INITIALIZER_BEGIN_DISABLE_WARNINGS \ - _Pragma("clang diagnostic push") \ - _Pragma("clang diagnostic ignored \"-Wmissing-variable-declarations\"") +#define UTEST_INITIALIZER_BEGIN_DISABLE_WARNINGS \ + _Pragma("clang diagnostic push") _Pragma("clang diagnostic ignored \"-Wmissing-variable-declarations\"") #define UTEST_INITIALIZER_END_DISABLE_WARNINGS _Pragma("clang diagnostic pop") #else @@ -208,14 +209,13 @@ UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency( #endif #pragma section(".CRT$XCU", read) -#define UTEST_INITIALIZER(f) \ - static void __cdecl f(void); \ - UTEST_INITIALIZER_BEGIN_DISABLE_WARNINGS \ - __pragma(comment(linker, "/include:" UTEST_SYMBOL_PREFIX #f "_")) \ - UTEST_C_FUNC __declspec(allocate(".CRT$XCU")) void(__cdecl * \ - f##_)(void) = f; \ - UTEST_INITIALIZER_END_DISABLE_WARNINGS \ - static void __cdecl f(void) +#define UTEST_INITIALIZER(f) \ + static void __cdecl f(void); \ + UTEST_INITIALIZER_BEGIN_DISABLE_WARNINGS \ + __pragma(comment(linker, "/include:" UTEST_SYMBOL_PREFIX #f "_")) \ + UTEST_C_FUNC __declspec(allocate(".CRT$XCU")) void(__cdecl * f##_)(void) = f; \ + UTEST_INITIALIZER_END_DISABLE_WARNINGS \ + static void __cdecl f(void) #else #if defined(__linux__) #if defined(__clang__) @@ -236,21 +236,21 @@ UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency( #define UTEST_INLINE inline -#define UTEST_INITIALIZER(f) \ - static void f(void) __attribute__((constructor)); \ - static void f(void) +#define UTEST_INITIALIZER(f) \ + static void f(void) __attribute__((constructor)); \ + static void f(void) #endif #if defined(__cplusplus) -#define UTEST_CAST(type, x) static_cast(x) +#define UTEST_CAST(type, x) static_cast(x) #define UTEST_PTR_CAST(type, x) reinterpret_cast(x) -#define UTEST_EXTERN extern "C" -#define UTEST_NULL NULL +#define UTEST_EXTERN extern "C" +#define UTEST_NULL NULL #else -#define UTEST_CAST(type, x) ((type)x) +#define UTEST_CAST(type, x) ((type)x) #define UTEST_PTR_CAST(type, x) ((type)x) -#define UTEST_EXTERN extern -#define UTEST_NULL 0 +#define UTEST_EXTERN extern +#define UTEST_NULL 0 #endif #ifdef _MSC_VER @@ -265,7 +265,7 @@ UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency( #pragma warning(pop) #define UTEST_COLOUR_OUTPUT() (_isatty(_fileno(stdout))) #else -#if defined(__EMSCRIPTEN__) +#if defined(__EMSCRIPTEN__) #include #define UTEST_COLOUR_OUTPUT() false #else @@ -274,43 +274,45 @@ UTEST_C_FUNC __declspec(dllimport) int __stdcall QueryPerformanceFrequency( #endif #endif -static UTEST_INLINE void* utest_realloc(void* const pointer, size_t new_size) { - void* const new_pointer = realloc(pointer, new_size); +static UTEST_INLINE void *utest_realloc(void *const pointer, size_t new_size) +{ + void *const new_pointer = realloc(pointer, new_size); - if (UTEST_NULL == new_pointer) { - free(new_pointer); - } + if (UTEST_NULL == new_pointer) + { + free(new_pointer); + } - return new_pointer; + return new_pointer; } -static UTEST_INLINE utest_int64_t utest_ns(void) { +static UTEST_INLINE utest_int64_t utest_ns(void) +{ #if defined(_MSC_VER) || defined(__MINGW64__) || defined(__MINGW32__) - utest_large_integer counter; - utest_large_integer frequency; - QueryPerformanceCounter(&counter); - QueryPerformanceFrequency(&frequency); - return UTEST_CAST(utest_int64_t, - (counter.QuadPart * 1000000000) / frequency.QuadPart); + utest_large_integer counter; + utest_large_integer frequency; + QueryPerformanceCounter(&counter); + QueryPerformanceFrequency(&frequency); + return UTEST_CAST(utest_int64_t, (counter.QuadPart * 1000000000) / frequency.QuadPart); #elif defined(__linux__) && defined(__STRICT_ANSI__) - return UTEST_CAST(utest_int64_t, clock()) * 1000000000 / CLOCKS_PER_SEC; + return UTEST_CAST(utest_int64_t, clock()) * 1000000000 / CLOCKS_PER_SEC; #elif defined(__linux__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) - struct timespec ts; + struct timespec ts; #if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 201112L) - timespec_get(&ts, TIME_UTC); + timespec_get(&ts, TIME_UTC); #else - const clockid_t cid = CLOCK_REALTIME; + const clockid_t cid = CLOCK_REALTIME; #if defined(UTEST_USE_CLOCKGETTIME) - clock_gettime(cid, &ts); + clock_gettime(cid, &ts); #else - syscall(SYS_clock_gettime, cid, &ts); + syscall(SYS_clock_gettime, cid, &ts); #endif #endif - return UTEST_CAST(utest_int64_t, ts.tv_sec) * 1000 * 1000 * 1000 + ts.tv_nsec; + return UTEST_CAST(utest_int64_t, ts.tv_sec) * 1000 * 1000 * 1000 + ts.tv_nsec; #elif __APPLE__ - return UTEST_CAST(utest_int64_t, mach_absolute_time()); -#elif __EMSCRIPTEN__ - return emscripten_performance_now() * 1000000.0; + return UTEST_CAST(utest_int64_t, mach_absolute_time()); +#elif __EMSCRIPTEN__ + return emscripten_performance_now() * 1000000.0; #else #error Unsupported platform! #endif @@ -318,16 +320,18 @@ static UTEST_INLINE utest_int64_t utest_ns(void) { typedef void (*utest_testcase_t)(int *, size_t); -struct utest_test_state_s { - utest_testcase_t func; - size_t index; - char* name; +struct utest_test_state_s +{ + utest_testcase_t func; + size_t index; + char *name; }; -struct utest_state_s { - struct utest_test_state_s *tests; - size_t tests_length; - FILE *output; +struct utest_state_s +{ + struct utest_test_state_s *tests; + size_t tests_length; + FILE *output; }; /* extern to the global state utest needs to execute */ @@ -350,11 +354,12 @@ UTEST_EXTERN struct utest_state_s utest_state; #pragma clang diagnostic ignored "-Wvariadic-macros" #pragma clang diagnostic ignored "-Wc++98-compat-pedantic" #endif -#define UTEST_PRINTF(...) \ - if (utest_state.output) { \ - fprintf(utest_state.output, __VA_ARGS__); \ - } \ - printf(__VA_ARGS__) +#define UTEST_PRINTF(...) \ + if (utest_state.output) \ + { \ + fprintf(utest_state.output, __VA_ARGS__); \ + } \ + printf(__VA_ARGS__) #ifdef __clang__ #pragma clang diagnostic pop #endif @@ -385,50 +390,57 @@ UTEST_EXTERN struct utest_state_s utest_state; #if defined(UTEST_OVERLOADABLE) UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(float f); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(float f) { - UTEST_PRINTF("%f", UTEST_CAST(double, f)); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(float f) +{ + UTEST_PRINTF("%f", UTEST_CAST(double, f)); } UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(double d); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(double d) { - UTEST_PRINTF("%f", d); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(double d) +{ + UTEST_PRINTF("%f", d); } UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long double d); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long double d) { - UTEST_PRINTF("%Lf", d); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long double d) +{ + UTEST_PRINTF("%Lf", d); } UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(int i); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(int i) { - UTEST_PRINTF("%d", i); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(int i) +{ + UTEST_PRINTF("%d", i); } UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(unsigned int i); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(unsigned int i) { - UTEST_PRINTF("%u", i); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(unsigned int i) +{ + UTEST_PRINTF("%u", i); } UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long int i); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long int i) { - UTEST_PRINTF("%ld", i); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long int i) +{ + UTEST_PRINTF("%ld", i); } UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long unsigned int i); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long unsigned int i) { - UTEST_PRINTF("%lu", i); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long unsigned int i) +{ + UTEST_PRINTF("%lu", i); } -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(const void* p); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(const void* p) { - UTEST_PRINTF("%p", p); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(const void *p); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(const void *p) +{ + UTEST_PRINTF("%p", p); } /* long long is a c++11 extension */ -#if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) || \ - defined(__cplusplus) && (__cplusplus >= 201103L) +#if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L) || defined(__cplusplus) && (__cplusplus >= 201103L) #ifdef __clang__ #pragma clang diagnostic push @@ -436,14 +448,15 @@ UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(const void* p) { #endif UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long long int i); -UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long long int i) { - UTEST_PRINTF("%lld", i); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long long int i) +{ + UTEST_PRINTF("%lld", i); } UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long long unsigned int i); -UTEST_WEAK UTEST_OVERLOADABLE void -utest_type_printer(long long unsigned int i) { - UTEST_PRINTF("%llu", i); +UTEST_WEAK UTEST_OVERLOADABLE void utest_type_printer(long long unsigned int i) +{ + UTEST_PRINTF("%llu", i); } #ifdef __clang__ @@ -452,25 +465,25 @@ utest_type_printer(long long unsigned int i) { #endif #elif defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 201112L) -#define utest_type_printer(val) \ - UTEST_PRINTF(_Generic((val), signed char \ - : "%d", unsigned char \ - : "%u", short \ - : "%d", unsigned short \ - : "%u", int \ - : "%d", long \ - : "%ld", long long \ - : "%lld", unsigned \ - : "%u", unsigned long \ - : "%lu", unsigned long long \ - : "%llu", float \ - : "%f", double \ - : "%f", long double \ - : "%Lf", default \ - : _Generic((val - val), ptrdiff_t \ - : "%p", default \ - : "undef")), \ - (val)) +#define utest_type_printer(val) \ + UTEST_PRINTF(_Generic((val), signed char \ + : "%d", unsigned char \ + : "%u", short \ + : "%d", unsigned short \ + : "%u", int \ + : "%d", long \ + : "%ld", long long \ + : "%lld", unsigned \ + : "%u", unsigned long \ + : "%lu", unsigned long long \ + : "%llu", float \ + : "%f", double \ + : "%f", long double \ + : "%Lf", default \ + : _Generic((val - val), ptrdiff_t \ + : "%p", default \ + : "undef")), \ + (val)) #else /* we don't have the ability to print the values we got, so we create a macro @@ -480,9 +493,8 @@ utest_type_printer(long long unsigned int i) { #endif #ifdef _MSC_VER -#define UTEST_SURPRESS_WARNING_BEGIN \ - __pragma(warning(push)) __pragma(warning(disable : 4127)) -#define UTEST_SURPRESS_WARNING_END __pragma(warning(pop)) +#define UTEST_SURPRESS_WARNING_BEGIN __pragma(warning(push)) __pragma(warning(disable : 4127)) +#define UTEST_SURPRESS_WARNING_END __pragma(warning(pop)) #else #define UTEST_SURPRESS_WARNING_BEGIN #define UTEST_SURPRESS_WARNING_END @@ -509,90 +521,96 @@ utest_type_printer(long long unsigned int i) { #endif #if defined(__clang__) -#define UTEST_STRNCMP(x, y, size) \ - _Pragma("clang diagnostic push") \ - _Pragma("clang diagnostic ignored \"-Wdisabled-macro-expansion\"") \ - strncmp(x, y, size) _Pragma("clang diagnostic pop") +#define UTEST_STRNCMP(x, y, size) \ + _Pragma("clang diagnostic push") _Pragma("clang diagnostic ignored \"-Wdisabled-macro-expansion\"") \ + strncmp(x, y, size) _Pragma("clang diagnostic pop") #else #define UTEST_STRNCMP(x, y, size) strncmp(x, y, size) #endif #if defined(__clang__) -#define UTEST_EXPECT(x, y, cond) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - _Pragma("clang diagnostic push") \ - _Pragma("clang diagnostic ignored \"-Wlanguage-extension-token\"") \ - _Pragma("clang diagnostic ignored \"-Wc++98-compat-pedantic\"") \ - _Pragma("clang diagnostic ignored \"-Wfloat-equal\"") \ - UTEST_AUTO(x) xEval = (x); \ - UTEST_AUTO(y) yEval = (y); \ - if (!((xEval)cond(yEval))) { \ - _Pragma("clang diagnostic pop") \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : "); \ - utest_type_printer(xEval); \ - UTEST_PRINTF("\n"); \ - UTEST_PRINTF(" Actual : "); \ - utest_type_printer(yEval); \ - UTEST_PRINTF("\n"); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define UTEST_EXPECT(x, y, cond) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + _Pragma("clang diagnostic push") _Pragma("clang diagnostic ignored \"-Wlanguage-extension-token\"") \ + _Pragma("clang diagnostic ignored \"-Wc++98-compat-pedantic\"") \ + _Pragma("clang diagnostic ignored \"-Wfloat-equal\"") UTEST_AUTO(x) xEval = (x); \ + UTEST_AUTO(y) yEval = (y); \ + if (!((xEval)cond(yEval))) \ + { \ + _Pragma("clang diagnostic pop") UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : "); \ + utest_type_printer(xEval); \ + UTEST_PRINTF("\n"); \ + UTEST_PRINTF(" Actual : "); \ + utest_type_printer(yEval); \ + UTEST_PRINTF("\n"); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #elif defined(__GNUC__) -#define UTEST_EXPECT(x, y, cond) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - UTEST_AUTO(x) xEval = (x); \ - UTEST_AUTO(y) yEval = (y); \ - if (!((xEval)cond(yEval))) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : "); \ - utest_type_printer(xEval); \ - UTEST_PRINTF("\n"); \ - UTEST_PRINTF(" Actual : "); \ - utest_type_printer(yEval); \ - UTEST_PRINTF("\n"); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define UTEST_EXPECT(x, y, cond) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + UTEST_AUTO(x) xEval = (x); \ + UTEST_AUTO(y) yEval = (y); \ + if (!((xEval)cond(yEval))) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : "); \ + utest_type_printer(xEval); \ + UTEST_PRINTF("\n"); \ + UTEST_PRINTF(" Actual : "); \ + utest_type_printer(yEval); \ + UTEST_PRINTF("\n"); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #else -#define UTEST_EXPECT(x, y, cond) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (!((x)cond(y))) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define UTEST_EXPECT(x, y, cond) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (!((x)cond(y))) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #endif -#define EXPECT_TRUE(x) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (!(x)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : true\n"); \ - UTEST_PRINTF(" Actual : %s\n", (x) ? "true" : "false"); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define EXPECT_FALSE(x) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (x) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : false\n"); \ - UTEST_PRINTF(" Actual : %s\n", (x) ? "true" : "false"); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define EXPECT_TRUE(x) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (!(x)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : true\n"); \ + UTEST_PRINTF(" Actual : %s\n", (x) ? "true" : "false"); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define EXPECT_FALSE(x) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (x) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : false\n"); \ + UTEST_PRINTF(" Actual : %s\n", (x) ? "true" : "false"); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #define EXPECT_EQ(x, y) UTEST_EXPECT(x, y, ==) #define EXPECT_NE(x, y) UTEST_EXPECT(x, y, !=) @@ -601,135 +619,150 @@ utest_type_printer(long long unsigned int i) { #define EXPECT_GT(x, y) UTEST_EXPECT(x, y, >) #define EXPECT_GE(x, y) UTEST_EXPECT(x, y, >=) -#define EXPECT_STREQ(x, y) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (0 != strcmp(x, y)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : \"%s\"\n", x); \ - UTEST_PRINTF(" Actual : \"%s\"\n", y); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define EXPECT_STRNE(x, y) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (0 == strcmp(x, y)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : \"%s\"\n", x); \ - UTEST_PRINTF(" Actual : \"%s\"\n", y); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define EXPECT_STRNEQ(x, y, n) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (0 != UTEST_STRNCMP(x, y, n)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : \"%.*s\"\n", UTEST_CAST(int, n), x); \ - UTEST_PRINTF(" Actual : \"%.*s\"\n", UTEST_CAST(int, n), y); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define EXPECT_STRNNE(x, y, n) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (0 == UTEST_STRNCMP(x, y, n)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : \"%.*s\"\n", UTEST_CAST(int, n), x); \ - UTEST_PRINTF(" Actual : \"%.*s\"\n", UTEST_CAST(int, n), y); \ - *utest_result = 1; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define EXPECT_STREQ(x, y) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (0 != strcmp(x, y)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : \"%s\"\n", x); \ + UTEST_PRINTF(" Actual : \"%s\"\n", y); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define EXPECT_STRNE(x, y) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (0 == strcmp(x, y)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : \"%s\"\n", x); \ + UTEST_PRINTF(" Actual : \"%s\"\n", y); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define EXPECT_STRNEQ(x, y, n) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (0 != UTEST_STRNCMP(x, y, n)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : \"%.*s\"\n", UTEST_CAST(int, n), x); \ + UTEST_PRINTF(" Actual : \"%.*s\"\n", UTEST_CAST(int, n), y); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define EXPECT_STRNNE(x, y, n) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (0 == UTEST_STRNCMP(x, y, n)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : \"%.*s\"\n", UTEST_CAST(int, n), x); \ + UTEST_PRINTF(" Actual : \"%.*s\"\n", UTEST_CAST(int, n), y); \ + *utest_result = 1; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #if defined(__clang__) -#define UTEST_ASSERT(x, y, cond) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - _Pragma("clang diagnostic push") \ - _Pragma("clang diagnostic ignored \"-Wlanguage-extension-token\"") \ - _Pragma("clang diagnostic ignored \"-Wc++98-compat-pedantic\"") \ - _Pragma("clang diagnostic ignored \"-Wfloat-equal\"") \ - UTEST_AUTO(x) xEval = (x); \ - UTEST_AUTO(y) yEval = (y); \ - if (!((xEval)cond(yEval))) { \ - _Pragma("clang diagnostic pop") \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : "); \ - utest_type_printer(xEval); \ - UTEST_PRINTF("\n"); \ - UTEST_PRINTF(" Actual : "); \ - utest_type_printer(yEval); \ - UTEST_PRINTF("\n"); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define UTEST_ASSERT(x, y, cond) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + _Pragma("clang diagnostic push") _Pragma("clang diagnostic ignored \"-Wlanguage-extension-token\"") \ + _Pragma("clang diagnostic ignored \"-Wc++98-compat-pedantic\"") \ + _Pragma("clang diagnostic ignored \"-Wfloat-equal\"") UTEST_AUTO(x) xEval = (x); \ + UTEST_AUTO(y) yEval = (y); \ + if (!((xEval)cond(yEval))) \ + { \ + _Pragma("clang diagnostic pop") UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : "); \ + utest_type_printer(xEval); \ + UTEST_PRINTF("\n"); \ + UTEST_PRINTF(" Actual : "); \ + utest_type_printer(yEval); \ + UTEST_PRINTF("\n"); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #elif defined(__GNUC__) -#define UTEST_ASSERT(x, y, cond) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - UTEST_AUTO(x) xEval = (x); \ - UTEST_AUTO(y) yEval = (y); \ - if (!((xEval)cond(yEval))) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : "); \ - utest_type_printer(xEval); \ - UTEST_PRINTF("\n"); \ - UTEST_PRINTF(" Actual : "); \ - utest_type_printer(yEval); \ - UTEST_PRINTF("\n"); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define UTEST_ASSERT(x, y, cond) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + UTEST_AUTO(x) xEval = (x); \ + UTEST_AUTO(y) yEval = (y); \ + if (!((xEval)cond(yEval))) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : "); \ + utest_type_printer(xEval); \ + UTEST_PRINTF("\n"); \ + UTEST_PRINTF(" Actual : "); \ + utest_type_printer(yEval); \ + UTEST_PRINTF("\n"); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #else -#define UTEST_ASSERT(x, y, cond) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (!((x)cond(y))) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define UTEST_ASSERT(x, y, cond) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (!((x)cond(y))) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #endif -#define ASSERT_TRUE(x) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (!(x)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : true\n"); \ - UTEST_PRINTF(" Actual : %s\n", (x) ? "true" : "false"); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define ASSERT_FALSE(x) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (x) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : false\n"); \ - UTEST_PRINTF(" Actual : %s\n", (x) ? "true" : "false"); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END +#define ASSERT_TRUE(x) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (!(x)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : true\n"); \ + UTEST_PRINTF(" Actual : %s\n", (x) ? "true" : "false"); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define ASSERT_FALSE(x) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (x) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : false\n"); \ + UTEST_PRINTF(" Actual : %s\n", (x) ? "true" : "false"); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END #define ASSERT_EQ(x, y) UTEST_ASSERT(x, y, ==) #define ASSERT_NE(x, y) UTEST_ASSERT(x, y, !=) @@ -738,398 +771,441 @@ utest_type_printer(long long unsigned int i) { #define ASSERT_GT(x, y) UTEST_ASSERT(x, y, >) #define ASSERT_GE(x, y) UTEST_ASSERT(x, y, >=) -#define ASSERT_STREQ(x, y) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (0 != strcmp(x, y)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : \"%s\"\n", x); \ - UTEST_PRINTF(" Actual : \"%s\"\n", y); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define ASSERT_STRNE(x, y) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (0 == strcmp(x, y)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : \"%s\"\n", x); \ - UTEST_PRINTF(" Actual : \"%s\"\n", y); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define ASSERT_STRNEQ(x, y, n) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (0 != UTEST_STRNCMP(x, y, n)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : \"%.*s\"\n", UTEST_CAST(int, n), x); \ - UTEST_PRINTF(" Actual : \"%.*s\"\n", UTEST_CAST(int, n), y); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define ASSERT_STRNNE(x, y, n) \ - UTEST_SURPRESS_WARNING_BEGIN do { \ - if (0 == UTEST_STRNCMP(x, y, n)) { \ - UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ - UTEST_PRINTF(" Expected : \"%.*s\"\n", UTEST_CAST(int, n), x); \ - UTEST_PRINTF(" Actual : \"%.*s\"\n", UTEST_CAST(int, n), y); \ - *utest_result = 1; \ - return; \ - } \ - } \ - while (0) \ - UTEST_SURPRESS_WARNING_END - -#define UTEST(SET, NAME) \ - UTEST_EXTERN struct utest_state_s utest_state; \ - static void utest_run_##SET##_##NAME(int *utest_result); \ - static void utest_##SET##_##NAME(int *utest_result, size_t utest_index) { \ - (void)utest_index; \ - utest_run_##SET##_##NAME(utest_result); \ - } \ - UTEST_INITIALIZER(utest_register_##SET##_##NAME) { \ - const size_t index = utest_state.tests_length++; \ - const char* name_part = #SET "." #NAME; \ - const size_t name_size = strlen(name_part) + 1; \ - char* name = UTEST_PTR_CAST(char* , malloc(name_size)); \ - utest_state.tests = UTEST_PTR_CAST( \ - struct utest_test_state_s *, \ - utest_realloc(UTEST_PTR_CAST(void* , utest_state.tests), \ - sizeof(struct utest_test_state_s) * \ - utest_state.tests_length)); \ - utest_state.tests[index].func = &utest_##SET##_##NAME; \ - utest_state.tests[index].name = name; \ - utest_state.tests[index].index = 0; \ - UTEST_SNPRINTF(name, name_size, "%s", name_part); \ - } \ - void utest_run_##SET##_##NAME(int *utest_result) - -#define UTEST_F_SETUP(FIXTURE) \ - static void utest_f_setup_##FIXTURE(int *utest_result, \ - struct FIXTURE *utest_fixture) - -#define UTEST_F_TEARDOWN(FIXTURE) \ - static void utest_f_teardown_##FIXTURE(int *utest_result, \ - struct FIXTURE *utest_fixture) - -#define UTEST_F(FIXTURE, NAME) \ - UTEST_EXTERN struct utest_state_s utest_state; \ - static void utest_f_setup_##FIXTURE(int *, struct FIXTURE *); \ - static void utest_f_teardown_##FIXTURE(int *, struct FIXTURE *); \ - static void utest_run_##FIXTURE##_##NAME(int *, struct FIXTURE *); \ - static void utest_f_##FIXTURE##_##NAME(int *utest_result, \ - size_t utest_index) { \ - struct FIXTURE fixture; \ - (void)utest_index; \ - memset(&fixture, 0, sizeof(fixture)); \ - utest_f_setup_##FIXTURE(utest_result, &fixture); \ - if (0 != *utest_result) { \ - return; \ - } \ - utest_run_##FIXTURE##_##NAME(utest_result, &fixture); \ - utest_f_teardown_##FIXTURE(utest_result, &fixture); \ - } \ - UTEST_INITIALIZER(utest_register_##FIXTURE##_##NAME) { \ - const size_t index = utest_state.tests_length++; \ - const char* name_part = #FIXTURE "." #NAME; \ - const size_t name_size = strlen(name_part) + 1; \ - char* name = UTEST_PTR_CAST(char* , malloc(name_size)); \ - utest_state.tests = UTEST_PTR_CAST( \ - struct utest_test_state_s *, \ - utest_realloc(UTEST_PTR_CAST(void* , utest_state.tests), \ - sizeof(struct utest_test_state_s) * \ - utest_state.tests_length)); \ - utest_state.tests[index].func = &utest_f_##FIXTURE##_##NAME; \ - utest_state.tests[index].name = name; \ - UTEST_SNPRINTF(name, name_size, "%s", name_part); \ - } \ - void utest_run_##FIXTURE##_##NAME(int *utest_result, \ - struct FIXTURE *utest_fixture) - -#define UTEST_I_SETUP(FIXTURE) \ - static void utest_i_setup_##FIXTURE( \ - int *utest_result, struct FIXTURE *utest_fixture, size_t utest_index) - -#define UTEST_I_TEARDOWN(FIXTURE) \ - static void utest_i_teardown_##FIXTURE( \ - int *utest_result, struct FIXTURE *utest_fixture, size_t utest_index) - -#define UTEST_I(FIXTURE, NAME, INDEX) \ - UTEST_EXTERN struct utest_state_s utest_state; \ - static void utest_run_##FIXTURE##_##NAME##_##INDEX(int *, struct FIXTURE *); \ - static void utest_i_##FIXTURE##_##NAME##_##INDEX(int *utest_result, \ - size_t index) { \ - struct FIXTURE fixture; \ - memset(&fixture, 0, sizeof(fixture)); \ - utest_i_setup_##FIXTURE(utest_result, &fixture, index); \ - if (0 != *utest_result) { \ - return; \ - } \ - utest_run_##FIXTURE##_##NAME##_##INDEX(utest_result, &fixture); \ - utest_i_teardown_##FIXTURE(utest_result, &fixture, index); \ - } \ - UTEST_INITIALIZER(utest_register_##FIXTURE##_##NAME##_##INDEX) { \ - size_t i; \ - utest_uint64_t iUp; \ - for (i = 0; i < (INDEX); i++) { \ - const size_t index = utest_state.tests_length++; \ - const char* name_part = #FIXTURE "." #NAME; \ - const size_t name_size = strlen(name_part) + 32; \ - char* name = UTEST_PTR_CAST(char* , malloc(name_size)); \ - utest_state.tests = UTEST_PTR_CAST( \ - struct utest_test_state_s *, \ - utest_realloc(UTEST_PTR_CAST(void* , utest_state.tests), \ - sizeof(struct utest_test_state_s) * \ - utest_state.tests_length)); \ - utest_state.tests[index].func = &utest_i_##FIXTURE##_##NAME##_##INDEX; \ - utest_state.tests[index].index = i; \ - utest_state.tests[index].name = name; \ - iUp = UTEST_CAST(utest_uint64_t, i); \ - UTEST_SNPRINTF(name, name_size, "%s/%" UTEST_PRIu64, name_part, iUp); \ - } \ - } \ - void utest_run_##FIXTURE##_##NAME##_##INDEX(int *utest_result, \ - struct FIXTURE *utest_fixture) +#define ASSERT_STREQ(x, y) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (0 != strcmp(x, y)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : \"%s\"\n", x); \ + UTEST_PRINTF(" Actual : \"%s\"\n", y); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define ASSERT_STRNE(x, y) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (0 == strcmp(x, y)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : \"%s\"\n", x); \ + UTEST_PRINTF(" Actual : \"%s\"\n", y); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define ASSERT_STRNEQ(x, y, n) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (0 != UTEST_STRNCMP(x, y, n)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : \"%.*s\"\n", UTEST_CAST(int, n), x); \ + UTEST_PRINTF(" Actual : \"%.*s\"\n", UTEST_CAST(int, n), y); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define ASSERT_STRNNE(x, y, n) \ + UTEST_SURPRESS_WARNING_BEGIN do \ + { \ + if (0 == UTEST_STRNCMP(x, y, n)) \ + { \ + UTEST_PRINTF("%s:%u: Failure\n", __FILE__, __LINE__); \ + UTEST_PRINTF(" Expected : \"%.*s\"\n", UTEST_CAST(int, n), x); \ + UTEST_PRINTF(" Actual : \"%.*s\"\n", UTEST_CAST(int, n), y); \ + *utest_result = 1; \ + return; \ + } \ + } \ + while (0) \ + UTEST_SURPRESS_WARNING_END + +#define UTEST(SET, NAME) \ + UTEST_EXTERN struct utest_state_s utest_state; \ + static void utest_run_##SET##_##NAME(int *utest_result); \ + static void utest_##SET##_##NAME(int *utest_result, size_t utest_index) \ + { \ + (void)utest_index; \ + utest_run_##SET##_##NAME(utest_result); \ + } \ + UTEST_INITIALIZER(utest_register_##SET##_##NAME) \ + { \ + const size_t index = utest_state.tests_length++; \ + const char *name_part = #SET "." #NAME; \ + const size_t name_size = strlen(name_part) + 1; \ + char *name = UTEST_PTR_CAST(char *, malloc(name_size)); \ + utest_state.tests = UTEST_PTR_CAST( \ + struct utest_test_state_s *, utest_realloc(UTEST_PTR_CAST(void *, utest_state.tests), \ + sizeof(struct utest_test_state_s) * utest_state.tests_length)); \ + utest_state.tests[index].func = &utest_##SET##_##NAME; \ + utest_state.tests[index].name = name; \ + utest_state.tests[index].index = 0; \ + UTEST_SNPRINTF(name, name_size, "%s", name_part); \ + } \ + void utest_run_##SET##_##NAME(int *utest_result) + +#define UTEST_F_SETUP(FIXTURE) static void utest_f_setup_##FIXTURE(int *utest_result, struct FIXTURE *utest_fixture) + +#define UTEST_F_TEARDOWN(FIXTURE) \ + static void utest_f_teardown_##FIXTURE(int *utest_result, struct FIXTURE *utest_fixture) + +#define UTEST_F(FIXTURE, NAME) \ + UTEST_EXTERN struct utest_state_s utest_state; \ + static void utest_f_setup_##FIXTURE(int *, struct FIXTURE *); \ + static void utest_f_teardown_##FIXTURE(int *, struct FIXTURE *); \ + static void utest_run_##FIXTURE##_##NAME(int *, struct FIXTURE *); \ + static void utest_f_##FIXTURE##_##NAME(int *utest_result, size_t utest_index) \ + { \ + struct FIXTURE fixture; \ + (void)utest_index; \ + memset(&fixture, 0, sizeof(fixture)); \ + utest_f_setup_##FIXTURE(utest_result, &fixture); \ + if (0 != *utest_result) \ + { \ + return; \ + } \ + utest_run_##FIXTURE##_##NAME(utest_result, &fixture); \ + utest_f_teardown_##FIXTURE(utest_result, &fixture); \ + } \ + UTEST_INITIALIZER(utest_register_##FIXTURE##_##NAME) \ + { \ + const size_t index = utest_state.tests_length++; \ + const char *name_part = #FIXTURE "." #NAME; \ + const size_t name_size = strlen(name_part) + 1; \ + char *name = UTEST_PTR_CAST(char *, malloc(name_size)); \ + utest_state.tests = UTEST_PTR_CAST( \ + struct utest_test_state_s *, utest_realloc(UTEST_PTR_CAST(void *, utest_state.tests), \ + sizeof(struct utest_test_state_s) * utest_state.tests_length)); \ + utest_state.tests[index].func = &utest_f_##FIXTURE##_##NAME; \ + utest_state.tests[index].name = name; \ + UTEST_SNPRINTF(name, name_size, "%s", name_part); \ + } \ + void utest_run_##FIXTURE##_##NAME(int *utest_result, struct FIXTURE *utest_fixture) + +#define UTEST_I_SETUP(FIXTURE) \ + static void utest_i_setup_##FIXTURE(int *utest_result, struct FIXTURE *utest_fixture, size_t utest_index) + +#define UTEST_I_TEARDOWN(FIXTURE) \ + static void utest_i_teardown_##FIXTURE(int *utest_result, struct FIXTURE *utest_fixture, size_t utest_index) + +#define UTEST_I(FIXTURE, NAME, INDEX) \ + UTEST_EXTERN struct utest_state_s utest_state; \ + static void utest_run_##FIXTURE##_##NAME##_##INDEX(int *, struct FIXTURE *); \ + static void utest_i_##FIXTURE##_##NAME##_##INDEX(int *utest_result, size_t index) \ + { \ + struct FIXTURE fixture; \ + memset(&fixture, 0, sizeof(fixture)); \ + utest_i_setup_##FIXTURE(utest_result, &fixture, index); \ + if (0 != *utest_result) \ + { \ + return; \ + } \ + utest_run_##FIXTURE##_##NAME##_##INDEX(utest_result, &fixture); \ + utest_i_teardown_##FIXTURE(utest_result, &fixture, index); \ + } \ + UTEST_INITIALIZER(utest_register_##FIXTURE##_##NAME##_##INDEX) \ + { \ + size_t i; \ + utest_uint64_t iUp; \ + for (i = 0; i < (INDEX); i++) \ + { \ + const size_t index = utest_state.tests_length++; \ + const char *name_part = #FIXTURE "." #NAME; \ + const size_t name_size = strlen(name_part) + 32; \ + char *name = UTEST_PTR_CAST(char *, malloc(name_size)); \ + utest_state.tests = \ + UTEST_PTR_CAST(struct utest_test_state_s *, \ + utest_realloc(UTEST_PTR_CAST(void *, utest_state.tests), \ + sizeof(struct utest_test_state_s) * utest_state.tests_length)); \ + utest_state.tests[index].func = &utest_i_##FIXTURE##_##NAME##_##INDEX; \ + utest_state.tests[index].index = i; \ + utest_state.tests[index].name = name; \ + iUp = UTEST_CAST(utest_uint64_t, i); \ + UTEST_SNPRINTF(name, name_size, "%s/%" UTEST_PRIu64, name_part, iUp); \ + } \ + } \ + void utest_run_##FIXTURE##_##NAME##_##INDEX(int *utest_result, struct FIXTURE *utest_fixture) UTEST_WEAK -int utest_should_filter_test(const char* filter, const char* testcase); -UTEST_WEAK int utest_should_filter_test(const char* filter, - const char* testcase) { - if (filter) { - const char* filter_cur = filter; - const char* testcase_cur = testcase; - const char* filter_wildcard = UTEST_NULL; - - while (('\0' != *filter_cur) && ('\0' != *testcase_cur)) { - if ('*' == *filter_cur) { - /* store the position of the wildcard */ - filter_wildcard = filter_cur; - - /* skip the wildcard character */ - filter_cur++; - - while (('\0' != *filter_cur) && ('\0' != *testcase_cur)) { - if ('*' == *filter_cur) { - /* - we found another wildcard (filter is something like *foo*) so we - exit the current loop, and return to the parent loop to handle - the wildcard case - */ - break; - } else if (*filter_cur != *testcase_cur) { - /* otherwise our filter didn't match, so U_RESET it */ - filter_cur = filter_wildcard; - } - - /* move testcase along */ - testcase_cur++; - - /* move filter along */ - filter_cur++; - } - - if (('\0' == *filter_cur) && ('\0' == *testcase_cur)) { - return 0; +int utest_should_filter_test(const char *filter, const char *testcase); +UTEST_WEAK int utest_should_filter_test(const char *filter, const char *testcase) +{ + if (filter) + { + const char *filter_cur = filter; + const char *testcase_cur = testcase; + const char *filter_wildcard = UTEST_NULL; + + while (('\0' != *filter_cur) && ('\0' != *testcase_cur)) + { + if ('*' == *filter_cur) + { + /* store the position of the wildcard */ + filter_wildcard = filter_cur; + + /* skip the wildcard character */ + filter_cur++; + + while (('\0' != *filter_cur) && ('\0' != *testcase_cur)) + { + if ('*' == *filter_cur) + { + /* + we found another wildcard (filter is something like *foo*) so we + exit the current loop, and return to the parent loop to handle + the wildcard case + */ + break; + } + else if (*filter_cur != *testcase_cur) + { + /* otherwise our filter didn't match, so U_RESET it */ + filter_cur = filter_wildcard; + } + + /* move testcase along */ + testcase_cur++; + + /* move filter along */ + filter_cur++; + } + + if (('\0' == *filter_cur) && ('\0' == *testcase_cur)) + { + return 0; + } + + /* if the testcase has been exhausted, we don't have a match! */ + if ('\0' == *testcase_cur) + { + return 1; + } + } + else + { + if (*testcase_cur != *filter_cur) + { + /* test case doesn't match filter */ + return 1; + } + else + { + /* move our filter and testcase forward */ + testcase_cur++; + filter_cur++; + } + } } - /* if the testcase has been exhausted, we don't have a match! */ - if ('\0' == *testcase_cur) { - return 1; + if (('\0' != *filter_cur) || (('\0' != *testcase_cur) && ((filter == filter_cur) || ('*' != filter_cur[-1])))) + { + /* we have a mismatch! */ + return 1; } - } else { - if (*testcase_cur != *filter_cur) { - /* test case doesn't match filter */ - return 1; - } else { - /* move our filter and testcase forward */ - testcase_cur++; - filter_cur++; - } - } - } - - if (('\0' != *filter_cur) || - (('\0' != *testcase_cur) && - ((filter == filter_cur) || ('*' != filter_cur[-1])))) { - /* we have a mismatch! */ - return 1; } - } - return 0; + return 0; } -static UTEST_INLINE FILE *utest_fopen(const char* filename, const char* mode) { +static UTEST_INLINE FILE *utest_fopen(const char *filename, const char *mode) +{ #ifdef _MSC_VER - FILE *file; - if (0 == fopen_s(&file, filename, mode)) { - return file; - } else { - return UTEST_NULL; - } + FILE *file; + if (0 == fopen_s(&file, filename, mode)) + { + return file; + } + else + { + return UTEST_NULL; + } #else - return fopen(filename, mode); + return fopen(filename, mode); #endif } -static UTEST_INLINE int utest_main(int argc, const char* const argv[]); -int utest_main(int argc, const char* const argv[]) { - utest_uint64_t failed = 0; - size_t index = 0; - size_t* failed_testcases = UTEST_NULL; - size_t failed_testcases_length = 0; - const char* filter = UTEST_NULL; - utest_uint64_t ran_tests = 0; - - enum colours { U_RESET, U_GREEN, U_RED }; +static UTEST_INLINE int utest_main(int argc, const char *const argv[]); +int utest_main(int argc, const char *const argv[]) +{ + utest_uint64_t failed = 0; + size_t index = 0; + size_t *failed_testcases = UTEST_NULL; + size_t failed_testcases_length = 0; + const char *filter = UTEST_NULL; + utest_uint64_t ran_tests = 0; + + enum colours + { + U_RESET, + U_GREEN, + U_RED + }; + + const int use_colours = UTEST_COLOUR_OUTPUT(); + const char *colours[] = {"\033[0m", "\033[32m", "\033[31m"}; + + if (!use_colours) + { + for (index = 0; index < sizeof colours / sizeof colours[0]; index++) + { + colours[index] = ""; + } + } + /* loop through all arguments looking for our options */ + for (index = 1; index < UTEST_CAST(size_t, argc); index++) + { + /* Informational switches */ + const char help_str[] = "--help"; + const char list_str[] = "--list-tests"; + /* Test config switches */ + const char filter_str[] = "--filter="; + const char output_str[] = "--output="; + + if (0 == UTEST_STRNCMP(argv[index], help_str, strlen(help_str))) + { + printf("utest.h - the single file unit testing solution for C/C++!\n" + "Command line Options:\n" + " --help Show this message and exit.\n" + " --filter= Filter the test cases to run (EG. MyTest*.a " + "would run MyTestCase.a but not MyTestCase.b).\n" + " --list-tests List testnames, one per line. Output names " + "can be passed to --filter.\n" + " --output= Output an xunit XML file to the file " + "specified in .\n"); + goto cleanup; + } + else if (0 == UTEST_STRNCMP(argv[index], filter_str, strlen(filter_str))) + { + /* user wants to filter what test cases run! */ + filter = argv[index] + strlen(filter_str); + } + else if (0 == UTEST_STRNCMP(argv[index], output_str, strlen(output_str))) + { + utest_state.output = utest_fopen(argv[index] + strlen(output_str), "w+"); + } + else if (0 == UTEST_STRNCMP(argv[index], list_str, strlen(list_str))) + { + for (index = 0; index < utest_state.tests_length; index++) + { + UTEST_PRINTF("%s\n", utest_state.tests[index].name); + } + /* when printing the test list, don't actually run the tests */ + return 0; + } + } - const int use_colours = UTEST_COLOUR_OUTPUT(); - const char* colours[] = {"\033[0m", "\033[32m", "\033[31m"}; + for (index = 0; index < utest_state.tests_length; index++) + { + if (utest_should_filter_test(filter, utest_state.tests[index].name)) + { + continue; + } - if (!use_colours) { - for (index = 0; index < sizeof colours / sizeof colours[0]; index++) { - colours[index] = ""; - } - } - /* loop through all arguments looking for our options */ - for (index = 1; index < UTEST_CAST(size_t, argc); index++) { - /* Informational switches */ - const char help_str[] = "--help"; - const char list_str[] = "--list-tests"; - /* Test config switches */ - const char filter_str[] = "--filter="; - const char output_str[] = "--output="; - - if (0 == UTEST_STRNCMP(argv[index], help_str, strlen(help_str))) { - printf("utest.h - the single file unit testing solution for C/C++!\n" - "Command line Options:\n" - " --help Show this message and exit.\n" - " --filter= Filter the test cases to run (EG. MyTest*.a " - "would run MyTestCase.a but not MyTestCase.b).\n" - " --list-tests List testnames, one per line. Output names " - "can be passed to --filter.\n" - " --output= Output an xunit XML file to the file " - "specified in .\n"); - goto cleanup; - } else if (0 == - UTEST_STRNCMP(argv[index], filter_str, strlen(filter_str))) { - /* user wants to filter what test cases run! */ - filter = argv[index] + strlen(filter_str); - } else if (0 == - UTEST_STRNCMP(argv[index], output_str, strlen(output_str))) { - utest_state.output = utest_fopen(argv[index] + strlen(output_str), "w+"); - } else if (0 == UTEST_STRNCMP(argv[index], list_str, strlen(list_str))) { - for (index = 0; index < utest_state.tests_length; index++) { - UTEST_PRINTF("%s\n", utest_state.tests[index].name); - } - /* when printing the test list, don't actually run the tests */ - return 0; + ran_tests++; } - } - - for (index = 0; index < utest_state.tests_length; index++) { - if (utest_should_filter_test(filter, utest_state.tests[index].name)) { - continue; + printf("%s[==========]%s Running %" UTEST_PRIu64 " test cases.\n", colours[U_GREEN], colours[U_RESET], + UTEST_CAST(utest_uint64_t, ran_tests)); + + if (utest_state.output) + { + fprintf(utest_state.output, "\n"); + fprintf(utest_state.output, "\n", + UTEST_CAST(utest_uint64_t, ran_tests)); + fprintf(utest_state.output, "\n", + UTEST_CAST(utest_uint64_t, ran_tests)); } - ran_tests++; - } - printf("%s[==========]%s Running %" UTEST_PRIu64 " test cases.\n", - colours[U_GREEN], colours[U_RESET], UTEST_CAST(utest_uint64_t, ran_tests)); - - if (utest_state.output) { - fprintf(utest_state.output, "\n"); - fprintf(utest_state.output, - "\n", - UTEST_CAST(utest_uint64_t, ran_tests)); - fprintf(utest_state.output, - "\n", - UTEST_CAST(utest_uint64_t, ran_tests)); - } - - for (index = 0; index < utest_state.tests_length; index++) { - int result = 0; - utest_int64_t ns = 0; - - if (utest_should_filter_test(filter, utest_state.tests[index].name)) { - continue; - } + for (index = 0; index < utest_state.tests_length; index++) + { + int result = 0; + utest_int64_t ns = 0; + + if (utest_should_filter_test(filter, utest_state.tests[index].name)) + { + continue; + } - printf("%s[ RUN ]%s %s\n", colours[U_GREEN], colours[U_RESET], - utest_state.tests[index].name); + printf("%s[ RUN ]%s %s\n", colours[U_GREEN], colours[U_RESET], utest_state.tests[index].name); - if (utest_state.output) { - fprintf(utest_state.output, "", - utest_state.tests[index].name); - } + if (utest_state.output) + { + fprintf(utest_state.output, "", utest_state.tests[index].name); + } - ns = utest_ns(); - errno = 0; - utest_state.tests[index].func(&result, utest_state.tests[index].index); - ns = utest_ns() - ns; + ns = utest_ns(); + errno = 0; + utest_state.tests[index].func(&result, utest_state.tests[index].index); + ns = utest_ns() - ns; - if (utest_state.output) { - fprintf(utest_state.output, "\n"); - } + if (utest_state.output) + { + fprintf(utest_state.output, "\n"); + } - if (0 != result) { - const size_t failed_testcase_index = failed_testcases_length++; - failed_testcases = UTEST_PTR_CAST( - size_t* , utest_realloc(UTEST_PTR_CAST(void* , failed_testcases), - sizeof(size_t) * failed_testcases_length)); - if (UTEST_NULL != failed_testcases) { - failed_testcases[failed_testcase_index] = index; - } - failed++; - printf("%s[ FAILED ]%s %s (%" UTEST_PRId64 "ns)\n", colours[U_RED], - colours[U_RESET], utest_state.tests[index].name, ns); - } else { - printf("%s[ OK ]%s %s (%" UTEST_PRId64 "ns)\n", colours[U_GREEN], - colours[U_RESET], utest_state.tests[index].name, ns); + if (0 != result) + { + const size_t failed_testcase_index = failed_testcases_length++; + failed_testcases = UTEST_PTR_CAST(size_t *, utest_realloc(UTEST_PTR_CAST(void *, failed_testcases), + sizeof(size_t) * failed_testcases_length)); + if (UTEST_NULL != failed_testcases) + { + failed_testcases[failed_testcase_index] = index; + } + failed++; + printf("%s[ FAILED ]%s %s (%" UTEST_PRId64 "ns)\n", colours[U_RED], colours[U_RESET], + utest_state.tests[index].name, ns); + } + else + { + printf("%s[ OK ]%s %s (%" UTEST_PRId64 "ns)\n", colours[U_GREEN], colours[U_RESET], + utest_state.tests[index].name, ns); + } } - } - - printf("%s[==========]%s %" UTEST_PRIu64 " test cases ran.\n", colours[U_GREEN], - colours[U_RESET], ran_tests); - printf("%s[ PASSED ]%s %" UTEST_PRIu64 " tests.\n", colours[U_GREEN], - colours[U_RESET], ran_tests - failed); - - if (0 != failed) { - printf("%s[ FAILED ]%s %" UTEST_PRIu64 " tests, listed below:\n", - colours[U_RED], colours[U_RESET], failed); - for (index = 0; index < failed_testcases_length; index++) { - printf("%s[ FAILED ]%s %s\n", colours[U_RED], colours[U_RESET], - utest_state.tests[failed_testcases[index]].name); + + printf("%s[==========]%s %" UTEST_PRIu64 " test cases ran.\n", colours[U_GREEN], colours[U_RESET], ran_tests); + printf("%s[ PASSED ]%s %" UTEST_PRIu64 " tests.\n", colours[U_GREEN], colours[U_RESET], ran_tests - failed); + + if (0 != failed) + { + printf("%s[ FAILED ]%s %" UTEST_PRIu64 " tests, listed below:\n", colours[U_RED], colours[U_RESET], failed); + for (index = 0; index < failed_testcases_length; index++) + { + printf("%s[ FAILED ]%s %s\n", colours[U_RED], colours[U_RESET], + utest_state.tests[failed_testcases[index]].name); + } } - } - if (utest_state.output) { - fprintf(utest_state.output, "\n\n"); - } + if (utest_state.output) + { + fprintf(utest_state.output, "\n\n"); + } cleanup: - for (index = 0; index < utest_state.tests_length; index++) { - free(UTEST_PTR_CAST(void* , utest_state.tests[index].name)); - } + for (index = 0; index < utest_state.tests_length; index++) + { + free(UTEST_PTR_CAST(void *, utest_state.tests[index].name)); + } - free(UTEST_PTR_CAST(void* , failed_testcases)); - free(UTEST_PTR_CAST(void* , utest_state.tests)); + free(UTEST_PTR_CAST(void *, failed_testcases)); + free(UTEST_PTR_CAST(void *, utest_state.tests)); - if (utest_state.output) { - fclose(utest_state.output); - } + if (utest_state.output) + { + fclose(utest_state.output); + } - return UTEST_CAST(int, failed); + return UTEST_CAST(int, failed); } /* @@ -1147,10 +1223,11 @@ int utest_main(int argc, const char* const argv[]) { file, use the UTEST_STATE macro to declare a global struct variable that utest requires. */ -#define UTEST_MAIN() \ - UTEST_STATE(); \ - int main(int argc, const char* const argv[]) { \ - return utest_main(argc, argv); \ - } +#define UTEST_MAIN() \ + UTEST_STATE(); \ + int main(int argc, const char *const argv[]) \ + { \ + return utest_main(argc, argv); \ + } -#endif //SHEREDOM_UTEST_H_INCLUDED +#endif // SHEREDOM_UTEST_H_INCLUDED diff --git a/test/kmc/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c index 1921d7c0..c3c44d84 100644 --- a/test/kmc/ut_kmc_crypto.c +++ b/test/kmc/ut_kmc_crypto.c @@ -17,7 +17,8 @@ */ /** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. + * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB + *Functionality Enabled. **/ #include "crypto.h" #include "crypto_error.h" @@ -38,27 +39,28 @@ // #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" // #endif - // /** // * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB // **/ // UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 55, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 55, TC_HAS_FECF, +// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // char* raw_tc_jpl_mmt_scid44_vcid1= "2003dc070001bd37"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, +// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; @@ -72,8 +74,8 @@ // } // printf("\n"); -// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, +// raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // printf("Frame after encryption:\n"); // for (int i=0; itc_pdu_len; i++) @@ -517,5 +537,4 @@ // // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // } - UTEST_MAIN(); diff --git a/test/kmc/ut_kmc_crypto_cam.c b/test/kmc/ut_kmc_crypto_cam.c index 32693ce1..97fa264b 100644 --- a/test/kmc/ut_kmc_crypto_cam.c +++ b/test/kmc/ut_kmc_crypto_cam.c @@ -17,7 +17,8 @@ */ /** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. + * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB + *Functionality Enabled. **/ #include "crypto.h" #include "crypto_error.h" @@ -33,33 +34,40 @@ // UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS_KEYTAB_FILE) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); -// // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,"https://asec-dev-vm10.jpl.nasa.gov:443", NULL, NULL); -// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file","/home/isaleh/secret/testuser3300.kt",CAM_LOGIN_KEYTAB_FILE,"https://asec-dev-vm10.jpl.nasa.gov:443", "testuser3300", NULL); -// // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_KERBEROS,"https://asec-dev-vm10.jpl.nasa.gov:443", NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// // +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,"https://asec-dev-vm10.jpl.nasa.gov:443", +// NULL, NULL); +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file","/home/isaleh/secret/testuser3300.kt",CAM_LOGIN_KEYTAB_FILE,"https://asec-dev-vm10.jpl.nasa.gov:443", +// "testuser3300", NULL); +// // +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_KERBEROS,"https://asec-dev-vm10.jpl.nasa.gov:443", +// NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, +// AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, +// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, +// TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // char* raw_tc_jpl_mmt_scid44_vcid1= "202c0408000001bd37"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, +// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; @@ -71,8 +79,8 @@ // } // printf("\n"); -// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, +// raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -84,7 +92,6 @@ // } // printf("\n"); - // Crypto_Shutdown(); // free(raw_tc_jpl_mmt_scid44_vcid1_expect); // free(ptr_enc_frame); @@ -93,33 +100,39 @@ // UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); -// // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,"https://asec-dev-vm10.jpl.nasa.gov:443", NULL, NULL); -// // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file","/home/isaleh/secret/testuser3300.kt",CAM_LOGIN_KEYTAB_FILE,"https://asec-dev-vm10.jpl.nasa.gov:443", "testuser3300", NULL); -// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_KERBEROS,"https://asec-dev-vm10.jpl.nasa.gov:443", NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// // +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,"https://asec-dev-vm10.jpl.nasa.gov:443", +// NULL, NULL); +// // +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file","/home/isaleh/secret/testuser3300.kt",CAM_LOGIN_KEYTAB_FILE,"https://asec-dev-vm10.jpl.nasa.gov:443", +// "testuser3300", NULL); +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_KERBEROS,"https://asec-dev-vm10.jpl.nasa.gov:443", +// NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, +// AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, +// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, +// TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // char* raw_tc_jpl_mmt_scid44_vcid1= "202c0408000001bd37"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, +// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; @@ -131,8 +144,8 @@ // } // printf("\n"); -// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, +// raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -144,7 +157,6 @@ // } // printf("\n"); - // Crypto_Shutdown(); // free(raw_tc_jpl_mmt_scid44_vcid1_expect); // free(ptr_enc_frame); @@ -156,30 +168,32 @@ // UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, +// AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, +// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, +// TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // char* raw_tc_jpl_mmt_scid44_vcid1= "202c0408000001bd37"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, +// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; @@ -193,8 +207,8 @@ // } // printf("\n"); -// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, +// raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -206,7 +220,6 @@ // } // printf("\n"); - // Crypto_Shutdown(); // free(raw_tc_jpl_mmt_scid44_vcid1_expect); // free(ptr_enc_frame); @@ -218,30 +231,32 @@ // UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, +// AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, +// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, +// TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // char* raw_tc_jpl_mmt_scid44_vcid1= "202c0C08000001bf1a"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, +// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; @@ -255,8 +270,8 @@ // } // printf("\n"); -// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, +// raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -268,7 +283,6 @@ // } // printf("\n"); - // Crypto_Shutdown(); // free(raw_tc_jpl_mmt_scid44_vcid1_expect); // free(ptr_enc_frame); @@ -281,38 +295,39 @@ // UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, +// AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, +// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, +// TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); -// char* enc_tc_jpl_mmt_scid44_vcid1= "202C0426000002000000000000000000000001669C5639DCCFEA8C6CE33230EE2E7065496367CC"; -// char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; -// int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; +// char* enc_tc_jpl_mmt_scid44_vcid1= +// "202C0426000002000000000000000000000001669C5639DCCFEA8C6CE33230EE2E7065496367CC"; char* +// enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; // // Data=0001 // // IV=000000000000000000000001 // // AAD=00000000000000000000000000000000000000 - // TC_t* tc_processed_frame; // tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); -// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; @@ -325,8 +340,8 @@ // } // printf("\n"); -// status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -353,38 +368,39 @@ // UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, +// AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, +// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, +// TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); -// char* enc_tc_jpl_mmt_scid44_vcid1= "202C0C2600000400000000000000000000000100016E2051F96CAB186BCE364A65AF599AE52F38"; -// char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; -// int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; +// char* enc_tc_jpl_mmt_scid44_vcid1= +// "202C0C2600000400000000000000000000000100016E2051F96CAB186BCE364A65AF599AE52F38"; char* +// enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; // // Data=0001 // // IV=000000000000000000000001 // // AAD=00000000000000000000000000000000000000 - // TC_t* tc_processed_frame; // tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); -// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; @@ -397,7 +413,8 @@ // } // printf("\n"); -// status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); +// status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); // if(status != CRYPTO_LIB_SUCCESS) // { @@ -425,27 +442,29 @@ // UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // char* raw_tc_jpl_mmt_scid44_vcid1= "202c2c08000001bd37"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, +// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; @@ -459,8 +478,8 @@ // } // printf("\n"); -// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, +// raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -472,7 +491,6 @@ // } // printf("\n"); - // Crypto_Shutdown(); // free(raw_tc_jpl_mmt_scid44_vcid1_expect); // free(ptr_enc_frame); @@ -482,21 +500,22 @@ // UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // char* enc_tc_jpl_mmt_scid44_vcid1= "202C2C1E000009000000000000000000000001669C5639DCCFEA8C6CE3AA71"; // char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; @@ -506,11 +525,11 @@ // // IV=000000000000000000000001 // // AAD=00000000000000000000000000000000000000 - // TC_t* tc_processed_frame; // tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); -// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; @@ -523,8 +542,8 @@ // } // printf("\n"); -// status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -548,21 +567,22 @@ // UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // char* enc_tc_jpl_mmt_scid44_vcid1= "202C2C1E000009000000000000000000000001669C5639DCCDEA8C6CE3EEF2"; // char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; @@ -572,11 +592,11 @@ // // IV=000000000000000000000001 // // AAD=00000000000000000000000000000000000000 - // TC_t* tc_processed_frame; // tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); -// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; @@ -589,8 +609,8 @@ // } // printf("\n"); -// status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -601,32 +621,33 @@ // free(ptr_enc_frame); // } - // //16 bytes is max for AES GCM so this is an error test // UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", // "sa_password"); // Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", -// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, -// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", +// NULL, CRYPTO_FALSE, // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", -// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// "PEM", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", // NULL, NULL); // Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 12, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 12, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // char* raw_tc_jpl_mmt_scid44_vcid1= "202c3008000001bd37"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, +// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; @@ -640,8 +661,8 @@ // } // printf("\n"); -// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); -// if(status != CRYPTO_LIB_SUCCESS) +// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, +// raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } @@ -653,5 +674,4 @@ // free(ptr_enc_frame); // } - UTEST_MAIN(); diff --git a/test/kmc/ut_kmc_crypto_with_mtls_sadb.c b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c index 0d690d44..0bf729f8 100644 --- a/test/kmc/ut_kmc_crypto_with_mtls_sadb.c +++ b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c @@ -17,7 +17,8 @@ */ /** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. + * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB + *Functionality Enabled. **/ #include "crypto.h" #include "crypto_error.h" @@ -44,24 +45,27 @@ // UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, +// AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, +// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, +// TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // char* raw_tc_jpl_mmt_scid44_vcid1= "20030408000001bd37"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, +// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; @@ -75,8 +79,8 @@ // } // printf("\n"); -// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// status = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, +// raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // printf("Frame after encryption:\n"); // for (int i=0; iek_ref[0] != '\0') // clean_ek_ref(test_association); // if (test_association->ak_ref[0] != '\0') // clean_ak_ref(test_association); - + // free(test_association); // } @@ -52,10 +51,10 @@ // { // printf("Resetting Database\n"); // system("mysql --host=localhost -uroot -pitc123! < ../../src/sa/sa_mariadb_sql/empty_sadb.sql"); -// system("mysql --host=localhost -uroot -pitc123! < ../../src/sa/test_sa_mariadb_sql/create_sa_ivv_unit_tests.sql"); +// system("mysql --host=localhost -uroot -pitc123! < +// ../../src/sa/test_sa_mariadb_sql/create_sa_ivv_unit_tests.sql"); // } - // // Global SQL Connection Parameters // // Generic passwords saved in a file = bad ... but this is just for testing @@ -68,7 +67,7 @@ // char* ssl_key = "NONE"; // char* ssl_ca = "NONE"; // char* ssl_capath = "NONE"; -// uint8_t verify_server = 0; +// uint8_t verify_server = 0; // char* client_key_password = NULL; // /** @@ -78,12 +77,12 @@ // { // int32_t status = CRYPTO_LIB_ERROR; // reload_db(); - + // status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, // ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -105,8 +104,8 @@ // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // status = sa_if->sa_get_from_spi(1, &test_sa); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// ASSERT_EQ(test_sa->iv[11] , 0xAB); -// Crypto_Shutdown(); +// ASSERT_EQ(test_sa->iv[11] , 0xAB); +// Crypto_Shutdown(); // cleanup_sa(test_sa); // } @@ -117,12 +116,12 @@ // { // int32_t status = CRYPTO_LIB_ERROR; // reload_db(); - + // status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, // ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -153,12 +152,12 @@ // cleanup_sa(test_association); // status = sa_if->sa_get_from_spi(2, &test_association); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 2); // Verify that IV incremented. +// ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 2); // Verify that IV incremented. // free(raw_tc_sdls_ping_b); // free(ptr_enc_frame); // cleanup_sa(test_association); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } // /** @@ -168,13 +167,12 @@ // { // int32_t status = CRYPTO_LIB_ERROR; // reload_db(); - + // status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, // ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -200,15 +198,15 @@ // return_val = // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - + // ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - + // cleanup_sa(test_association); // status = sa_if->sa_get_from_spi(3, &test_association); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 2); // Verify that IV incremented. +// ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 2); // Verify that IV incremented. -// Crypto_Shutdown(); +// Crypto_Shutdown(); // cleanup_sa(test_association); // free(raw_tc_sdls_ping_b); // free(ptr_enc_frame); @@ -216,26 +214,23 @@ // /** // * @brief Validation Test: Authorized Decryption -// * Makes use of truth data created from the previous AUTH_ENCRYPTION_TEST, to validate that Crypto_TC_ProcessSecurity( -// *uint8_t* ingest, int* len_ingest,TC_t* tc_sdls_processed_frame) properly decrypts data and returns it to the intial -// *truth data created by the python_auth_encryption(uint8_t* data, uint8_t* key, uint8_t* iv, uint8_t* header, uint8_t* -// *bitmask, uint8_t** expected, long* expected_length) function. +// * Makes use of truth data created from the previous AUTH_ENCRYPTION_TEST, to validate that +// Crypto_TC_ProcessSecurity( *uint8_t* ingest, int* len_ingest,TC_t* tc_sdls_processed_frame) properly decrypts data +// and returns it to the intial *truth data created by the python_auth_encryption(uint8_t* data, uint8_t* key, uint8_t* +// iv, uint8_t* header, uint8_t* *bitmask, uint8_t** expected, long* expected_length) function. // **/ // UTEST(MARIA_DB, AUTH_DECRYPTION_TEST) // { -// char* dec_test_h = "20030433000000030000000000000000000000014ED87188D42B3F36130F355E83F3DE9C5E8F716321145159B41144E5514EBBEA"; -// char* enc_test_h = "80d2c70008197f0b00310000b1fe"; -// uint8_t* dec_test_b, *enc_test_b = NULL; -// int dec_test_len, enc_test_len = 0; -// int32_t status = CRYPTO_LIB_ERROR; -// reload_db(); - +// char* dec_test_h = +// "20030433000000030000000000000000000000014ED87188D42B3F36130F355E83F3DE9C5E8F716321145159B41144E5514EBBEA"; char* +// enc_test_h = "80d2c70008197f0b00310000b1fe"; uint8_t* dec_test_b, *enc_test_b = NULL; int dec_test_len, +// enc_test_len = 0; int32_t status = CRYPTO_LIB_ERROR; reload_db(); + // status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, // ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -248,12 +243,11 @@ // hex_conversion(dec_test_h, (char**) &dec_test_b, &dec_test_len); // hex_conversion(enc_test_h, (char**) &enc_test_b, &enc_test_len); - // TC_t* tc_sdls_processed_frame; // tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - + // SecurityAssociation_t* test_association; // sa_if->sa_get_from_spi(3, &test_association); // test_association->iv[test_association->iv_len - 1] = 0; @@ -282,13 +276,12 @@ // { // int32_t status = CRYPTO_LIB_ERROR; // reload_db(); - + // status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, // ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -325,7 +318,7 @@ // return_val = // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); // free(ptr_enc_frame); -// ptr_enc_frame = NULL; +// ptr_enc_frame = NULL; // return_val = // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); // free(ptr_enc_frame); @@ -340,13 +333,12 @@ // ptr_enc_frame = NULL; // return_val = // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - + // cleanup_sa(test_association); -// sa_if->sa_get_from_spi(4, &test_association); +// sa_if->sa_get_from_spi(4, &test_association); // for (int i = 0; i < test_association->iv_len; i++) // { -// printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); +// printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); // ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); // } @@ -356,7 +348,7 @@ // free(new_iv_b); // free(raw_tc_sdls_ping_b); // free(ptr_enc_frame); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // } // /** @@ -366,13 +358,12 @@ // { // int32_t status = CRYPTO_LIB_ERROR; // reload_db(); - + // status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, // ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -408,9 +399,9 @@ // sa_if->sa_get_from_spi(4, &test_association); // memcpy(test_association->iv, new_iv_b, new_iv_len); // return_val = -// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); // free(ptr_enc_frame); -// ptr_enc_frame = NULL; +// ptr_enc_frame = NULL; // return_val = // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); // free(ptr_enc_frame); @@ -424,13 +415,13 @@ // free(ptr_enc_frame); // ptr_enc_frame = NULL; // return_val = -// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); // cleanup_sa(test_association); -// sa_if->sa_get_from_spi(4, &test_association); +// sa_if->sa_get_from_spi(4, &test_association); // for (int i = 0; i < test_association->iv_len; i++) // { -// printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); +// printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); // ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); // } @@ -440,10 +431,9 @@ // free(new_iv_b); // free(raw_tc_sdls_ping_b); // free(ptr_enc_frame); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // } - // /** // * @brief Unit Test: Nominal Authorized Encryption With Partial ARSN Rollover, increment static ARSN // **/ @@ -451,13 +441,12 @@ // { // int32_t status = CRYPTO_LIB_ERROR; // reload_db(); - + // status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, // ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -494,37 +483,42 @@ // sa_if->sa_get_from_spi(5, &test_association); // return_val = -// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, +// &enc_frame_len); // ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); // free(ptr_enc_frame); // ptr_enc_frame = NULL; // cleanup_sa(test_association); // sa_if->sa_get_from_spi(5, &test_association); // return_val = -// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, +// &enc_frame_len); // ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); // free(ptr_enc_frame); // ptr_enc_frame = NULL; // cleanup_sa(test_association); // sa_if->sa_get_from_spi(5, &test_association); // return_val = -// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, +// &enc_frame_len); // ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); // free(ptr_enc_frame); // ptr_enc_frame = NULL; // cleanup_sa(test_association); // sa_if->sa_get_from_spi(5, &test_association); // return_val = -// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, +// &enc_frame_len); // ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); // free(ptr_enc_frame); // ptr_enc_frame = NULL; // cleanup_sa(test_association); // sa_if->sa_get_from_spi(5, &test_association); // return_val = -// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, +// &enc_frame_len); // ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); - + // cleanup_sa(test_association); // printf("Expected ARSN:\n"); @@ -540,7 +534,7 @@ // } // //Must shutdown after checking test_association ARSN since that will get freed! - + // cleanup_sa(test_association); // free(expected_arsn_b); // free(new_arsn_b); @@ -558,13 +552,12 @@ // { // int32_t status = CRYPTO_LIB_ERROR; // reload_db(); - + // status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, // ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -582,7 +575,8 @@ // uint8_t* ptr_enc_frame = NULL; // uint16_t enc_frame_len = 0; -// int32_t return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_bad_scid_b, raw_tc_sdls_ping_bad_scid_len, +// int32_t return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_bad_scid_b, +// raw_tc_sdls_ping_bad_scid_len, // &ptr_enc_frame, &enc_frame_len); // free(raw_tc_sdls_ping_bad_scid_b); // free(ptr_enc_frame); diff --git a/test/kmc/ut_tc_kmc.c b/test/kmc/ut_tc_kmc.c index 466e9a64..7b2a2485 100644 --- a/test/kmc/ut_tc_kmc.c +++ b/test/kmc/ut_tc_kmc.c @@ -30,29 +30,37 @@ #include #include -#define KMC_HOSTNAME "itc.kmc.nasa.gov" -#define CA_PATH "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt" -#define CLIENT_CERTIFICATE "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem" +#define KMC_HOSTNAME "itc.kmc.nasa.gov" +#define CA_PATH "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt" +#define CLIENT_CERTIFICATE "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem" #define CLIENT_CERTIFICATE_KEY "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem" /** * @brief Error Function for MDB_DB_RESET - * - * @param con + * + * @param con */ void finish_with_error(MYSQL *con) { - fprintf(stderr, "%s\n", mysql_error(con)); - mysql_close(con); - exit(1); + fprintf(stderr, "%s\n", mysql_error(con)); + mysql_close(con); + exit(1); } void reload_db(void) { printf("Resetting Database\n"); - system("mysql --host=itc.kmc.nasa.gov -u cryptosvc --ssl-ca=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt --ssl-verify-server-cert --ssl-cert=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem --ssl-key=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem < src/sa/sadb_mariadb_sql/empty_sadb.sql"); + system("mysql --host=itc.kmc.nasa.gov -u cryptosvc " + "--ssl-ca=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt --ssl-verify-server-cert " + "--ssl-cert=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem " + "--ssl-key=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem < " + "src/sa/sadb_mariadb_sql/empty_sadb.sql"); printf("first call done\n"); - system("mysql --host=itc.kmc.nasa.gov -u cryptosvc --ssl-ca=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt --ssl-verify-server-cert --ssl-cert=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem --ssl-key=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem < src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql"); + system("mysql --host=itc.kmc.nasa.gov -u cryptosvc " + "--ssl-ca=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt --ssl-verify-server-cert " + "--ssl-cert=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem " + "--ssl-key=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem < " + "src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql"); } /** @@ -63,53 +71,75 @@ void reload_db(void) void MDB_DB_RESET() { MYSQL *con = mysql_init(NULL); - if(sa_mariadb_config->mysql_mtls_key != NULL) - { - mysql_optionsv(con, MYSQL_OPT_SSL_KEY, sa_mariadb_config->mysql_mtls_key); - } - if(sa_mariadb_config->mysql_mtls_cert != NULL) - { - mysql_optionsv(con, MYSQL_OPT_SSL_CERT, sa_mariadb_config->mysql_mtls_cert); - } - if(sa_mariadb_config->mysql_mtls_ca != NULL) - { - mysql_optionsv(con, MYSQL_OPT_SSL_CA, sa_mariadb_config->mysql_mtls_ca); - } - if(sa_mariadb_config->mysql_mtls_capath != NULL) - { - mysql_optionsv(con, MYSQL_OPT_SSL_CAPATH, sa_mariadb_config->mysql_mtls_capath); - } - if (sa_mariadb_config->mysql_tls_verify_server != CRYPTO_FALSE) - { - mysql_optionsv(con, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &(sa_mariadb_config->mysql_tls_verify_server)); - } - if (sa_mariadb_config->mysql_mtls_client_key_password != NULL) - { - mysql_optionsv(con, MARIADB_OPT_TLS_PASSPHRASE, sa_mariadb_config->mysql_mtls_client_key_password); - } - if (sa_mariadb_config->mysql_require_secure_transport == CRYPTO_TRUE) - { - mysql_optionsv(con, MYSQL_OPT_SSL_ENFORCE,&(sa_mariadb_config->mysql_require_secure_transport)); - } - //if encrypted connection (TLS) connection. No need for SSL Key - if (mysql_real_connect(con, sa_mariadb_config->mysql_hostname, - sa_mariadb_config->mysql_username, - sa_mariadb_config->mysql_password, - sa_mariadb_config->mysql_database, - sa_mariadb_config->mysql_port, NULL, 0) == NULL) - { - //0,NULL,0 are port number, unix socket, client flag - finish_with_error(con); - } + if (sa_mariadb_config->mysql_mtls_key != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_KEY, sa_mariadb_config->mysql_mtls_key); + } + if (sa_mariadb_config->mysql_mtls_cert != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CERT, sa_mariadb_config->mysql_mtls_cert); + } + if (sa_mariadb_config->mysql_mtls_ca != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CA, sa_mariadb_config->mysql_mtls_ca); + } + if (sa_mariadb_config->mysql_mtls_capath != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CAPATH, sa_mariadb_config->mysql_mtls_capath); + } + if (sa_mariadb_config->mysql_tls_verify_server != CRYPTO_FALSE) + { + mysql_optionsv(con, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &(sa_mariadb_config->mysql_tls_verify_server)); + } + if (sa_mariadb_config->mysql_mtls_client_key_password != NULL) + { + mysql_optionsv(con, MARIADB_OPT_TLS_PASSPHRASE, sa_mariadb_config->mysql_mtls_client_key_password); + } + if (sa_mariadb_config->mysql_require_secure_transport == CRYPTO_TRUE) + { + mysql_optionsv(con, MYSQL_OPT_SSL_ENFORCE, &(sa_mariadb_config->mysql_require_secure_transport)); + } + // if encrypted connection (TLS) connection. No need for SSL Key + if (mysql_real_connect(con, sa_mariadb_config->mysql_hostname, sa_mariadb_config->mysql_username, + sa_mariadb_config->mysql_password, sa_mariadb_config->mysql_database, + sa_mariadb_config->mysql_port, NULL, 0) == NULL) + { + // 0,NULL,0 are port number, unix socket, client flag + finish_with_error(con); + } printf("Truncating Tables\n"); - char* query = "TRUNCATE TABLE security_associations\n"; + char *query = "TRUNCATE TABLE security_associations\n"; if (mysql_real_query(con, query, strlen(query))) { // query should be NUL terminated! printf("Failed to Truncate Table\n"); finish_with_error(con); } - query = "INSERT INTO security_associations (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid,ecs_len, shplf_len) VALUES (11,'kmc/test/key130',3,X'02',1,0,16,16,0,X'00000000000000000000000000000001',1024,X'00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,0,0,1,1)"; + query = + "INSERT INTO security_associations " + "(spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid," + "ecs_len, shplf_len) VALUES " + "(11,'kmc/test/" + "key130',3,X'02',1,0,16,16,0,X'00000000000000000000000000000001',1024,X'" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,0,0,1,1)"; if (mysql_real_query(con, query, strlen(query))) { // query should be NUL terminated! printf("Failed to re-create security_association table for SPI 11\n"); @@ -117,7 +147,6 @@ void MDB_DB_RESET() } } - /** * @brief Unit Test: Nominal Encryption CBC KMC **/ @@ -125,35 +154,42 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) { reload_db(); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB(KMC_HOSTNAME,"sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", "changeit"); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - GvcidManagedParameters_t TC_UT_Managed_Parameters0 = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, NULL, "root", "changeit"); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + GvcidManagedParameters_t TC_UT_Managed_Parameters0 = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters0); - GvcidManagedParameters_t TC_UT_Managed_Parameters1 = {0, 0x0003, 1, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; + GvcidManagedParameters_t TC_UT_Managed_Parameters1 = { + 0, 0x0003, 1, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters1); - GvcidManagedParameters_t TC_UT_Managed_Parameters2 = {0, 0x0003, 2, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; + GvcidManagedParameters_t TC_UT_Managed_Parameters2 = { + 0, 0x0003, 2, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters2); - GvcidManagedParameters_t TC_UT_Managed_Parameters3 = {0, 0x0003, 3, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; + GvcidManagedParameters_t TC_UT_Managed_Parameters3 = { + 0, 0x0003, 3, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters3); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + // AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, + // TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; // SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); @@ -168,20 +204,20 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // test_association->sa_state = SA_OPERATIONAL; // sa_if->sa_get_from_spi(11, &test_association); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - char* truth_data_h = "2003002A0000000B00000000000000000000000000000000025364F9BC3344AF359DA06CA886746F59A0AB"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = "2003002A0000000B00000000000000000000000000000000025364F9BC3344AF359DA06CA886746F59A0AB"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) + // printf("Encrypted Frame:\n"); + for (int i = 0; i < enc_frame_len; i++) { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); + // printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } - //printf("\n"); + // printf("\n"); Crypto_Shutdown(); free(raw_tc_sdls_ping_b); @@ -195,17 +231,18 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; // char* raw_tc_sdls_ping_b = NULL; @@ -255,17 +292,18 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_16BP) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // char* raw_tc_sdls_ping_h = "20030017000080d2c70008197f0b003100000000b1fe3128"; // char* raw_tc_sdls_ping_b = NULL; @@ -290,7 +328,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // return_val = // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); -// char* truth_data_h = "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; +// char* truth_data_h = +// "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; // uint8_t* truth_data_b = NULL; // int truth_data_l = 0; @@ -311,25 +350,27 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // /** // * @brief Unit Test: Nominal Encryption CBC KMC -// * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, +// * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, // * will cause frame length exception. // **/ // UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_MAX) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - -// char* raw_tc_sdls_ping_h = "200303E6000080d2c70008197f0b00310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = +// "200303E6000080d2c70008197f0b00310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; // char* raw_tc_sdls_ping_b = NULL; // int raw_tc_sdls_ping_len = 0; // SaInterface sa_if = get_sa_interface_inmemory(); @@ -359,25 +400,28 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // /** // * @brief Unit Test: Encryption CBC KMC -// * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 bytes, +// * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 +// bytes, // * will cause frame length exception. // **/ // UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_TOO_BIG) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - -// char* raw_tc_sdls_ping_h = "200303F7000080d2c70008197f0b0031000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = +// "200303F7000080d2c70008197f0b0031000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; // char* raw_tc_sdls_ping_b = NULL; // int raw_tc_sdls_ping_len = 0; // SaInterface sa_if = get_sa_interface_inmemory(); @@ -411,18 +455,19 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_NULL_IV) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + // char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; // char* raw_tc_sdls_ping_b = NULL; // int raw_tc_sdls_ping_len = 0; @@ -464,13 +509,14 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // UTEST(TC_APPLY_SECURITY, ENC_GCM_KMC_NULL_IV) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // // // 200300230000000B000000000000000000000000852DDEFF8FCD93567F271E192C07F126 // char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; @@ -511,23 +557,25 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // free(ptr_enc_frame); // } -// //********************************* Encryption Tests MDB + KMC *******************************************************************// +// //********************************* Encryption Tests MDB + KMC +// *******************************************************************// // /** // * @brief Unit Test: Nominal Encryption CBC MDB KMC // **/ // UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // char* raw_tc_sdls_ping_h = "20031815000080d2c70008197f0b00310000b1fe3128"; // char* raw_tc_sdls_ping_b = NULL; @@ -543,7 +591,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - + // Crypto_Shutdown(); // free(raw_tc_sdls_ping_b); // free(ptr_enc_frame); @@ -555,14 +603,15 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // char* raw_tc_sdls_ping_h = "20031816000080d2c70008197f0b0031000000b1fe3128"; @@ -603,14 +652,15 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // char* raw_tc_sdls_ping_h = "20031817000080d2c70008197f0b003100000000b1fe3128"; @@ -625,7 +675,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // return_val = // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); -// char* truth_data_h = "2003183A000000120000000000000000000000000000000310CA8B21BCB5AFB1A306CDC96C80C9208D00EB961E3F61D355E30F01CFDCCC7D026D56"; +// char* truth_data_h = +// "2003183A000000120000000000000000000000000000000310CA8B21BCB5AFB1A306CDC96C80C9208D00EB961E3F61D355E30F01CFDCCC7D026D56"; // uint8_t* truth_data_b = NULL; // int truth_data_l = 0; @@ -646,23 +697,25 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // /** // * @brief Unit Test: Nominal Encryption CBC MDB KMC -// * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, +// * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, // * will cause frame length exception. // **/ // UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -// char* raw_tc_sdls_ping_h = "20031BE0000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; +// char* raw_tc_sdls_ping_h = +// "20031BE0000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; // char* raw_tc_sdls_ping_b = NULL; // int raw_tc_sdls_ping_len = 0; // SaInterface sa_if = get_sa_interface_inmemory(); @@ -692,26 +745,29 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // /** // * @brief Unit Test: Encryption CBC MDB KMC -// * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 bytes, +// * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 +// bytes, // * will cause frame length exception. // **/ // UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - -// char* raw_tc_sdls_ping_h = "200303F2000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = +// "200303F2000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; // char* raw_tc_sdls_ping_b = NULL; // int raw_tc_sdls_ping_len = 0; // SaInterface sa_if = get_sa_interface_inmemory(); @@ -745,16 +801,17 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_NULL_IV) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // char* raw_tc_sdls_ping_h = "20031015000080d2c70008197f0b00310000b1fe3128"; // char* raw_tc_sdls_ping_b = NULL; @@ -768,31 +825,32 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // return_val = // Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - // Crypto_Shutdown(); // free(raw_tc_sdls_ping_b); // free(ptr_enc_frame); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // } - -// //******************************************************* Decryption Tests *******************************************************// +// //******************************************************* Decryption Tests +// *******************************************************// // /** // * @brief Unit Test: Nominal Decryption CBC KMC // **/ // UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_KMC) // { -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -816,9 +874,9 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // // Convert input test frame // hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + // status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - + // char* truth_data_h = "80d2c70008197f0b00310000b1fe"; // uint8_t* truth_data_b = NULL; // int truth_data_l = 0; @@ -834,7 +892,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // free(test_frame_pt_b); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } // /** @@ -842,16 +900,18 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // **/ // UTEST(TC_PROCESS, DECRYPT_CBC_KMC_1B) // { -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -875,9 +935,9 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // // Convert input test frame // hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + // status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - + // char* truth_data_h = "80d2c70008197f0b0031000000b1fe"; // uint8_t* truth_data_b = NULL; // int truth_data_l = 0; @@ -893,7 +953,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // free(test_frame_pt_b); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } // /** @@ -901,16 +961,18 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // **/ // UTEST(TC_PROCESS, DECRYPT_CBC_KMC_16B) // { -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, +// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, +// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -918,7 +980,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); -// char* test_frame_pt_h = "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; +// char* test_frame_pt_h = +// "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; // uint8_t *test_frame_pt_b = NULL; // int test_frame_pt_len = 0; @@ -934,9 +997,9 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // // Convert input test frame // hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + // status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - + // char* truth_data_h = "80d2c70008197f0b003100000000b1fe"; // uint8_t* truth_data_b = NULL; // int truth_data_l = 0; @@ -952,7 +1015,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // free(test_frame_pt_b); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } // /** @@ -960,13 +1023,14 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // **/ // UTEST(TC_PROCESS, DECRYPT_CBC_KMC_NULL_IV) // { -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -988,11 +1052,10 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // // Convert input test frame // hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); // status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // free(test_frame_pt_b); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } // /** @@ -1001,20 +1064,22 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // UTEST(TC_PROCESS, DECRYPT_GCM_KMC_NULL_IV) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t return_val = Crypto_Init(); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, +// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", +// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); // TC_t* tc_sdls_processed_frame; // tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); -// char* raw_tc_sdls_ping_h = "200300330000000B5C7D0E687B4ACC8978CEB8F9F1713AC7E65FAA6845BF9607A6D2B89B7AF55C4463B9068F344242AAFAEBE298"; +// char* raw_tc_sdls_ping_h = +// "200300330000000B5C7D0E687B4ACC8978CEB8F9F1713AC7E65FAA6845BF9607A6D2B89B7AF55C4463B9068F344242AAFAEBE298"; // uint8_t* raw_tc_sdls_ping_b = NULL; // int raw_tc_sdls_ping_len = 0; // SaInterface sa_if = get_sa_interface_inmemory(); @@ -1052,14 +1117,16 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // **/ // UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) // { -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1074,7 +1141,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // // Convert input test frame // hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + // status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1091,9 +1158,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // } // //printf("\n"); - // free(test_frame_pt_b); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } // /** @@ -1101,14 +1167,15 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // **/ // UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) // { -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1122,7 +1189,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // // Convert input test frame // hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + // status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // char* truth_data_h = "80d2c70008197f0b0031000000b1fe"; @@ -1138,9 +1205,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // } // //printf("\n"); - // free(test_frame_pt_b); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } // /** @@ -1148,14 +1214,15 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // **/ // UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) // { -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1163,13 +1230,14 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); -// char* test_frame_pt_h = "2003183A000000120000000000000000000000000000000310CA8B21BCB5AFB1A306CDC96C80C9208D00EB961E3F61D355E30F01CFDCCC7D026D56"; +// char* test_frame_pt_h = +// "2003183A000000120000000000000000000000000000000310CA8B21BCB5AFB1A306CDC96C80C9208D00EB961E3F61D355E30F01CFDCCC7D026D56"; // uint8_t *test_frame_pt_b = NULL; // int test_frame_pt_len = 0; // // Convert input test frame // hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + // status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1186,9 +1254,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // } // printf("\n"); - // free(test_frame_pt_b); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } // /** @@ -1196,14 +1263,15 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // **/ // UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_NULL_IV) // { -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, // IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", +// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", +// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, +// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1211,9 +1279,9 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); // //2003102E00000006DDB12ADB9F880659AD5703EF6D45BD4A0001EF2BD095982BC3AC58B8AB92484662E000000026F3 -// char* test_frame_pt_h = "2003102C00000006703809AED191A8041A6DCEB4C030894400120218AB4508A560430D644DE39E35011E454755"; -// uint8_t *test_frame_pt_b = NULL; -// int test_frame_pt_len = 0; +// char* test_frame_pt_h = +// "2003102C00000006703809AED191A8041A6DCEB4C030894400120218AB4508A560430D644DE39E35011E454755"; uint8_t +// *test_frame_pt_b = NULL; int test_frame_pt_len = 0; // // Expose/setup SAs for testing // SecurityAssociation_t* test_association = NULL; @@ -1224,9 +1292,9 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // // Convert input test frame // hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + // status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - + // // char* truth_data_h = "80d2c70008197f0b00310000b1fe"; // // uint8_t* truth_data_b = NULL; // // int truth_data_l = 0; @@ -1242,7 +1310,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // free(test_frame_pt_b); -// Crypto_Shutdown(); +// Crypto_Shutdown(); // } UTEST_MAIN(); \ No newline at end of file diff --git a/test/performance/pt_auth_as.c b/test/performance/pt_auth_as.c index e6961e23..4bd11d96 100644 --- a/test/performance/pt_auth_as.c +++ b/test/performance/pt_auth_as.c @@ -17,8 +17,8 @@ */ /** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. - * BE SURE TO HAVE APPROPRIATE SA's READY FOR EACH SET OF TESTS + * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB + *Functionality Enabled. BE SURE TO HAVE APPROPRIATE SA's READY FOR EACH SET OF TESTS **/ #include "crypto.h" #include "crypto_error.h" @@ -32,63 +32,67 @@ #include #include -int num_frames_1K = 1; +int num_frames_1K = 1; int num_frames_100 = 1; #ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +#define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" #else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +/* KMC_MDB_DB */ +#define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" #endif -void Write_To_File(uint16_t enc_frame_len, float total_time, char* test_name, int num_frames, int reset) +void Write_To_File(uint16_t enc_frame_len, float total_time, char *test_name, int num_frames, int reset) { - if(reset == 1) + if (reset == 1) { - if(access("PERFORMANCE_RESULTS_AAS.csv", F_OK) == 0) + if (access("PERFORMANCE_RESULTS_AAS.csv", F_OK) == 0) { int deleted = remove("PERFORMANCE_RESULTS_AAS.csv"); - if(deleted){printf("ERROR Deleting File!\n");} + if (deleted) + { + printf("ERROR Deleting File!\n"); + } } } FILE *fp = NULL; - fp = fopen("PERFORMANCE_RESULTS_AAS.csv", "a"); + fp = fopen("PERFORMANCE_RESULTS_AAS.csv", "a"); if (fp != NULL) - { - if(reset ==1) fprintf(fp, "Name of Test,Frames Sent,Bytes per Frame,Total Time,Mbps\n"); - fprintf(fp, "%s,%d,%d,%f,%f\n", test_name, num_frames, enc_frame_len, total_time, (((enc_frame_len * 8 * num_frames)/total_time)/1024/1024)); + { + if (reset == 1) + fprintf(fp, "Name of Test,Frames Sent,Bytes per Frame,Total Time,Mbps\n"); + fprintf(fp, "%s,%d,%d,%f,%f\n", test_name, num_frames, enc_frame_len, total_time, + (((enc_frame_len * 8 * num_frames) / total_time) / 1024 / 1024)); } fclose(fp); - } double Apply_Security_Loop(uint8_t *frame, int frame_length, uint8_t *enc_frame, uint16_t *enc_frame_len, int num_loops) { struct timespec begin, end; - double total_time; + double total_time; total_time = 0.0; - frame = frame; - frame_length = frame_length; + frame = frame; + frame_length = frame_length; enc_frame_len = enc_frame_len; int32_t status = CRYPTO_LIB_SUCCESS; - for(int i = 0; i < num_loops; i++) + for (int i = 0; i < num_loops; i++) { - printf("LOOP NUMBER: %d\n", i+1); + printf("LOOP NUMBER: %d\n", i + 1); clock_gettime(CLOCK_REALTIME, &begin); status = Crypto_TC_ApplySecurity(frame, frame_length, &enc_frame, enc_frame_len); clock_gettime(CLOCK_REALTIME, &end); free(enc_frame); - long seconds = end.tv_sec - begin.tv_sec; - long nanoseconds = end.tv_nsec - begin.tv_nsec; - double elapsed = seconds + nanoseconds*1e-9; + long seconds = end.tv_sec - begin.tv_sec; + long nanoseconds = end.tv_nsec - begin.tv_nsec; + double elapsed = seconds + nanoseconds * 1e-9; if (status != CRYPTO_LIB_SUCCESS) { @@ -105,46 +109,50 @@ double Apply_Security_Loop(uint8_t *frame, int frame_length, uint8_t *enc_frame, UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* data_b = NULL; - int data_l = 0; + char *data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012" + "3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *data_b = NULL; + int data_l = 0; - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_lsa_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\nLSA+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_libg, "Auth Only: LSA+LIBG Apply Security SHORT", num_frames_100, 1); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -154,46 +162,53 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* data_b = NULL; - int data_l = 0; + char *data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012" + "3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *data_b = NULL; + int data_l = 0; - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_mdb_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_mdb_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_mdb_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_mdb_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_libg, "Auth Only: MDB+LIBG Apply Security SHORT", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -203,45 +218,50 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* data_b = NULL; - int data_l = 0; + char *data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012" + "3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *data_b = NULL; + int data_l = 0; - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: LSA+KMC Apply Security SHORT", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -251,38 +271,45 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* data_b = NULL; - int data_l = 0; + char *data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012" + "3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *data_b = NULL; + int data_l = 0; - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: MDB+KMC Apply Security SHORT", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -294,46 +321,58 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *data_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_lsa_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_libg, "Auth Only: LSA+LIBG Apply Security MED", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -343,46 +382,61 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *data_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_mdb_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_mdb_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_mdb_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_mdb_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_libg, "Auth Only: MDB+LIBG Apply Security MED", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -392,45 +446,58 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; + char *data_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: LSA+KMC Apply Security MED", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -440,89 +507,126 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; + char *data_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: MDB+KMC Apply Security MED", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } -// ******************** LONG TESTS 100 ********************* +// ******************** LONG TESTS 100 ********************* UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *data_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_lsa_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_libg, "Auth Only: LSA+LIBG Apply Security LONG", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -532,46 +636,71 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *data_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_mdb_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_mdb_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_mdb_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_mdb_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_libg, "Auth Only: MDB+LIBG Apply Security LONG", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -581,45 +710,68 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; + char *data_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); + + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: LSA+KMC Apply Security LONG", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -629,38 +781,63 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; + char *data_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_100); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: MDB+KMC Apply Security LONG", num_frames_100, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -672,46 +849,50 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* data_b = NULL; - int data_l = 0; + char *data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012" + "3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *data_b = NULL; + int data_l = 0; - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_lsa_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_libg, "Auth Only: LSA+LIBG Apply Security SHORT", num_frames_1K, 1); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -721,46 +902,53 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* data_b = NULL; - int data_l = 0; + char *data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012" + "3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *data_b = NULL; + int data_l = 0; - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_mdb_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_mdb_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_mdb_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_mdb_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_libg, "Auth Only: MDB+LIBG Apply Security SHORT", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -770,45 +958,50 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* data_b = NULL; - int data_l = 0; + char *data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012" + "3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *data_b = NULL; + int data_l = 0; - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: LSA+KMC Apply Security SHORT", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -818,38 +1011,45 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* data_b = NULL; - int data_l = 0; + char *data_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012" + "3456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *data_b = NULL; + int data_l = 0; - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: MDB+KMC Apply Security SHORT", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -861,46 +1061,58 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_1K) UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *data_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_lsa_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_libg, "Auth Only: LSA+LIBG Apply Security MED", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -910,46 +1122,61 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *data_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_mdb_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_mdb_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_mdb_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_mdb_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_libg, "Auth Only: MDB+LIBG Apply Security MED", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -959,45 +1186,58 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; + char *data_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: LSA+KMC Apply Security MED", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -1007,89 +1247,126 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; + char *data_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: MDB+KMC Apply Security MED", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } -// ******************** LONG TESTS 1K ********************* +// ******************** LONG TESTS 1K ********************* UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *data_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_lsa_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_libg, "Auth Only: LSA+LIBG Apply Security LONG", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -1099,46 +1376,71 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *data_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_mdb_libg = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_mdb_libg < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_mdb_libg = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_mdb_libg < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+LIBG AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_libg); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_libg)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_libg) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_libg, "Auth Only: MDB+LIBG Apply Security LONG", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -1148,45 +1450,68 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; + char *data_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; + test_association->est = 0; test_association->arsn_len = 0; - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); + + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nLSA+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: LSA+KMC Apply Security LONG", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); @@ -1196,38 +1521,63 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); Crypto_Init(); - char* data_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* data_b = NULL; - int data_l = 0; - - uint8_t* ptr_enc_frame = NULL; + char *data_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *data_b = NULL; + int data_l = 0; + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; hex_conversion(data_h, &data_b, &data_l); + float ttl_time_lsa_kmc = + Apply_Security_Loop((uint8_t *)data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - float ttl_time_lsa_kmc = Apply_Security_Loop((uint8_t *) data_b, data_l, ptr_enc_frame, &enc_frame_len, num_frames_1K); - - if(ttl_time_lsa_kmc < 0) status = CRYPTO_LIB_ERROR; + if (ttl_time_lsa_kmc < 0) + status = CRYPTO_LIB_ERROR; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - + printf("\nMDB+KMC AUTH ONLY Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_kmc)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_kmc) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_kmc, "Auth Only: MDB+KMC Apply Security LONG", num_frames_1K, 0); - + Crypto_Shutdown(); free(data_b); free(ptr_enc_frame); diff --git a/test/performance/pt_auth_enc_as.c b/test/performance/pt_auth_enc_as.c index 6f5ecfc6..8f2a1ad8 100644 --- a/test/performance/pt_auth_enc_as.c +++ b/test/performance/pt_auth_enc_as.c @@ -17,8 +17,8 @@ */ /** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. - * BE SURE TO HAVE APPROPRIATE SA's READY FOR EACH SET OF TESTS + * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB + *Functionality Enabled. BE SURE TO HAVE APPROPRIATE SA's READY FOR EACH SET OF TESTS **/ #include "crypto.h" #include "crypto_error.h" @@ -33,62 +33,66 @@ #include #ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +#define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" #else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +/* KMC_MDB_DB */ +#define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" #endif -int num_frames_1K = 1; +int num_frames_1K = 1; int num_frames_100 = 1; -void Write_To_File(uint16_t enc_frame_len, float total_time, char* test_name, int num_frames, int reset) +void Write_To_File(uint16_t enc_frame_len, float total_time, char *test_name, int num_frames, int reset) { - if(reset == 1) + if (reset == 1) { - if(access("PERFORMANCE_RESULTS_AEAS.csv", F_OK) == 0) + if (access("PERFORMANCE_RESULTS_AEAS.csv", F_OK) == 0) { int deleted = remove("PERFORMANCE_RESULTS_AEAS.csv"); - if(deleted){printf("ERROR Deleting File!\n");} + if (deleted) + { + printf("ERROR Deleting File!\n"); + } } } FILE *fp = NULL; - fp = fopen("PERFORMANCE_RESULTS_AEAS.csv", "a"); + fp = fopen("PERFORMANCE_RESULTS_AEAS.csv", "a"); if (fp != NULL) - { - if(reset ==1) fprintf(fp, "Name of Test,Frames Sent,Bytes per Frame,Total Time,Mbps\n"); - fprintf(fp, "%s,%d,%d,%f,%f\n", test_name, num_frames, enc_frame_len, total_time, (((enc_frame_len * 8 * num_frames)/total_time)/1024/1024)); + { + if (reset == 1) + fprintf(fp, "Name of Test,Frames Sent,Bytes per Frame,Total Time,Mbps\n"); + fprintf(fp, "%s,%d,%d,%f,%f\n", test_name, num_frames, enc_frame_len, total_time, + (((enc_frame_len * 8 * num_frames) / total_time) / 1024 / 1024)); } fclose(fp); - } double Apply_Security_Loop(uint8_t *frame, int frame_length, uint8_t *enc_frame, uint16_t *enc_frame_len, int num_loops) { struct timespec begin, end; - double total_time; + double total_time; total_time = 0.0; - frame = frame; - frame_length = frame_length; + frame = frame; + frame_length = frame_length; enc_frame_len = enc_frame_len; int32_t status = CRYPTO_LIB_SUCCESS; - for(int i = 0; i < num_loops; i++) + for (int i = 0; i < num_loops; i++) { - printf("LOOP NUMBER: %d\n", i+1); + printf("LOOP NUMBER: %d\n", i + 1); clock_gettime(CLOCK_REALTIME, &begin); status = Crypto_TC_ApplySecurity(frame, frame_length, &enc_frame, enc_frame_len); clock_gettime(CLOCK_REALTIME, &end); free(enc_frame); - long seconds = end.tv_sec - begin.tv_sec; - long nanoseconds = end.tv_nsec - begin.tv_nsec; - double elapsed = seconds + nanoseconds*1e-9; + long seconds = end.tv_sec - begin.tv_sec; + long nanoseconds = end.tv_nsec - begin.tv_nsec; + double elapsed = seconds + nanoseconds * 1e-9; if (status != CRYPTO_LIB_SUCCESS) { @@ -105,22 +109,25 @@ double Apply_Security_Loop(uint8_t *frame, int frame_length, uint8_t *enc_frame, UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = + "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); float ttl_time_lsa_clib_100 = 0.0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -128,14 +135,14 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) test_association->sa_state = SA_OPERATIONAL; test_association->arsn_len = 0; - ttl_time_lsa_clib_100 = - Apply_Security_Loop((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, &enc_frame_len, num_frames_100); + ttl_time_lsa_clib_100 = Apply_Security_Loop((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, + &enc_frame_len, num_frames_100); printf("\nLSA+LIBG Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_clib_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_clib_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_clib_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_clib_100, "LSA+LIBG Apply Security SHORT", num_frames_100, 1); @@ -148,34 +155,42 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - printf("\nMDB+LIBG Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+LIBG Apply Security SHORT", num_frames_100, 0); Crypto_Shutdown(); @@ -187,33 +202,39 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - printf("\nLSA+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "LSA+KMC Apply Security SHORT", num_frames_100, 0); Crypto_Shutdown(); @@ -225,35 +246,44 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+KMC Apply Security SHORT", num_frames_100, 0); Crypto_Shutdown(); @@ -265,22 +295,32 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); float ttl_time_lsa_clib_100 = 0.0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -288,14 +328,14 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) test_association->sa_state = SA_OPERATIONAL; test_association->arsn_len = 0; - ttl_time_lsa_clib_100 = - Apply_Security_Loop((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, &enc_frame_len, num_frames_100); + ttl_time_lsa_clib_100 = Apply_Security_Loop((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, + &enc_frame_len, num_frames_100); printf("\nLSA+LIBG Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_clib_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_clib_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_clib_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_clib_100, "LSA+LIBG Apply Security MED", num_frames_100, 0); @@ -308,34 +348,49 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+LIBG Apply Security MED", num_frames_100, 0); Crypto_Shutdown(); @@ -347,32 +402,46 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) UTEST(PERFORMANCE, LSA_KMC_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); + printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "LSA+KMC Apply Security MED", num_frames_100, 0); Crypto_Shutdown(); @@ -384,35 +453,51 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) UTEST(PERFORMANCE, MDB_KMC_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_long = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_long = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+KMC Apply Security MED", num_frames_100, 0); @@ -427,21 +512,41 @@ UTEST(PERFORMANCE, MDB_KMC_MED_100) UTEST(PERFORMANCE, LSA_LIBG_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); float ttl_time_lsa_clib_100 = 0.0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -449,14 +554,14 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) test_association->sa_state = SA_OPERATIONAL; test_association->arsn_len = 0; - ttl_time_lsa_clib_100 = - Apply_Security_Loop((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, &enc_frame_len, num_frames_100); + ttl_time_lsa_clib_100 = Apply_Security_Loop((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, + &enc_frame_len, num_frames_100); printf("\nLSA+LIBG Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_clib_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_lsa_clib_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_lsa_clib_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_clib_100, "LSA+LIBG Apply Security LONG", num_frames_100, 0); @@ -469,32 +574,58 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_long = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_long = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); + printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+LIBG Apply Security LONG", num_frames_100, 0); @@ -507,35 +638,61 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) UTEST(PERFORMANCE, LSA_KMC_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_long = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_long = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "LSA+KMC Apply Security LONG", num_frames_100, 0); Crypto_Shutdown(); @@ -547,35 +704,61 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) UTEST(PERFORMANCE, MDB_KMC_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_long = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_long = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_100); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_100); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+KMC Apply Security LONG", num_frames_100, 0); @@ -590,22 +773,25 @@ UTEST(PERFORMANCE, MDB_KMC_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = + "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); float ttl_time_lsa_clib_100 = 0.0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -613,14 +799,14 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1000) test_association->sa_state = SA_OPERATIONAL; test_association->arsn_len = 0; - ttl_time_lsa_clib_100 = - Apply_Security_Loop((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); + ttl_time_lsa_clib_100 = Apply_Security_Loop((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, + &enc_frame_len, num_frames_1K); printf("\nLSA+LIBG Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_clib_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_clib_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_clib_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_clib_100, "LSA+LIBG Apply Security SHORT", num_frames_1K, 0); @@ -633,34 +819,42 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1000) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+LIBG Apply Security SHORT", num_frames_1K, 0); Crypto_Shutdown(); @@ -672,33 +866,39 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) UTEST(PERFORMANCE, LSA_KMC_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "LSA+KMC Apply Security SHORT", num_frames_1K, 0); Crypto_Shutdown(); @@ -710,35 +910,44 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1000) UTEST(PERFORMANCE, MDB_KMC_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C046100ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEFF01C"; + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+KMC Apply Security SHORT", num_frames_1K, 0); Crypto_Shutdown(); @@ -750,22 +959,32 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_1000) UTEST(PERFORMANCE, LSA_LIBG_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); float ttl_time_lsa_clib_100 = 0.0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -773,14 +992,14 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1000) test_association->sa_state = SA_OPERATIONAL; test_association->arsn_len = 0; - ttl_time_lsa_clib_100 = - Apply_Security_Loop((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); + ttl_time_lsa_clib_100 = Apply_Security_Loop((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, + &enc_frame_len, num_frames_1K); printf("\nLSA+LIBG Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_clib_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_clib_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_clib_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_clib_100, "LSA+LIBG Apply Security MED", num_frames_1K, 0); @@ -793,34 +1012,49 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1000) UTEST(PERFORMANCE, MDB_LIBG_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+LIBG Apply Security MED", num_frames_1K, 0); Crypto_Shutdown(); @@ -832,32 +1066,46 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1000) UTEST(PERFORMANCE, LSA_KMC_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_short = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_short = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_short, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); + printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "LSA+KMC Apply Security MED", num_frames_1K, 0); Crypto_Shutdown(); @@ -869,35 +1117,51 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1000) UTEST(PERFORMANCE, MDB_KMC_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_long = "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_long = + "202C05E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b00313011"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+KMC Apply Security MED", num_frames_1K, 0); @@ -912,21 +1176,41 @@ UTEST(PERFORMANCE, MDB_KMC_MED_1000) UTEST(PERFORMANCE, LSA_LIBG_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); float ttl_time_lsa_clib_100 = 0.0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -934,14 +1218,14 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1000) test_association->sa_state = SA_OPERATIONAL; test_association->arsn_len = 0; - ttl_time_lsa_clib_100 = - Apply_Security_Loop((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); + ttl_time_lsa_clib_100 = Apply_Security_Loop((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, ptr_enc_frame, + &enc_frame_len, num_frames_1K); printf("\nLSA+LIBG Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_clib_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_lsa_clib_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_lsa_clib_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_lsa_clib_100, "LSA+LIBG Apply Security LONG", num_frames_1K, 0); @@ -954,32 +1238,58 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1000) UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_long = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_long = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); + printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+LIBG Apply Security LONG", num_frames_1K, 0); @@ -992,76 +1302,128 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) UTEST(PERFORMANCE, LSA_KMC_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_long = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_long = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "LSA+KMC Apply Security LONG", num_frames_1K, 0); Crypto_Shutdown(); free(raw_tc_jpl_mmt_scid44_vcid1_expect); free(ptr_enc_frame); - //free(cryptography_kmc_crypto_config); + // free(cryptography_kmc_crypto_config); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } UTEST(PERFORMANCE, MDB_KMC_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - char* raw_tc_jpl_mmt_scid44_vcid1_long = "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b0031626E"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - float ttl_time_mdb_kmc_100 = 0.0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; + char *raw_tc_jpl_mmt_scid44_vcid1_long = + "202C07E1000080d2c70008197fABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789AB" + "CDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" + "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567" + "89ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345" + "6789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123" + "456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01" + "23456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF" + "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCD" + "EF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF01234567890b" + "0031626E"; + + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + float ttl_time_mdb_kmc_100 = 0.0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1_long, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ttl_time_mdb_kmc_100 = + Apply_Security_Loop((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, + ptr_enc_frame, &enc_frame_len, num_frames_1K); - ttl_time_mdb_kmc_100 = Apply_Security_Loop((uint8_t* )raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, ptr_enc_frame, &enc_frame_len, num_frames_1K); - printf("\nMDB+KMC Apply Security\n"); printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", enc_frame_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((enc_frame_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(enc_frame_len, ttl_time_mdb_kmc_100, "MDB+KMC Apply Security LONG", num_frames_1K, 0); diff --git a/test/performance/pt_auth_enc_ps.c b/test/performance/pt_auth_enc_ps.c index cf99b61c..bfee7261 100644 --- a/test/performance/pt_auth_enc_ps.c +++ b/test/performance/pt_auth_enc_ps.c @@ -17,8 +17,8 @@ */ /** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. - * BE SURE TO HAVE APPROPRIATE SA's READY FOR EACH SET OF TESTS + * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB + *Functionality Enabled. BE SURE TO HAVE APPROPRIATE SA's READY FOR EACH SET OF TESTS **/ #include "crypto.h" #include "crypto_error.h" @@ -32,64 +32,66 @@ #include #include -int num_frames_1K = 1; +int num_frames_1K = 1; int num_frames_100 = 1; #ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +#define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" #else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +/* KMC_MDB_DB */ +#define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" #endif - -void Write_To_File(uint16_t enc_frame_len, float total_time, char* test_name, int num_frames, int reset) +void Write_To_File(uint16_t enc_frame_len, float total_time, char *test_name, int num_frames, int reset) { - if(reset == 1) + if (reset == 1) { - if(access("PERFORMANCE_RESULTS_AEPS.csv", F_OK) == 0) + if (access("PERFORMANCE_RESULTS_AEPS.csv", F_OK) == 0) { int deleted = remove("PERFORMANCE_RESULTS_AEPS.csv"); - if(deleted){printf("ERROR Deleting File!\n");} + if (deleted) + { + printf("ERROR Deleting File!\n"); + } } } FILE *fp = NULL; - fp = fopen("PERFORMANCE_RESULTS_AEPS.csv", "a"); + fp = fopen("PERFORMANCE_RESULTS_AEPS.csv", "a"); if (fp != NULL) - { - if(reset ==1) fprintf(fp, "Name of Test,Frames Sent,Bytes per Frame,Total Time,Mbps\n"); - fprintf(fp, "%s,%d,%d,%f,%f\n", test_name, num_frames, enc_frame_len, total_time, (((enc_frame_len * 8 * num_frames)/total_time)/1024/1024)); + { + if (reset == 1) + fprintf(fp, "Name of Test,Frames Sent,Bytes per Frame,Total Time,Mbps\n"); + fprintf(fp, "%s,%d,%d,%f,%f\n", test_name, num_frames, enc_frame_len, total_time, + (((enc_frame_len * 8 * num_frames) / total_time) / 1024 / 1024)); } fclose(fp); - } -double Process_Security_Loop(char *data_b, int* data_l, TC_t* processed_frame, int num_loops) +double Process_Security_Loop(char *data_b, int *data_l, TC_t *processed_frame, int num_loops) { struct timespec begin, end; - double total_time; + double total_time; total_time = 0.0; - int32_t status = CRYPTO_LIB_SUCCESS; - for(int i = 0; i < num_loops; i++) + for (int i = 0; i < num_loops; i++) { - printf("LOOP NUMBER: %d\n", i+1); + printf("LOOP NUMBER: %d\n", i + 1); clock_gettime(CLOCK_REALTIME, &begin); - status = Crypto_TC_ProcessSecurity((uint8_t*) data_b, data_l, processed_frame); + status = Crypto_TC_ProcessSecurity((uint8_t *)data_b, data_l, processed_frame); clock_gettime(CLOCK_REALTIME, &end); free(processed_frame->tc_sec_header.iv); free(processed_frame->tc_sec_header.sn); free(processed_frame->tc_sec_header.pad); free(processed_frame->tc_sec_trailer.mac); - long seconds = end.tv_sec - begin.tv_sec; - long nanoseconds = end.tv_nsec - begin.tv_nsec; - double elapsed = seconds + nanoseconds*1e-9; + long seconds = end.tv_sec - begin.tv_sec; + long nanoseconds = end.tv_nsec - begin.tv_nsec; + double elapsed = seconds + nanoseconds * 1e-9; if (status != CRYPTO_LIB_SUCCESS) { @@ -114,17 +116,20 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C047F00000A00000000000000000000006367CCB04793EECE4ECFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DFB63A4245482C24985171000B61A0C7F0386C"; + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = "202C047F00000A00000000000000000000006367CCB04793EECE4ECFAE6926856AB15F27C747E4F00F0314AC3174263FCC8" + "ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A0" + "37D8E3696EFBF2052228DFB63A4245482C24985171000B61A0C7F0386C"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -142,9 +147,11 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", + (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security SHORT", num_frames_100, 1); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security SHORT", num_frames_100, + 1); Crypto_Shutdown(); free(data_b); @@ -154,19 +161,25 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C047F0000020000000000000000000070E304CDF655C3FE953D03F0C9322A30FC1E9E93A753017B3B7890A0FF7DECFFE57CBBE804F7CB184436CD7F21D92E01586D243D128E195834F3070365D9CE59D7F71F7F71C4E60FA424ADE3C3976200268804BB9CD6027F9BCFA3BF13F126C5565AF370736625F4A32B1B390B11D3"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = "202C047F0000020000000000000000000070E304CDF655C3FE953D03F0C9322A30FC1E9E93A753017B3B7890A0FF7DECFFE" + "57CBBE804F7CB184436CD7F21D92E01586D243D128E195834F3070365D9CE59D7F71F7F71C4E60FA424ADE3C39762002688" + "04BB9CD6027F9BCFA3BF13F126C5565AF370736625F4A32B1B390B11D3"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); hex_conversion(data_h, &data_b, &data_l); @@ -176,9 +189,11 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_mdb_libg_100)/1024/1024)); + printf("\tMbps: %f\n", + (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_mdb_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_libg_100, "MDB+LIBG Process Security SHORT", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_libg_100, "MDB+LIBG Process Security SHORT", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); free(processed_frame); @@ -187,22 +202,26 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C047F00000A00000000000000000000006367CCB04793EECE4ECFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DFB63A4245482C24985171000B61A0C7F0386C"; + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = "202C047F00000A00000000000000000000006367CCB04793EECE4ECFAE6926856AB15F27C747E4F00F0314AC3174263FCC8" + "ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A0" + "37D8E3696EFBF2052228DFB63A4245482C24985171000B61A0C7F0386C"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -221,9 +240,10 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_lsa_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_lsa_kmc_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security SHORT", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security SHORT", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); free(processed_frame); @@ -232,20 +252,27 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C047F0000020000000000000000000071B20E13F2B09519E820E696F04588AACE79E1827D42E5EA66F450E2C4893674185EC19C970BE7CABD06AB8768B04F5A29A1AA58FC539A3010EB674B2FC821441BA36AF225474E8E0998513417C525336E858704588E4F3083EC3EA4245D3C6F1CA5312A20DC3AADC47A0310C7FB09"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = "202C047F0000020000000000000000000071B20E13F2B09519E820E696F04588AACE79E1827D42E5EA66F450E2C48936741" + "85EC19C970BE7CABD06AB8768B04F5A29A1AA58FC539A3010EB674B2FC821441BA36AF225474E8E0998513417C525336E85" + "8704588E4F3083EC3EA4245D3C6F1CA5312A20DC3AADC47A0310C7FB09"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary @@ -257,9 +284,10 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security SHORT", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security SHORT", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); free(processed_frame); @@ -270,22 +298,33 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C05FF00000A000000000000000000000063CC818D81B0A3B0B8CFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DF90F3545628E3182AADD4E7084E423A4CCA88F7C0BAE07A50169E687A1D6232EA056F02AD1F8362D9168A239CDF20EA0615E2FF9B3FC9E02852DD335F0ABCEBBC45A037E073A09B3300B3A2275A646209F4F5BF9C95A9D2A20881273A269B5DB614572D1E117CB73587832D3D63ACD4AD8C9C73AE9A0E521A8C85E19D20F9D670E709924849C46D578D91C0790EF998663E03DE0B830360B2C8E14DF8FA33BC0AC0120CCCA5823543E999C48064B140D8034EBB299E238E526B0443C239EE1CBA826BDAA8705DF421B073A08706D38E11DBD988E08EF9A38C4E4E726326FF54DC43AA76B0EAF004973BCDD51265B306D68EF393E6389AE35858D1B619A3B7D6A3656C3F8EA9512FA6685A3F2710A5A6274FCA0B69275339BC09F3349700E4214A275B9362EE08D2E1E6BBFE0D038007470DD17D8133451B027D1C73AA491256489F6FA2B1964BBA4A6746544ABF98C20C9511E5EFF08678A4B04BFBDFDF401D092FEF153DAB01DB3EBBF0C1879758A6485342DF30D84F46059846F2B910AC279437195F7B80DB14495CA46D9BC075A94CEE7F"; + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C05FF00000A000000000000000000000063CC818D81B0A3B0B8CFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A70" + "5DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DF" + "90F3545628E3182AADD4E7084E423A4CCA88F7C0BAE07A50169E687A1D6232EA056F02AD1F8362D9168A239CDF20EA0615E2FF9B3FC9E0" + "2852DD335F0ABCEBBC45A037E073A09B3300B3A2275A646209F4F5BF9C95A9D2A20881273A269B5DB614572D1E117CB73587832D3D63AC" + "D4AD8C9C73AE9A0E521A8C85E19D20F9D670E709924849C46D578D91C0790EF998663E03DE0B830360B2C8E14DF8FA33BC0AC0120CCCA5" + "823543E999C48064B140D8034EBB299E238E526B0443C239EE1CBA826BDAA8705DF421B073A08706D38E11DBD988E08EF9A38C4E4E7263" + "26FF54DC43AA76B0EAF004973BCDD51265B306D68EF393E6389AE35858D1B619A3B7D6A3656C3F8EA9512FA6685A3F2710A5A6274FCA0B" + "69275339BC09F3349700E4214A275B9362EE08D2E1E6BBFE0D038007470DD17D8133451B027D1C73AA491256489F6FA2B1964BBA4A6746" + "544ABF98C20C9511E5EFF08678A4B04BFBDFDF401D092FEF153DAB01DB3EBBF0C1879758A6485342DF30D84F46059846F2B910AC279437" + "195F7B80DB14495CA46D9BC075A94CEE7F"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -303,9 +342,11 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", + (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security MED", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security MED", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); @@ -315,19 +356,33 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C05FF000002000000000000000000007147C4888DE20936C8FFF8772894382BC0EADCFDA9B684BC64250309930E745CB9B300EA84D6C694C8688DCFA9007C276FDC33CDFE2CA12415C359FEDED084549487AA3FD876D04BC947B2EDA171983D7FEE5E627D93ADEF5EA9D9790203E1683B6454AD33614D47903A9D2BD46620FCB1A20DA9138B7A42DDA9F4E5207E3A1A15ECE4C917903B0CACEEED9EC8391AC0010F5BBD309EE3FDD5337BFE51F70DC07EB006B646967269CE93073402CCFB547577AA45CAC5823C35F6F76496F1621252491306EE70089F7DFAE6C1A9E515409E1603F61ADDD12C3BDFF98B2E8595B2CCC0F8339D081380EBBDC295DF274F8C4A02BBE1FC7E405CD54CF11FFA4FF6983A2AD6EAF2EB98EE3418191AE5CFCEBB8653091E4605D017C382990B18E2569A64DE56152CBF5B76D23614E60B449CE24924D549325A0447B88D931C8A0580DD167F5FD1B670A36D965FD3411005C4809F1CF1245C1DA008F1003B7334F933C89DDBF21BC556F8E5F244464A77FFB4320C64DBCD9DF82B3D720A8C9796C3BB8677355A7FF0BDC43D48D8990DC8EA34DA3B796AB0515341522D67FF629C283EA8B71CF261BD2F758443E880A3BEB61C5A839BD702D6D35F7B783B3752D59A1D4A4909A677F88572B84665184AE5149E9492728DA5BBDEA36B6B27E2E6F8194136604C98497056815197F871B8C36B51"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C05FF000002000000000000000000007147C4888DE20936C8FFF8772894382BC0EADCFDA9B684BC64250309930E745CB9B300EA84D6" + "C694C8688DCFA9007C276FDC33CDFE2CA12415C359FEDED084549487AA3FD876D04BC947B2EDA171983D7FEE5E627D93ADEF5EA9D97902" + "03E1683B6454AD33614D47903A9D2BD46620FCB1A20DA9138B7A42DDA9F4E5207E3A1A15ECE4C917903B0CACEEED9EC8391AC0010F5BBD" + "309EE3FDD5337BFE51F70DC07EB006B646967269CE93073402CCFB547577AA45CAC5823C35F6F76496F1621252491306EE70089F7DFAE6" + "C1A9E515409E1603F61ADDD12C3BDFF98B2E8595B2CCC0F8339D081380EBBDC295DF274F8C4A02BBE1FC7E405CD54CF11FFA4FF6983A2A" + "D6EAF2EB98EE3418191AE5CFCEBB8653091E4605D017C382990B18E2569A64DE56152CBF5B76D23614E60B449CE24924D549325A0447B8" + "8D931C8A0580DD167F5FD1B670A36D965FD3411005C4809F1CF1245C1DA008F1003B7334F933C89DDBF21BC556F8E5F244464A77FFB432" + "0C64DBCD9DF82B3D720A8C9796C3BB8677355A7FF0BDC43D48D8990DC8EA34DA3B796AB0515341522D67FF629C283EA8B71CF261BD2F75" + "8443E880A3BEB61C5A839BD702D6D35F7B783B3752D59A1D4A4909A677F88572B84665184AE5149E9492728DA5BBDEA36B6B27E2E6F819" + "4136604C98497056815197F871B8C36B51"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary hex_conversion(data_h, &data_b, &data_l); @@ -338,9 +393,11 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", + (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "MDB+LIBG Process Security MED", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "MDB+LIBG Process Security MED", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); @@ -350,22 +407,34 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) UTEST(PERFORMANCE, LSA_KMC_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C05FF00000A000000000000000000000010B7D5264AA13C588EBCE851BB4CF923A94BDCB9E04ABB6688055EE94074AEFF78139C195EFB6D26F9D5DF2A002D4D26F6C1420F623D9EC8AC1B47EF469314F30D2466B5A1F8E4DC1ED2FFDA3B82C6BF6A8CC93B220C9B15A7FDCC1C3D86AEAA7EC2158D603F5FA4E102AE14917E5CF9B4A5EDC23E4EC5E42368C0D8FB1CF9FBCEE6ADC4790ACDE3B91BA41907416B949B7852DBFF244752242405E58A2C9B48D26E428DC89168A7AD434D3800B60192016F7925A27E12EE8F6C58BFC4D5297C39139B4871A2A37A1B5E4669F753A95003569BDD6CA8DB454CB25677D9227D9744EC09391F56A22970580AF34E5743918CF87387918596155B153CC913B588D07E96D765B11703B2D6C5910BFF92042C5ABD4FC474A0E050DACA184FCE4CAF82903F5C2BE659BD8551D1CA66BBA61B3611D4E9DA7E3060400A80F7F9504867F0943BCAC62EA2D07DD1BEE2FBD52439FA45A5F1AB8041D724E6B73A3803AA0B701BA7821B797C30C71C3B3BAF0CFA3C76DBC8323FFB22FF8507C995B5C552883141054E8B0B01594BCA4E6741E6D5DCC5CCA0D5D8A0F07E4771607513AEC948157966E0D0A8B0C8F8AC3D114F1095781B6F29B37655484F8C7C700D41F7B231D2A4637B10EAFDEFA26D133ECE3FDECF73E379BE93E3488F91F82C01031839E851EB324969EA367D98965AC0FA351B"; + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C05FF00000A000000000000000000000010B7D5264AA13C588EBCE851BB4CF923A94BDCB9E04ABB6688055EE94074AEFF78139C195E" + "FB6D26F9D5DF2A002D4D26F6C1420F623D9EC8AC1B47EF469314F30D2466B5A1F8E4DC1ED2FFDA3B82C6BF6A8CC93B220C9B15A7FDCC1C" + "3D86AEAA7EC2158D603F5FA4E102AE14917E5CF9B4A5EDC23E4EC5E42368C0D8FB1CF9FBCEE6ADC4790ACDE3B91BA41907416B949B7852" + "DBFF244752242405E58A2C9B48D26E428DC89168A7AD434D3800B60192016F7925A27E12EE8F6C58BFC4D5297C39139B4871A2A37A1B5E" + "4669F753A95003569BDD6CA8DB454CB25677D9227D9744EC09391F56A22970580AF34E5743918CF87387918596155B153CC913B588D07E" + "96D765B11703B2D6C5910BFF92042C5ABD4FC474A0E050DACA184FCE4CAF82903F5C2BE659BD8551D1CA66BBA61B3611D4E9DA7E306040" + "0A80F7F9504867F0943BCAC62EA2D07DD1BEE2FBD52439FA45A5F1AB8041D724E6B73A3803AA0B701BA7821B797C30C71C3B3BAF0CFA3C" + "76DBC8323FFB22FF8507C995B5C552883141054E8B0B01594BCA4E6741E6D5DCC5CCA0D5D8A0F07E4771607513AEC948157966E0D0A8B0" + "C8F8AC3D114F1095781B6F29B37655484F8C7C700D41F7B231D2A4637B10EAFDEFA26D133ECE3FDECF73E379BE93E3488F91F82C010318" + "39E851EB324969EA367D98965AC0FA351B"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -384,7 +453,7 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_lsa_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_lsa_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security MED", num_frames_100, 0); Crypto_Shutdown(); @@ -395,20 +464,35 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) UTEST(PERFORMANCE, MDB_KMC_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C05FF0000020000000000000000000071B8A9140EDCF90BEB2E84643FB928463D5E7CA5A2CA190B13DFCCBD7C150FC57FCAE7812FD90A672132370F05C11740089A0A263DE28CCF66901393AD69E63E71BF7795929B3F1ECB93D8C73168C84150835C3942C6DE5C015FEEC35DF5227FC068098CFB6307D7D1D9888B81688DFED4D6A16915A636DD6D93C46DE65C869A9E08985D238D5898B07760EAC9DEF46E9F3A38BDF6A28B9185350DB8C0AD33CDA11E6DF84EB849E7288138CEA52F8E9BACB6C461D6E30E365E89697D1FEE1D484452207403A988B643779A07D56A91CFC0C7C197DDC0C68AD837D0FF248AFE3D0F5A46FEB4380EEF796C46D1A279A4D1E12103107FDF84BB1A4FCCF7E56460CEC85F99580597966B5214BBFE22E84E078EFB664D79A98A850F1FC2DDCCD43A92E25D5732C4700F86D2D342A67EBD2363032F7B2E1C1F2D7C003D0590FD4ABD064AE5C8FCFCD656A2AF510223345CC9F2F8837F3060A66F6DAF811E93600D9CB9BC3B3B66EFC395B86DF065C66C9C8A86192092AED70AC44A1D33D219ABE453E47764B78B5ED8689E06FA40A1276874E99560BA983B01B4268C1FD6B7CAA90B5148D2B39E2026C2E6AD56A9071894A7F6FD0BBE91F75519A0ACC72196F3CD72ACACD0820DA674215E80D63D3C9AFE59FFE547AB2F5F7EE16FFF9328EF6473BD7D3121116AD14868BDA4EA305636D744"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C05FF0000020000000000000000000071B8A9140EDCF90BEB2E84643FB928463D5E7CA5A2CA190B13DFCCBD7C150FC57FCAE7812FD9" + "0A672132370F05C11740089A0A263DE28CCF66901393AD69E63E71BF7795929B3F1ECB93D8C73168C84150835C3942C6DE5C015FEEC35D" + "F5227FC068098CFB6307D7D1D9888B81688DFED4D6A16915A636DD6D93C46DE65C869A9E08985D238D5898B07760EAC9DEF46E9F3A38BD" + "F6A28B9185350DB8C0AD33CDA11E6DF84EB849E7288138CEA52F8E9BACB6C461D6E30E365E89697D1FEE1D484452207403A988B643779A" + "07D56A91CFC0C7C197DDC0C68AD837D0FF248AFE3D0F5A46FEB4380EEF796C46D1A279A4D1E12103107FDF84BB1A4FCCF7E56460CEC85F" + "99580597966B5214BBFE22E84E078EFB664D79A98A850F1FC2DDCCD43A92E25D5732C4700F86D2D342A67EBD2363032F7B2E1C1F2D7C00" + "3D0590FD4ABD064AE5C8FCFCD656A2AF510223345CC9F2F8837F3060A66F6DAF811E93600D9CB9BC3B3B66EFC395B86DF065C66C9C8A86" + "192092AED70AC44A1D33D219ABE453E47764B78B5ED8689E06FA40A1276874E99560BA983B01B4268C1FD6B7CAA90B5148D2B39E2026C2" + "E6AD56A9071894A7F6FD0BBE91F75519A0ACC72196F3CD72ACACD0820DA674215E80D63D3C9AFE59FFE547AB2F5F7EE16FFF9328EF6473" + "BD7D3121116AD14868BDA4EA305636D744"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary @@ -420,7 +504,7 @@ UTEST(PERFORMANCE, MDB_KMC_MED_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security MED", num_frames_100, 0); Crypto_Shutdown(); @@ -433,22 +517,42 @@ UTEST(PERFORMANCE, MDB_KMC_MED_100) UTEST(PERFORMANCE, LSA_LIBG_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C07FF00000A000000000000000000000063CC818D81B0A3B0B8CFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DF90F3545628E3182AADD4E7084E423A4CCA88F7C0BAE07A50169E687A1D6232EA056F02AD1F8362D9168A239CDF20EA0615E2FF9B3FC9E02852DD335F0ABCEBBC45A037E073A09B3300B3A2275A646209F4F5BF9C95A9D2A20881273A269B5DB614572D1E117CB73587832D3D63ACD4AD8C9C73AE9A0E521A8C85E19D20F9D670E709924849C46D578D91C0790EF998663E03DE0B830360B2C8E14DF8FA33BC0AC0120CCCA5823543E999C48064B140D8034EBB299E238E526B0443C239EE1CBA826BDAA8705DF421B073A08706D38E11DBD988E08EF9A38C4E4E726326FF54DC43AA76B0EAF004973BCDD51265B306D68EF393E6389AE35858D1B619A3B7D6A3656C3F8EA9512FA6685A3F2710A5A6274FCA0B69275339BC09F3349700E4214A275B9362EE08D2E1E6BBFE0D038007470DD17D8133451B027D1C73AA491256489F6FA2B1964BBA4A6746544ABF98C20C9511E5EFF08678A4B04BFBDFDF401D092FEF153DAB01DB3EBBF0C1879758A6485342DF30D84F46059846F2B9100CEA4A31F68604E41C4448D56A4174B38CF4BA1B365904A442ABCAE1773DBD4007470E674DD5422C5F6DE74EBB068C1C0EEBB68378BB1CFFBC8893DB94136AA501D30C7AEA14135C95C7FA017A893681DF3696448D7F4523102B0A93D183097560B75145754158C7A77B8CE69A7BC7625E28B59FCAD104FDB619B2BB9D5BA7C621697EBC87F80A7FD43480A46828E433314522B9146FCA62CB2105D1EB22D19F55FAE320ED16D54F150FD20081F1336572D128F6D2803A09E8E35456ECB1D6AE0A3A8ECCE231C4602893171538BF40E5AD79003B2CEFA33FDD83D5A79E0BCF26A25754D1E91B279222393F8BDB7A07A0B5BD15458FAB9FB6138192D43A294A9FDE48F660A497305C49726BB3AF29521F8EB686441C34E2DF0BB5EE4E7B0FA14E0A56879A44D252BDA7939B777B6D283C85522F77202A574C0BA9049A3B9BBD059B2CE6CEAEE88B7C979FCB4333BB39AF5F14CFF8B8E8F477C15F11FC6A89365DD8CD258339AB6B748EAB34F93D007805E904A532E7BB5C90AE88209E6170A6656AFCBA6C9F6F5902A8117694C28BF9CF396648E993F5C59D5C60C5C175EEE70E2EA72EA67E2E6535E56E4F95B03B3B077572C6A021D1F1E54EA83DA804E84CD4EE2368917D367552B102B80A5DA8203F65FA9C1BDB5992C0A75F9FF4B9052CD1A59D1AFFC4F31397702C795E36FD31DB437F2376F0E5C9D451777AF0BF88CFE466EE9F4BF2B7929689EDFB2A529ECF8DAFF177E382"; + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C07FF00000A000000000000000000000063CC818D81B0A3B0B8CFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A70" + "5DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DF" + "90F3545628E3182AADD4E7084E423A4CCA88F7C0BAE07A50169E687A1D6232EA056F02AD1F8362D9168A239CDF20EA0615E2FF9B3FC9E0" + "2852DD335F0ABCEBBC45A037E073A09B3300B3A2275A646209F4F5BF9C95A9D2A20881273A269B5DB614572D1E117CB73587832D3D63AC" + "D4AD8C9C73AE9A0E521A8C85E19D20F9D670E709924849C46D578D91C0790EF998663E03DE0B830360B2C8E14DF8FA33BC0AC0120CCCA5" + "823543E999C48064B140D8034EBB299E238E526B0443C239EE1CBA826BDAA8705DF421B073A08706D38E11DBD988E08EF9A38C4E4E7263" + "26FF54DC43AA76B0EAF004973BCDD51265B306D68EF393E6389AE35858D1B619A3B7D6A3656C3F8EA9512FA6685A3F2710A5A6274FCA0B" + "69275339BC09F3349700E4214A275B9362EE08D2E1E6BBFE0D038007470DD17D8133451B027D1C73AA491256489F6FA2B1964BBA4A6746" + "544ABF98C20C9511E5EFF08678A4B04BFBDFDF401D092FEF153DAB01DB3EBBF0C1879758A6485342DF30D84F46059846F2B9100CEA4A31" + "F68604E41C4448D56A4174B38CF4BA1B365904A442ABCAE1773DBD4007470E674DD5422C5F6DE74EBB068C1C0EEBB68378BB1CFFBC8893" + "DB94136AA501D30C7AEA14135C95C7FA017A893681DF3696448D7F4523102B0A93D183097560B75145754158C7A77B8CE69A7BC7625E28" + "B59FCAD104FDB619B2BB9D5BA7C621697EBC87F80A7FD43480A46828E433314522B9146FCA62CB2105D1EB22D19F55FAE320ED16D54F15" + "0FD20081F1336572D128F6D2803A09E8E35456ECB1D6AE0A3A8ECCE231C4602893171538BF40E5AD79003B2CEFA33FDD83D5A79E0BCF26" + "A25754D1E91B279222393F8BDB7A07A0B5BD15458FAB9FB6138192D43A294A9FDE48F660A497305C49726BB3AF29521F8EB686441C34E2" + "DF0BB5EE4E7B0FA14E0A56879A44D252BDA7939B777B6D283C85522F77202A574C0BA9049A3B9BBD059B2CE6CEAEE88B7C979FCB4333BB" + "39AF5F14CFF8B8E8F477C15F11FC6A89365DD8CD258339AB6B748EAB34F93D007805E904A532E7BB5C90AE88209E6170A6656AFCBA6C9F" + "6F5902A8117694C28BF9CF396648E993F5C59D5C60C5C175EEE70E2EA72EA67E2E6535E56E4F95B03B3B077572C6A021D1F1E54EA83DA8" + "04E84CD4EE2368917D367552B102B80A5DA8203F65FA9C1BDB5992C0A75F9FF4B9052CD1A59D1AFFC4F31397702C795E36FD31DB437F23" + "76F0E5C9D451777AF0BF88CFE466EE9F4BF2B7929689EDFB2A529ECF8DAFF177E382"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -466,9 +570,11 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", + (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security LONG", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security LONG", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); @@ -478,19 +584,42 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C07FF000002000000000000000000007217E059763EF5ADFC613DFAC3D96B906BE1361B1652B72637738C5731EDEF6C0C8EF2A5915169F1C6BBF7755B2D96BEE2F6DBC490A432A1515A89F4164B00020159A9B8646EDA561DB153F0FF6B4FCDE2E1E7FF4A1F3C155742E9298CA19A3F360FCC6CEC154802771F81F7214709DAEFB8D7732D311C2D11BE133D9F4882A82EE5B16A204B102FC8B21E9F3F841589EB85A97ED72781A2A2482A7E81ADB16628D3C7E8B15BDE350A18D9C459A43DE5B048F8C97A92B56E39C05B41AC0119427AE80E5A85FF7D52D25AFFF8B361FE938051399238864B4ED9983BEB4BE0F467530ABA03BF9EAAAAC9899A934E8FDB7DBDF5FE7F6B10B461D88045DEFBE3B872D11DBE975F2EE94A4BE9225653EFE1D6B06CBD6B0987E74B15E348135C41A583A0B5F249B08615FBD9DADFF8C29C9ED9886501B39857A7E2971DE338BC25379CC1E525A1201DE30922C9E3975D7F7E7538FE3D08B9DDF34E7C9DAB5FC961747A4F6F2FAF5E1BEE8F1EBEC4403FE3F6AC90369A04CB64AEBFF8C2457EFB0FE7714F72712C5256CBF18F25BF1AF13F6B639CCBED04CDC6FBA65F09B3ADF0F912995C5AF40157706D7F572C3481AA215F6B1AF5B7DCD519EDCD02EF66358588A756F3AB8C4C7D7B446D425F0DC7D309BADA9078DE415175DDCEDBDEDD6028D67DD4B83DB1D15EAC3F1A8926D11903F1C48484EF953E846203E5EDF6FA62F93D1FCD5E70C3E17017CFB7FC7C9B8A71B4F2B290893E18C7CC2E0BD8CA9FA940D1DC5129B062CBD2FACEDE3D26F5CDB2CC38F013B032835F1E0C6F2898A77DC8859F485FD64CCA79BA79A0911F87F5EA2C1AE5F72D530E8AE17F094A964ABD43C55E7BB7EBD63479C0E1F4014E5BA6B11FBA230A038B9C1470E289555D4313A2C166B34316BDFA84C428F11E61C11B300039B6FAA1D44ABD313ACCAB31DEE5E7D461BE78428EFEBC7DFBC49CBCB5F98DE92F4F07B477A57CB3426D7A66E5A07CC49A1061F8912C68F7C691BEFBD6DF536A9F26AEAEB6968F3F35017760B1840D4CF1E277FE8D9A99326A9FAD68814DE6F929253F2D4F3AF046C578A434DBFEA4B2CC9834633CF5919085126D95F74A444328113408AE6D798FF6961C38822D4523F9AA99C766AE3E5104BE7EE0E027C2F9B73BA07ADA882762FD93F590BF29FD0429BBC83DB4F531C1187B8DECEC0E5171027433358CE6E0AAAF50B59AC32EDE3D5B198B7C6AD462F00F9E7E52A21DE992037FDED63EF5646C236701729096AC704DA4A649C244B24242795DA49B25C34AB8F2E824DE4F42E1D4F06CC79F594DB4F62F31CD928C4CD678451CA7511FBB30F771F45522410586A22321C683F98774C89864E9ADF030216BC083E991CA96E4E751324B7E0AC2775996CDF33A46E09BCC24856D3112D844D337C57B9519F966A4"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C07FF000002000000000000000000007217E059763EF5ADFC613DFAC3D96B906BE1361B1652B72637738C5731EDEF6C0C8EF2A59151" + "69F1C6BBF7755B2D96BEE2F6DBC490A432A1515A89F4164B00020159A9B8646EDA561DB153F0FF6B4FCDE2E1E7FF4A1F3C155742E9298C" + "A19A3F360FCC6CEC154802771F81F7214709DAEFB8D7732D311C2D11BE133D9F4882A82EE5B16A204B102FC8B21E9F3F841589EB85A97E" + "D72781A2A2482A7E81ADB16628D3C7E8B15BDE350A18D9C459A43DE5B048F8C97A92B56E39C05B41AC0119427AE80E5A85FF7D52D25AFF" + "F8B361FE938051399238864B4ED9983BEB4BE0F467530ABA03BF9EAAAAC9899A934E8FDB7DBDF5FE7F6B10B461D88045DEFBE3B872D11D" + "BE975F2EE94A4BE9225653EFE1D6B06CBD6B0987E74B15E348135C41A583A0B5F249B08615FBD9DADFF8C29C9ED9886501B39857A7E297" + "1DE338BC25379CC1E525A1201DE30922C9E3975D7F7E7538FE3D08B9DDF34E7C9DAB5FC961747A4F6F2FAF5E1BEE8F1EBEC4403FE3F6AC" + "90369A04CB64AEBFF8C2457EFB0FE7714F72712C5256CBF18F25BF1AF13F6B639CCBED04CDC6FBA65F09B3ADF0F912995C5AF40157706D" + "7F572C3481AA215F6B1AF5B7DCD519EDCD02EF66358588A756F3AB8C4C7D7B446D425F0DC7D309BADA9078DE415175DDCEDBDEDD6028D6" + "7DD4B83DB1D15EAC3F1A8926D11903F1C48484EF953E846203E5EDF6FA62F93D1FCD5E70C3E17017CFB7FC7C9B8A71B4F2B290893E18C7" + "CC2E0BD8CA9FA940D1DC5129B062CBD2FACEDE3D26F5CDB2CC38F013B032835F1E0C6F2898A77DC8859F485FD64CCA79BA79A0911F87F5" + "EA2C1AE5F72D530E8AE17F094A964ABD43C55E7BB7EBD63479C0E1F4014E5BA6B11FBA230A038B9C1470E289555D4313A2C166B34316BD" + "FA84C428F11E61C11B300039B6FAA1D44ABD313ACCAB31DEE5E7D461BE78428EFEBC7DFBC49CBCB5F98DE92F4F07B477A57CB3426D7A66" + "E5A07CC49A1061F8912C68F7C691BEFBD6DF536A9F26AEAEB6968F3F35017760B1840D4CF1E277FE8D9A99326A9FAD68814DE6F929253F" + "2D4F3AF046C578A434DBFEA4B2CC9834633CF5919085126D95F74A444328113408AE6D798FF6961C38822D4523F9AA99C766AE3E5104BE" + "7EE0E027C2F9B73BA07ADA882762FD93F590BF29FD0429BBC83DB4F531C1187B8DECEC0E5171027433358CE6E0AAAF50B59AC32EDE3D5B" + "198B7C6AD462F00F9E7E52A21DE992037FDED63EF5646C236701729096AC704DA4A649C244B24242795DA49B25C34AB8F2E824DE4F42E1" + "D4F06CC79F594DB4F62F31CD928C4CD678451CA7511FBB30F771F45522410586A22321C683F98774C89864E9ADF030216BC083E991CA96" + "E4E751324B7E0AC2775996CDF33A46E09BCC24856D3112D844D337C57B9519F966A4"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary hex_conversion(data_h, &data_b, &data_l); @@ -501,9 +630,11 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", + (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "MDB+LIBG Process Security LONG", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "MDB+LIBG Process Security LONG", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); @@ -513,22 +644,43 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) UTEST(PERFORMANCE, LSA_KMC_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C07FF00000A0000000000000000000000042DD72659FA856512F4C35CA125B94FA62D41A46ECE953F746436776EDBB107E4CB804D02C0A794341D4D7D5A83C8735001B649FABAC5D32D62E64D3A7768CA60B79861A05434DAF398873705D0226717B99079451D42F01FCA9CC895277B705096CA10A9873760CE387FCAB553B93D907F0C299B8427A514C09B36D9008DEFD8C38F7D9E2E7880430D08BFD76C98AE0A1E4A78A5D6E3651C81C418A20C1AA6871BD2C9170A411AB9C00376BC7019E867F7BA0D6A7C28A49E8462216D35C97DA05779F1DEE2A2C1C83E12362A2748E9D7555E8F8CAAAA85611DD3BE5E68C55949329FC64A94804449DA2442406FDFAD6878945EFC27479F4F4DCB82399978F9BAB3D583AC548CEB7EFFEC13D6EE49ECD258781B8F395B9B129F41A72CEDA58D5AE2373EDE39C037042BBFB926DC5C01C92A8D32AF6908754612C2CF6311CAEDF8E78DC3E632C4485D972CF70250A376E687551BB5CE544779AC915CB39ED489B0FA5F7B2948333F5D4DC9CD07D712C764A1085C696473FE62AB77DF0E7E67D91EAF1B1A96F9FE3014B33450B63E6783D2DB965EED2BD26392B221814AA01EEB646B54B2AA45A29F9808283E5FBF04B49C6A3BEE6480E67169825A4E2DA8EB0C7AC690C380107CC888722844DE1C600B2ACFB74ECEB4425B63E8B7AF906540D30333D27BB3DEDAC1A7F04A0584D06EBF0867BC6ADDFBF52B17A7FBE3AD2E814DA4307607DA9C3FC2818A527CDF4E41F4CBF853F25086E90BF8836A9C839830AA9D72283E92A5C5CAACC786CF7FBED1528666FEE7B02CA1ED6F5A05630366AA0DFA37D3B0AB13ADBB2EE053465F7C39A01FF125EADA21619420A89B7FC1706B7E2C6F21ECC923AE9E602FAAD137DBEA66B7CA8C536B00218DC58C398CA465F20DB15438E0D8A2D421AA56FFC7765B7B1903C20312103B86B96B2F8A2F8A72CEBC7D66F86FC2B1EC1662B602C72EEC1C2D6A0B6AF0DF1BC2AFE635C2AB2C083F06D303FE3E45766C80499073177429C7A81EF3883A86FC4271D8F0C91EAB043DCF130CFC2AA1A48C3C20F1ABC1CE1E17B3E64DF5FE4996E285DEC0011A22DAAED5C58529B77E273A2389548748B780271D33A8BB8C380CE1C3CE8F3B2A487DD10D828F3146A2CE61F94CAFF3A5A099A59BF8B59196F271FFF718D097779D56BA71ECFEC97FDDF7BCAC120C264581B3EE45D6C2B01DD0382178134B940D4048847CFB5555A95E33DE7D59C35D41BC37625A64E87AC5F425F7CF88C3D78FF3449464AD4BE53818E8238C9EDB9A1389CAA421A656CDDE86057D08F636AD4462EEBB09B942CE6C86ABA6935DE352AF100257C7B416842C1B4DE70F5DBF55087B297C32A26DC47920B1CD70D1D893EB12703CF04DBD58C4EAE5B5CB674582C69FFD4A06F8491F56DAC15DADFB508EDF1FAA"; + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C07FF00000A0000000000000000000000042DD72659FA856512F4C35CA125B94FA62D41A46ECE953F746436776EDBB107E4CB804D02" + "C0A794341D4D7D5A83C8735001B649FABAC5D32D62E64D3A7768CA60B79861A05434DAF398873705D0226717B99079451D42F01FCA9CC8" + "95277B705096CA10A9873760CE387FCAB553B93D907F0C299B8427A514C09B36D9008DEFD8C38F7D9E2E7880430D08BFD76C98AE0A1E4A" + "78A5D6E3651C81C418A20C1AA6871BD2C9170A411AB9C00376BC7019E867F7BA0D6A7C28A49E8462216D35C97DA05779F1DEE2A2C1C83E" + "12362A2748E9D7555E8F8CAAAA85611DD3BE5E68C55949329FC64A94804449DA2442406FDFAD6878945EFC27479F4F4DCB82399978F9BA" + "B3D583AC548CEB7EFFEC13D6EE49ECD258781B8F395B9B129F41A72CEDA58D5AE2373EDE39C037042BBFB926DC5C01C92A8D32AF690875" + "4612C2CF6311CAEDF8E78DC3E632C4485D972CF70250A376E687551BB5CE544779AC915CB39ED489B0FA5F7B2948333F5D4DC9CD07D712" + "C764A1085C696473FE62AB77DF0E7E67D91EAF1B1A96F9FE3014B33450B63E6783D2DB965EED2BD26392B221814AA01EEB646B54B2AA45" + "A29F9808283E5FBF04B49C6A3BEE6480E67169825A4E2DA8EB0C7AC690C380107CC888722844DE1C600B2ACFB74ECEB4425B63E8B7AF90" + "6540D30333D27BB3DEDAC1A7F04A0584D06EBF0867BC6ADDFBF52B17A7FBE3AD2E814DA4307607DA9C3FC2818A527CDF4E41F4CBF853F2" + "5086E90BF8836A9C839830AA9D72283E92A5C5CAACC786CF7FBED1528666FEE7B02CA1ED6F5A05630366AA0DFA37D3B0AB13ADBB2EE053" + "465F7C39A01FF125EADA21619420A89B7FC1706B7E2C6F21ECC923AE9E602FAAD137DBEA66B7CA8C536B00218DC58C398CA465F20DB154" + "38E0D8A2D421AA56FFC7765B7B1903C20312103B86B96B2F8A2F8A72CEBC7D66F86FC2B1EC1662B602C72EEC1C2D6A0B6AF0DF1BC2AFE6" + "35C2AB2C083F06D303FE3E45766C80499073177429C7A81EF3883A86FC4271D8F0C91EAB043DCF130CFC2AA1A48C3C20F1ABC1CE1E17B3" + "E64DF5FE4996E285DEC0011A22DAAED5C58529B77E273A2389548748B780271D33A8BB8C380CE1C3CE8F3B2A487DD10D828F3146A2CE61" + "F94CAFF3A5A099A59BF8B59196F271FFF718D097779D56BA71ECFEC97FDDF7BCAC120C264581B3EE45D6C2B01DD0382178134B940D4048" + "847CFB5555A95E33DE7D59C35D41BC37625A64E87AC5F425F7CF88C3D78FF3449464AD4BE53818E8238C9EDB9A1389CAA421A656CDDE86" + "057D08F636AD4462EEBB09B942CE6C86ABA6935DE352AF100257C7B416842C1B4DE70F5DBF55087B297C32A26DC47920B1CD70D1D893EB" + "12703CF04DBD58C4EAE5B5CB674582C69FFD4A06F8491F56DAC15DADFB508EDF1FAA"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -547,9 +699,10 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_lsa_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_lsa_kmc_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security LONG", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security LONG", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); free(processed_frame); @@ -558,20 +711,44 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) UTEST(PERFORMANCE, MDB_KMC_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C07FF00000200000000000000000000721BAC6AEED1D245278896BFCE8F455FC3DA3DFFFC84F3A42360697AC41AA8387B67F79EE9E336B4F2900A074274C3D380C3076550FF491C2CD0131DE6EB2F2D2E5F1F8222A1421E911AD331872BF8A6A48165A8D4B0126B8F156EA11117F975D7F1289375EEC9972796EAE4554AD30C9EDB323518644DC504F4484BBB8447DDE7464F74BF271002141DCD5D961D2FA774703F4D708D21922D5D322D95F87762F93BC53AB12E7539784A7622502BD8BDDAD8CFF1415AD0CC27834CF6009A32E50AAC9B20612D4848B93689F1283C844739D03F96A81970A473167F37CAA1E7FF66C539285EB79AC17AF709D3FC7395479CAA2724189ED064AFEEE81D28ECD0CDEEA105A7F3D8AC2AC42C5FD4BC25569EDD6A5B9674A1F90034E031DB30EFDE4789BC381BAF2D367165CA77114B2B72155DD90A48BE229AC984A6153C3E78B3A6C453CC7D791A1FDF6982F8530EAE61649B5FB83776CE0F607B438A7FF0C13F79A778B295F020FA993ADA08CCE57CB7B6098CC3ABF96EEBC6313C361F7DD0230B9FDDF04ED5E0D206178B8F63F072D4DE6DE8A60D1D5279E86F1E518FB875EC7F86406C4719BB6C4F8682F7F2693341599587EC884B882252437BDE838C318F13C2474D909331A737F0BB651656DF1CF46DB16B911851B1C2CCE0A03E3D9DF7494B3AFB5C24FC793A9D52144482B8A4FEA666B472CBD6E4B8355F39E02BEF428C5B950571D3D195561E0BD004A9BA089CA0776FC42C60E95CD5B190A12143F71473A352DC64BD8E5796C7ECC88506F0A6BEE0600E922053ADC2CB43EDC6852E52C82C388CE39C1C30F6DC30DD5B67B3A326F099C0FC5B8A3BDDDD3D3E0E136889AE5578FF746C2D81162023DA4F7C7EE2312284BB88CCA91AC5090BA5C2E101234E6D50F642F77960205CB9DDAB3E09FE77997B7CC4BF0BBC5AFC11CFB8E53936AD637101390BEC5B534AA48236DEEAEA2901EC42EA699B3DF1E0F91A533E0D1D76432DEDC1A5A2E6763662BD1E8D29D29FDA13C072C549B2F42B0E3B796981853DD7B776CA27142E60C65FCECD23CE7624CA0D81E966248C4C5D10953A6F742AD27C87A4950B4F172B706F65CCA2EFDA0FA6715BD95DD2841DB5C3262B210BF126A548D09C1EF0F7F83FA379D389C1890804AEE56B1CC7F45BF4422CCA3FC165F36BC5DD3546DB386A3551F0F467377D952C82D2890E70840F738FDC49838B1F30A16D1AF8DFE9E594D88EEBAEAE3B6DBA33F8DC69D95246E43A394E1463D0EFCAD040FE57CE9E95C57098E7EE76C6507889EB94232DA84B11572D462F932C04CCD60E3372024B7978B8960EA9145A297E7DF1114E48E6048CFDD31C1859B1A468991E1E67FAEAD138652A0BAA7A4D99669882357ECC0893E4D96A1E6E3D754CA24D5D997EDB91C647436A18A47377"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C07FF00000200000000000000000000721BAC6AEED1D245278896BFCE8F455FC3DA3DFFFC84F3A42360697AC41AA8387B67F79EE9E3" + "36B4F2900A074274C3D380C3076550FF491C2CD0131DE6EB2F2D2E5F1F8222A1421E911AD331872BF8A6A48165A8D4B0126B8F156EA111" + "17F975D7F1289375EEC9972796EAE4554AD30C9EDB323518644DC504F4484BBB8447DDE7464F74BF271002141DCD5D961D2FA774703F4D" + "708D21922D5D322D95F87762F93BC53AB12E7539784A7622502BD8BDDAD8CFF1415AD0CC27834CF6009A32E50AAC9B20612D4848B93689" + "F1283C844739D03F96A81970A473167F37CAA1E7FF66C539285EB79AC17AF709D3FC7395479CAA2724189ED064AFEEE81D28ECD0CDEEA1" + "05A7F3D8AC2AC42C5FD4BC25569EDD6A5B9674A1F90034E031DB30EFDE4789BC381BAF2D367165CA77114B2B72155DD90A48BE229AC984" + "A6153C3E78B3A6C453CC7D791A1FDF6982F8530EAE61649B5FB83776CE0F607B438A7FF0C13F79A778B295F020FA993ADA08CCE57CB7B6" + "098CC3ABF96EEBC6313C361F7DD0230B9FDDF04ED5E0D206178B8F63F072D4DE6DE8A60D1D5279E86F1E518FB875EC7F86406C4719BB6C" + "4F8682F7F2693341599587EC884B882252437BDE838C318F13C2474D909331A737F0BB651656DF1CF46DB16B911851B1C2CCE0A03E3D9D" + "F7494B3AFB5C24FC793A9D52144482B8A4FEA666B472CBD6E4B8355F39E02BEF428C5B950571D3D195561E0BD004A9BA089CA0776FC42C" + "60E95CD5B190A12143F71473A352DC64BD8E5796C7ECC88506F0A6BEE0600E922053ADC2CB43EDC6852E52C82C388CE39C1C30F6DC30DD" + "5B67B3A326F099C0FC5B8A3BDDDD3D3E0E136889AE5578FF746C2D81162023DA4F7C7EE2312284BB88CCA91AC5090BA5C2E101234E6D50" + "F642F77960205CB9DDAB3E09FE77997B7CC4BF0BBC5AFC11CFB8E53936AD637101390BEC5B534AA48236DEEAEA2901EC42EA699B3DF1E0" + "F91A533E0D1D76432DEDC1A5A2E6763662BD1E8D29D29FDA13C072C549B2F42B0E3B796981853DD7B776CA27142E60C65FCECD23CE7624" + "CA0D81E966248C4C5D10953A6F742AD27C87A4950B4F172B706F65CCA2EFDA0FA6715BD95DD2841DB5C3262B210BF126A548D09C1EF0F7" + "F83FA379D389C1890804AEE56B1CC7F45BF4422CCA3FC165F36BC5DD3546DB386A3551F0F467377D952C82D2890E70840F738FDC49838B" + "1F30A16D1AF8DFE9E594D88EEBAEAE3B6DBA33F8DC69D95246E43A394E1463D0EFCAD040FE57CE9E95C57098E7EE76C6507889EB94232D" + "A84B11572D462F932C04CCD60E3372024B7978B8960EA9145A297E7DF1114E48E6048CFDD31C1859B1A468991E1E67FAEAD138652A0BAA" + "7A4D99669882357ECC0893E4D96A1E6E3D754CA24D5D997EDB91C647436A18A47377"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary @@ -583,9 +760,10 @@ UTEST(PERFORMANCE, MDB_KMC_LONG_100) printf("\tNumber of Frames Sent: %d\n", num_frames_100); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_100) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security LONG", num_frames_100, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security LONG", num_frames_100, + 0); Crypto_Shutdown(); free(data_b); free(processed_frame); @@ -596,22 +774,25 @@ UTEST(PERFORMANCE, MDB_KMC_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C047F00000A00000000000000000000006367CCB04793EECE4ECFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DFB63A4245482C24985171000B61A0C7F0386C"; + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = "202C047F00000A00000000000000000000006367CCB04793EECE4ECFAE6926856AB15F27C747E4F00F0314AC3174263FCC8" + "ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A0" + "37D8E3696EFBF2052228DFB63A4245482C24985171000B61A0C7F0386C"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -629,9 +810,10 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security SHORT", num_frames_1K, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security SHORT", num_frames_1K, + 0); Crypto_Shutdown(); free(data_b); @@ -641,19 +823,25 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C047F0000020000000000000000000070E304CDF655C3FE953D03F0C9322A30FC1E9E93A753017B3B7890A0FF7DECFFE57CBBE804F7CB184436CD7F21D92E01586D243D128E195834F3070365D9CE59D7F71F7F71C4E60FA424ADE3C3976200268804BB9CD6027F9BCFA3BF13F126C5565AF370736625F4A32B1B390B11D3"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = "202C047F0000020000000000000000000070E304CDF655C3FE953D03F0C9322A30FC1E9E93A753017B3B7890A0FF7DECFFE" + "57CBBE804F7CB184436CD7F21D92E01586D243D128E195834F3070365D9CE59D7F71F7F71C4E60FA424ADE3C39762002688" + "04BB9CD6027F9BCFA3BF13F126C5565AF370736625F4A32B1B390B11D3"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); hex_conversion(data_h, &data_b, &data_l); @@ -663,9 +851,10 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_mdb_libg_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_mdb_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_libg_100, "MDB+LIBG Process Security SHORT", num_frames_1K, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_libg_100, "MDB+LIBG Process Security SHORT", num_frames_1K, + 0); Crypto_Shutdown(); free(data_b); free(processed_frame); @@ -674,22 +863,26 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C047F00000A00000000000000000000006367CCB04793EECE4ECFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DFB63A4245482C24985171000B61A0C7F0386C"; + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = "202C047F00000A00000000000000000000006367CCB04793EECE4ECFAE6926856AB15F27C747E4F00F0314AC3174263FCC8" + "ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A0" + "37D8E3696EFBF2052228DFB63A4245482C24985171000B61A0C7F0386C"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -708,9 +901,10 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_lsa_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_lsa_kmc_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security SHORT", num_frames_1K, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security SHORT", num_frames_1K, + 0); Crypto_Shutdown(); free(data_b); free(processed_frame); @@ -719,20 +913,27 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C047F0000020000000000000000000071B20E13F2B09519E820E696F04588AACE79E1827D42E5EA66F450E2C4893674185EC19C970BE7CABD06AB8768B04F5A29A1AA58FC539A3010EB674B2FC821441BA36AF225474E8E0998513417C525336E858704588E4F3083EC3EA4245D3C6F1CA5312A20DC3AADC47A0310C7FB09"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = "202C047F0000020000000000000000000071B20E13F2B09519E820E696F04588AACE79E1827D42E5EA66F450E2C48936741" + "85EC19C970BE7CABD06AB8768B04F5A29A1AA58FC539A3010EB674B2FC821441BA36AF225474E8E0998513417C525336E85" + "8704588E4F3083EC3EA4245D3C6F1CA5312A20DC3AADC47A0310C7FB09"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary @@ -744,9 +945,10 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security SHORT", num_frames_1K, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security SHORT", num_frames_1K, + 0); Crypto_Shutdown(); free(data_b); free(processed_frame); @@ -757,22 +959,33 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) UTEST(PERFORMANCE, LSA_LIBG_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C05FF00000A000000000000000000000063CC818D81B0A3B0B8CFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DF90F3545628E3182AADD4E7084E423A4CCA88F7C0BAE07A50169E687A1D6232EA056F02AD1F8362D9168A239CDF20EA0615E2FF9B3FC9E02852DD335F0ABCEBBC45A037E073A09B3300B3A2275A646209F4F5BF9C95A9D2A20881273A269B5DB614572D1E117CB73587832D3D63ACD4AD8C9C73AE9A0E521A8C85E19D20F9D670E709924849C46D578D91C0790EF998663E03DE0B830360B2C8E14DF8FA33BC0AC0120CCCA5823543E999C48064B140D8034EBB299E238E526B0443C239EE1CBA826BDAA8705DF421B073A08706D38E11DBD988E08EF9A38C4E4E726326FF54DC43AA76B0EAF004973BCDD51265B306D68EF393E6389AE35858D1B619A3B7D6A3656C3F8EA9512FA6685A3F2710A5A6274FCA0B69275339BC09F3349700E4214A275B9362EE08D2E1E6BBFE0D038007470DD17D8133451B027D1C73AA491256489F6FA2B1964BBA4A6746544ABF98C20C9511E5EFF08678A4B04BFBDFDF401D092FEF153DAB01DB3EBBF0C1879758A6485342DF30D84F46059846F2B910AC279437195F7B80DB14495CA46D9BC075A94CEE7F"; + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C05FF00000A000000000000000000000063CC818D81B0A3B0B8CFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A70" + "5DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DF" + "90F3545628E3182AADD4E7084E423A4CCA88F7C0BAE07A50169E687A1D6232EA056F02AD1F8362D9168A239CDF20EA0615E2FF9B3FC9E0" + "2852DD335F0ABCEBBC45A037E073A09B3300B3A2275A646209F4F5BF9C95A9D2A20881273A269B5DB614572D1E117CB73587832D3D63AC" + "D4AD8C9C73AE9A0E521A8C85E19D20F9D670E709924849C46D578D91C0790EF998663E03DE0B830360B2C8E14DF8FA33BC0AC0120CCCA5" + "823543E999C48064B140D8034EBB299E238E526B0443C239EE1CBA826BDAA8705DF421B073A08706D38E11DBD988E08EF9A38C4E4E7263" + "26FF54DC43AA76B0EAF004973BCDD51265B306D68EF393E6389AE35858D1B619A3B7D6A3656C3F8EA9512FA6685A3F2710A5A6274FCA0B" + "69275339BC09F3349700E4214A275B9362EE08D2E1E6BBFE0D038007470DD17D8133451B027D1C73AA491256489F6FA2B1964BBA4A6746" + "544ABF98C20C9511E5EFF08678A4B04BFBDFDF401D092FEF153DAB01DB3EBBF0C1879758A6485342DF30D84F46059846F2B910AC279437" + "195F7B80DB14495CA46D9BC075A94CEE7F"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -790,9 +1003,10 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security MED", num_frames_1K, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security MED", num_frames_1K, + 0); Crypto_Shutdown(); free(data_b); @@ -802,19 +1016,33 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C05FF000002000000000000000000007147C4888DE20936C8FFF8772894382BC0EADCFDA9B684BC64250309930E745CB9B300EA84D6C694C8688DCFA9007C276FDC33CDFE2CA12415C359FEDED084549487AA3FD876D04BC947B2EDA171983D7FEE5E627D93ADEF5EA9D9790203E1683B6454AD33614D47903A9D2BD46620FCB1A20DA9138B7A42DDA9F4E5207E3A1A15ECE4C917903B0CACEEED9EC8391AC0010F5BBD309EE3FDD5337BFE51F70DC07EB006B646967269CE93073402CCFB547577AA45CAC5823C35F6F76496F1621252491306EE70089F7DFAE6C1A9E515409E1603F61ADDD12C3BDFF98B2E8595B2CCC0F8339D081380EBBDC295DF274F8C4A02BBE1FC7E405CD54CF11FFA4FF6983A2AD6EAF2EB98EE3418191AE5CFCEBB8653091E4605D017C382990B18E2569A64DE56152CBF5B76D23614E60B449CE24924D549325A0447B88D931C8A0580DD167F5FD1B670A36D965FD3411005C4809F1CF1245C1DA008F1003B7334F933C89DDBF21BC556F8E5F244464A77FFB4320C64DBCD9DF82B3D720A8C9796C3BB8677355A7FF0BDC43D48D8990DC8EA34DA3B796AB0515341522D67FF629C283EA8B71CF261BD2F758443E880A3BEB61C5A839BD702D6D35F7B783B3752D59A1D4A4909A677F88572B84665184AE5149E9492728DA5BBDEA36B6B27E2E6F8194136604C98497056815197F871B8C36B51"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C05FF000002000000000000000000007147C4888DE20936C8FFF8772894382BC0EADCFDA9B684BC64250309930E745CB9B300EA84D6" + "C694C8688DCFA9007C276FDC33CDFE2CA12415C359FEDED084549487AA3FD876D04BC947B2EDA171983D7FEE5E627D93ADEF5EA9D97902" + "03E1683B6454AD33614D47903A9D2BD46620FCB1A20DA9138B7A42DDA9F4E5207E3A1A15ECE4C917903B0CACEEED9EC8391AC0010F5BBD" + "309EE3FDD5337BFE51F70DC07EB006B646967269CE93073402CCFB547577AA45CAC5823C35F6F76496F1621252491306EE70089F7DFAE6" + "C1A9E515409E1603F61ADDD12C3BDFF98B2E8595B2CCC0F8339D081380EBBDC295DF274F8C4A02BBE1FC7E405CD54CF11FFA4FF6983A2A" + "D6EAF2EB98EE3418191AE5CFCEBB8653091E4605D017C382990B18E2569A64DE56152CBF5B76D23614E60B449CE24924D549325A0447B8" + "8D931C8A0580DD167F5FD1B670A36D965FD3411005C4809F1CF1245C1DA008F1003B7334F933C89DDBF21BC556F8E5F244464A77FFB432" + "0C64DBCD9DF82B3D720A8C9796C3BB8677355A7FF0BDC43D48D8990DC8EA34DA3B796AB0515341522D67FF629C283EA8B71CF261BD2F75" + "8443E880A3BEB61C5A839BD702D6D35F7B783B3752D59A1D4A4909A677F88572B84665184AE5149E9492728DA5BBDEA36B6B27E2E6F819" + "4136604C98497056815197F871B8C36B51"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary hex_conversion(data_h, &data_b, &data_l); @@ -825,9 +1053,10 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "MDB+LIBG Process Security MED", num_frames_1K, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "MDB+LIBG Process Security MED", num_frames_1K, + 0); Crypto_Shutdown(); free(data_b); @@ -837,22 +1066,34 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1K) UTEST(PERFORMANCE, LSA_KMC_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C05FF00000A000000000000000000000010B7D5264AA13C588EBCE851BB4CF923A94BDCB9E04ABB6688055EE94074AEFF78139C195EFB6D26F9D5DF2A002D4D26F6C1420F623D9EC8AC1B47EF469314F30D2466B5A1F8E4DC1ED2FFDA3B82C6BF6A8CC93B220C9B15A7FDCC1C3D86AEAA7EC2158D603F5FA4E102AE14917E5CF9B4A5EDC23E4EC5E42368C0D8FB1CF9FBCEE6ADC4790ACDE3B91BA41907416B949B7852DBFF244752242405E58A2C9B48D26E428DC89168A7AD434D3800B60192016F7925A27E12EE8F6C58BFC4D5297C39139B4871A2A37A1B5E4669F753A95003569BDD6CA8DB454CB25677D9227D9744EC09391F56A22970580AF34E5743918CF87387918596155B153CC913B588D07E96D765B11703B2D6C5910BFF92042C5ABD4FC474A0E050DACA184FCE4CAF82903F5C2BE659BD8551D1CA66BBA61B3611D4E9DA7E3060400A80F7F9504867F0943BCAC62EA2D07DD1BEE2FBD52439FA45A5F1AB8041D724E6B73A3803AA0B701BA7821B797C30C71C3B3BAF0CFA3C76DBC8323FFB22FF8507C995B5C552883141054E8B0B01594BCA4E6741E6D5DCC5CCA0D5D8A0F07E4771607513AEC948157966E0D0A8B0C8F8AC3D114F1095781B6F29B37655484F8C7C700D41F7B231D2A4637B10EAFDEFA26D133ECE3FDECF73E379BE93E3488F91F82C01031839E851EB324969EA367D98965AC0FA351B"; + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C05FF00000A000000000000000000000010B7D5264AA13C588EBCE851BB4CF923A94BDCB9E04ABB6688055EE94074AEFF78139C195E" + "FB6D26F9D5DF2A002D4D26F6C1420F623D9EC8AC1B47EF469314F30D2466B5A1F8E4DC1ED2FFDA3B82C6BF6A8CC93B220C9B15A7FDCC1C" + "3D86AEAA7EC2158D603F5FA4E102AE14917E5CF9B4A5EDC23E4EC5E42368C0D8FB1CF9FBCEE6ADC4790ACDE3B91BA41907416B949B7852" + "DBFF244752242405E58A2C9B48D26E428DC89168A7AD434D3800B60192016F7925A27E12EE8F6C58BFC4D5297C39139B4871A2A37A1B5E" + "4669F753A95003569BDD6CA8DB454CB25677D9227D9744EC09391F56A22970580AF34E5743918CF87387918596155B153CC913B588D07E" + "96D765B11703B2D6C5910BFF92042C5ABD4FC474A0E050DACA184FCE4CAF82903F5C2BE659BD8551D1CA66BBA61B3611D4E9DA7E306040" + "0A80F7F9504867F0943BCAC62EA2D07DD1BEE2FBD52439FA45A5F1AB8041D724E6B73A3803AA0B701BA7821B797C30C71C3B3BAF0CFA3C" + "76DBC8323FFB22FF8507C995B5C552883141054E8B0B01594BCA4E6741E6D5DCC5CCA0D5D8A0F07E4771607513AEC948157966E0D0A8B0" + "C8F8AC3D114F1095781B6F29B37655484F8C7C700D41F7B231D2A4637B10EAFDEFA26D133ECE3FDECF73E379BE93E3488F91F82C010318" + "39E851EB324969EA367D98965AC0FA351B"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -871,7 +1112,7 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_lsa_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_lsa_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security MED", num_frames_1K, 0); Crypto_Shutdown(); @@ -882,20 +1123,35 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1K) UTEST(PERFORMANCE, MDB_KMC_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C05FF0000020000000000000000000071B8A9140EDCF90BEB2E84643FB928463D5E7CA5A2CA190B13DFCCBD7C150FC57FCAE7812FD90A672132370F05C11740089A0A263DE28CCF66901393AD69E63E71BF7795929B3F1ECB93D8C73168C84150835C3942C6DE5C015FEEC35DF5227FC068098CFB6307D7D1D9888B81688DFED4D6A16915A636DD6D93C46DE65C869A9E08985D238D5898B07760EAC9DEF46E9F3A38BDF6A28B9185350DB8C0AD33CDA11E6DF84EB849E7288138CEA52F8E9BACB6C461D6E30E365E89697D1FEE1D484452207403A988B643779A07D56A91CFC0C7C197DDC0C68AD837D0FF248AFE3D0F5A46FEB4380EEF796C46D1A279A4D1E12103107FDF84BB1A4FCCF7E56460CEC85F99580597966B5214BBFE22E84E078EFB664D79A98A850F1FC2DDCCD43A92E25D5732C4700F86D2D342A67EBD2363032F7B2E1C1F2D7C003D0590FD4ABD064AE5C8FCFCD656A2AF510223345CC9F2F8837F3060A66F6DAF811E93600D9CB9BC3B3B66EFC395B86DF065C66C9C8A86192092AED70AC44A1D33D219ABE453E47764B78B5ED8689E06FA40A1276874E99560BA983B01B4268C1FD6B7CAA90B5148D2B39E2026C2E6AD56A9071894A7F6FD0BBE91F75519A0ACC72196F3CD72ACACD0820DA674215E80D63D3C9AFE59FFE547AB2F5F7EE16FFF9328EF6473BD7D3121116AD14868BDA4EA305636D744"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C05FF0000020000000000000000000071B8A9140EDCF90BEB2E84643FB928463D5E7CA5A2CA190B13DFCCBD7C150FC57FCAE7812FD9" + "0A672132370F05C11740089A0A263DE28CCF66901393AD69E63E71BF7795929B3F1ECB93D8C73168C84150835C3942C6DE5C015FEEC35D" + "F5227FC068098CFB6307D7D1D9888B81688DFED4D6A16915A636DD6D93C46DE65C869A9E08985D238D5898B07760EAC9DEF46E9F3A38BD" + "F6A28B9185350DB8C0AD33CDA11E6DF84EB849E7288138CEA52F8E9BACB6C461D6E30E365E89697D1FEE1D484452207403A988B643779A" + "07D56A91CFC0C7C197DDC0C68AD837D0FF248AFE3D0F5A46FEB4380EEF796C46D1A279A4D1E12103107FDF84BB1A4FCCF7E56460CEC85F" + "99580597966B5214BBFE22E84E078EFB664D79A98A850F1FC2DDCCD43A92E25D5732C4700F86D2D342A67EBD2363032F7B2E1C1F2D7C00" + "3D0590FD4ABD064AE5C8FCFCD656A2AF510223345CC9F2F8837F3060A66F6DAF811E93600D9CB9BC3B3B66EFC395B86DF065C66C9C8A86" + "192092AED70AC44A1D33D219ABE453E47764B78B5ED8689E06FA40A1276874E99560BA983B01B4268C1FD6B7CAA90B5148D2B39E2026C2" + "E6AD56A9071894A7F6FD0BBE91F75519A0ACC72196F3CD72ACACD0820DA674215E80D63D3C9AFE59FFE547AB2F5F7EE16FFF9328EF6473" + "BD7D3121116AD14868BDA4EA305636D744"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary @@ -907,7 +1163,7 @@ UTEST(PERFORMANCE, MDB_KMC_MED_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security MED", num_frames_1K, 0); Crypto_Shutdown(); @@ -920,22 +1176,42 @@ UTEST(PERFORMANCE, MDB_KMC_MED_1K) UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C07FF00000A000000000000000000000063CC818D81B0A3B0B8CFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A705DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DF90F3545628E3182AADD4E7084E423A4CCA88F7C0BAE07A50169E687A1D6232EA056F02AD1F8362D9168A239CDF20EA0615E2FF9B3FC9E02852DD335F0ABCEBBC45A037E073A09B3300B3A2275A646209F4F5BF9C95A9D2A20881273A269B5DB614572D1E117CB73587832D3D63ACD4AD8C9C73AE9A0E521A8C85E19D20F9D670E709924849C46D578D91C0790EF998663E03DE0B830360B2C8E14DF8FA33BC0AC0120CCCA5823543E999C48064B140D8034EBB299E238E526B0443C239EE1CBA826BDAA8705DF421B073A08706D38E11DBD988E08EF9A38C4E4E726326FF54DC43AA76B0EAF004973BCDD51265B306D68EF393E6389AE35858D1B619A3B7D6A3656C3F8EA9512FA6685A3F2710A5A6274FCA0B69275339BC09F3349700E4214A275B9362EE08D2E1E6BBFE0D038007470DD17D8133451B027D1C73AA491256489F6FA2B1964BBA4A6746544ABF98C20C9511E5EFF08678A4B04BFBDFDF401D092FEF153DAB01DB3EBBF0C1879758A6485342DF30D84F46059846F2B9100CEA4A31F68604E41C4448D56A4174B38CF4BA1B365904A442ABCAE1773DBD4007470E674DD5422C5F6DE74EBB068C1C0EEBB68378BB1CFFBC8893DB94136AA501D30C7AEA14135C95C7FA017A893681DF3696448D7F4523102B0A93D183097560B75145754158C7A77B8CE69A7BC7625E28B59FCAD104FDB619B2BB9D5BA7C621697EBC87F80A7FD43480A46828E433314522B9146FCA62CB2105D1EB22D19F55FAE320ED16D54F150FD20081F1336572D128F6D2803A09E8E35456ECB1D6AE0A3A8ECCE231C4602893171538BF40E5AD79003B2CEFA33FDD83D5A79E0BCF26A25754D1E91B279222393F8BDB7A07A0B5BD15458FAB9FB6138192D43A294A9FDE48F660A497305C49726BB3AF29521F8EB686441C34E2DF0BB5EE4E7B0FA14E0A56879A44D252BDA7939B777B6D283C85522F77202A574C0BA9049A3B9BBD059B2CE6CEAEE88B7C979FCB4333BB39AF5F14CFF8B8E8F477C15F11FC6A89365DD8CD258339AB6B748EAB34F93D007805E904A532E7BB5C90AE88209E6170A6656AFCBA6C9F6F5902A8117694C28BF9CF396648E993F5C59D5C60C5C175EEE70E2EA72EA67E2E6535E56E4F95B03B3B077572C6A021D1F1E54EA83DA804E84CD4EE2368917D367552B102B80A5DA8203F65FA9C1BDB5992C0A75F9FF4B9052CD1A59D1AFFC4F31397702C795E36FD31DB437F2376F0E5C9D451777AF0BF88CFE466EE9F4BF2B7929689EDFB2A529ECF8DAFF177E382"; + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C07FF00000A000000000000000000000063CC818D81B0A3B0B8CFAE6926856AB15F27C747E4F00F0314AC3174263FCC8ABEEE245A70" + "5DF168E7AF81057111A8776502606B698CA119FFDAEE33FD3027358EC40BC2C166D6E5312BF6A813D97864A037D8E3696EFBF2052228DF" + "90F3545628E3182AADD4E7084E423A4CCA88F7C0BAE07A50169E687A1D6232EA056F02AD1F8362D9168A239CDF20EA0615E2FF9B3FC9E0" + "2852DD335F0ABCEBBC45A037E073A09B3300B3A2275A646209F4F5BF9C95A9D2A20881273A269B5DB614572D1E117CB73587832D3D63AC" + "D4AD8C9C73AE9A0E521A8C85E19D20F9D670E709924849C46D578D91C0790EF998663E03DE0B830360B2C8E14DF8FA33BC0AC0120CCCA5" + "823543E999C48064B140D8034EBB299E238E526B0443C239EE1CBA826BDAA8705DF421B073A08706D38E11DBD988E08EF9A38C4E4E7263" + "26FF54DC43AA76B0EAF004973BCDD51265B306D68EF393E6389AE35858D1B619A3B7D6A3656C3F8EA9512FA6685A3F2710A5A6274FCA0B" + "69275339BC09F3349700E4214A275B9362EE08D2E1E6BBFE0D038007470DD17D8133451B027D1C73AA491256489F6FA2B1964BBA4A6746" + "544ABF98C20C9511E5EFF08678A4B04BFBDFDF401D092FEF153DAB01DB3EBBF0C1879758A6485342DF30D84F46059846F2B9100CEA4A31" + "F68604E41C4448D56A4174B38CF4BA1B365904A442ABCAE1773DBD4007470E674DD5422C5F6DE74EBB068C1C0EEBB68378BB1CFFBC8893" + "DB94136AA501D30C7AEA14135C95C7FA017A893681DF3696448D7F4523102B0A93D183097560B75145754158C7A77B8CE69A7BC7625E28" + "B59FCAD104FDB619B2BB9D5BA7C621697EBC87F80A7FD43480A46828E433314522B9146FCA62CB2105D1EB22D19F55FAE320ED16D54F15" + "0FD20081F1336572D128F6D2803A09E8E35456ECB1D6AE0A3A8ECCE231C4602893171538BF40E5AD79003B2CEFA33FDD83D5A79E0BCF26" + "A25754D1E91B279222393F8BDB7A07A0B5BD15458FAB9FB6138192D43A294A9FDE48F660A497305C49726BB3AF29521F8EB686441C34E2" + "DF0BB5EE4E7B0FA14E0A56879A44D252BDA7939B777B6D283C85522F77202A574C0BA9049A3B9BBD059B2CE6CEAEE88B7C979FCB4333BB" + "39AF5F14CFF8B8E8F477C15F11FC6A89365DD8CD258339AB6B748EAB34F93D007805E904A532E7BB5C90AE88209E6170A6656AFCBA6C9F" + "6F5902A8117694C28BF9CF396648E993F5C59D5C60C5C175EEE70E2EA72EA67E2E6535E56E4F95B03B3B077572C6A021D1F1E54EA83DA8" + "04E84CD4EE2368917D367552B102B80A5DA8203F65FA9C1BDB5992C0A75F9FF4B9052CD1A59D1AFFC4F31397702C795E36FD31DB437F23" + "76F0E5C9D451777AF0BF88CFE466EE9F4BF2B7929689EDFB2A529ECF8DAFF177E382"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -953,9 +1229,10 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security LONG", num_frames_1K, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "LSA+LIBG Process Security LONG", num_frames_1K, + 0); Crypto_Shutdown(); free(processed_frame); @@ -965,19 +1242,42 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C07FF000002000000000000000000007217E059763EF5ADFC613DFAC3D96B906BE1361B1652B72637738C5731EDEF6C0C8EF2A5915169F1C6BBF7755B2D96BEE2F6DBC490A432A1515A89F4164B00020159A9B8646EDA561DB153F0FF6B4FCDE2E1E7FF4A1F3C155742E9298CA19A3F360FCC6CEC154802771F81F7214709DAEFB8D7732D311C2D11BE133D9F4882A82EE5B16A204B102FC8B21E9F3F841589EB85A97ED72781A2A2482A7E81ADB16628D3C7E8B15BDE350A18D9C459A43DE5B048F8C97A92B56E39C05B41AC0119427AE80E5A85FF7D52D25AFFF8B361FE938051399238864B4ED9983BEB4BE0F467530ABA03BF9EAAAAC9899A934E8FDB7DBDF5FE7F6B10B461D88045DEFBE3B872D11DBE975F2EE94A4BE9225653EFE1D6B06CBD6B0987E74B15E348135C41A583A0B5F249B08615FBD9DADFF8C29C9ED9886501B39857A7E2971DE338BC25379CC1E525A1201DE30922C9E3975D7F7E7538FE3D08B9DDF34E7C9DAB5FC961747A4F6F2FAF5E1BEE8F1EBEC4403FE3F6AC90369A04CB64AEBFF8C2457EFB0FE7714F72712C5256CBF18F25BF1AF13F6B639CCBED04CDC6FBA65F09B3ADF0F912995C5AF40157706D7F572C3481AA215F6B1AF5B7DCD519EDCD02EF66358588A756F3AB8C4C7D7B446D425F0DC7D309BADA9078DE415175DDCEDBDEDD6028D67DD4B83DB1D15EAC3F1A8926D11903F1C48484EF953E846203E5EDF6FA62F93D1FCD5E70C3E17017CFB7FC7C9B8A71B4F2B290893E18C7CC2E0BD8CA9FA940D1DC5129B062CBD2FACEDE3D26F5CDB2CC38F013B032835F1E0C6F2898A77DC8859F485FD64CCA79BA79A0911F87F5EA2C1AE5F72D530E8AE17F094A964ABD43C55E7BB7EBD63479C0E1F4014E5BA6B11FBA230A038B9C1470E289555D4313A2C166B34316BDFA84C428F11E61C11B300039B6FAA1D44ABD313ACCAB31DEE5E7D461BE78428EFEBC7DFBC49CBCB5F98DE92F4F07B477A57CB3426D7A66E5A07CC49A1061F8912C68F7C691BEFBD6DF536A9F26AEAEB6968F3F35017760B1840D4CF1E277FE8D9A99326A9FAD68814DE6F929253F2D4F3AF046C578A434DBFEA4B2CC9834633CF5919085126D95F74A444328113408AE6D798FF6961C38822D4523F9AA99C766AE3E5104BE7EE0E027C2F9B73BA07ADA882762FD93F590BF29FD0429BBC83DB4F531C1187B8DECEC0E5171027433358CE6E0AAAF50B59AC32EDE3D5B198B7C6AD462F00F9E7E52A21DE992037FDED63EF5646C236701729096AC704DA4A649C244B24242795DA49B25C34AB8F2E824DE4F42E1D4F06CC79F594DB4F62F31CD928C4CD678451CA7511FBB30F771F45522410586A22321C683F98774C89864E9ADF030216BC083E991CA96E4E751324B7E0AC2775996CDF33A46E09BCC24856D3112D844D337C57B9519F966A4"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C07FF000002000000000000000000007217E059763EF5ADFC613DFAC3D96B906BE1361B1652B72637738C5731EDEF6C0C8EF2A59151" + "69F1C6BBF7755B2D96BEE2F6DBC490A432A1515A89F4164B00020159A9B8646EDA561DB153F0FF6B4FCDE2E1E7FF4A1F3C155742E9298C" + "A19A3F360FCC6CEC154802771F81F7214709DAEFB8D7732D311C2D11BE133D9F4882A82EE5B16A204B102FC8B21E9F3F841589EB85A97E" + "D72781A2A2482A7E81ADB16628D3C7E8B15BDE350A18D9C459A43DE5B048F8C97A92B56E39C05B41AC0119427AE80E5A85FF7D52D25AFF" + "F8B361FE938051399238864B4ED9983BEB4BE0F467530ABA03BF9EAAAAC9899A934E8FDB7DBDF5FE7F6B10B461D88045DEFBE3B872D11D" + "BE975F2EE94A4BE9225653EFE1D6B06CBD6B0987E74B15E348135C41A583A0B5F249B08615FBD9DADFF8C29C9ED9886501B39857A7E297" + "1DE338BC25379CC1E525A1201DE30922C9E3975D7F7E7538FE3D08B9DDF34E7C9DAB5FC961747A4F6F2FAF5E1BEE8F1EBEC4403FE3F6AC" + "90369A04CB64AEBFF8C2457EFB0FE7714F72712C5256CBF18F25BF1AF13F6B639CCBED04CDC6FBA65F09B3ADF0F912995C5AF40157706D" + "7F572C3481AA215F6B1AF5B7DCD519EDCD02EF66358588A756F3AB8C4C7D7B446D425F0DC7D309BADA9078DE415175DDCEDBDEDD6028D6" + "7DD4B83DB1D15EAC3F1A8926D11903F1C48484EF953E846203E5EDF6FA62F93D1FCD5E70C3E17017CFB7FC7C9B8A71B4F2B290893E18C7" + "CC2E0BD8CA9FA940D1DC5129B062CBD2FACEDE3D26F5CDB2CC38F013B032835F1E0C6F2898A77DC8859F485FD64CCA79BA79A0911F87F5" + "EA2C1AE5F72D530E8AE17F094A964ABD43C55E7BB7EBD63479C0E1F4014E5BA6B11FBA230A038B9C1470E289555D4313A2C166B34316BD" + "FA84C428F11E61C11B300039B6FAA1D44ABD313ACCAB31DEE5E7D461BE78428EFEBC7DFBC49CBCB5F98DE92F4F07B477A57CB3426D7A66" + "E5A07CC49A1061F8912C68F7C691BEFBD6DF536A9F26AEAEB6968F3F35017760B1840D4CF1E277FE8D9A99326A9FAD68814DE6F929253F" + "2D4F3AF046C578A434DBFEA4B2CC9834633CF5919085126D95F74A444328113408AE6D798FF6961C38822D4523F9AA99C766AE3E5104BE" + "7EE0E027C2F9B73BA07ADA882762FD93F590BF29FD0429BBC83DB4F531C1187B8DECEC0E5171027433358CE6E0AAAF50B59AC32EDE3D5B" + "198B7C6AD462F00F9E7E52A21DE992037FDED63EF5646C236701729096AC704DA4A649C244B24242795DA49B25C34AB8F2E824DE4F42E1" + "D4F06CC79F594DB4F62F31CD928C4CD678451CA7511FBB30F771F45522410586A22321C683F98774C89864E9ADF030216BC083E991CA96" + "E4E751324B7E0AC2775996CDF33A46E09BCC24856D3112D844D337C57B9519F966A4"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary hex_conversion(data_h, &data_b, &data_l); @@ -988,9 +1288,10 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tBytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_libg_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_lsa_libg_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_lsa_libg_100) / 1024 / 1024)); printf("\n"); - Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "MDB+LIBG Process Security LONG", num_frames_1K, 0); + Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_libg_100, "MDB+LIBG Process Security LONG", num_frames_1K, + 0); Crypto_Shutdown(); free(processed_frame); @@ -1000,29 +1301,51 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) UTEST(PERFORMANCE, LSA_KMC_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C07FF00000A0000000000000000000000042DD72659FA856512F4C35CA125B94FA62D41A46ECE953F746436776EDBB107E4CB804D02C0A794341D4D7D5A83C8735001B649FABAC5D32D62E64D3A7768CA60B79861A05434DAF398873705D0226717B99079451D42F01FCA9CC895277B705096CA10A9873760CE387FCAB553B93D907F0C299B8427A514C09B36D9008DEFD8C38F7D9E2E7880430D08BFD76C98AE0A1E4A78A5D6E3651C81C418A20C1AA6871BD2C9170A411AB9C00376BC7019E867F7BA0D6A7C28A49E8462216D35C97DA05779F1DEE2A2C1C83E12362A2748E9D7555E8F8CAAAA85611DD3BE5E68C55949329FC64A94804449DA2442406FDFAD6878945EFC27479F4F4DCB82399978F9BAB3D583AC548CEB7EFFEC13D6EE49ECD258781B8F395B9B129F41A72CEDA58D5AE2373EDE39C037042BBFB926DC5C01C92A8D32AF6908754612C2CF6311CAEDF8E78DC3E632C4485D972CF70250A376E687551BB5CE544779AC915CB39ED489B0FA5F7B2948333F5D4DC9CD07D712C764A1085C696473FE62AB77DF0E7E67D91EAF1B1A96F9FE3014B33450B63E6783D2DB965EED2BD26392B221814AA01EEB646B54B2AA45A29F9808283E5FBF04B49C6A3BEE6480E67169825A4E2DA8EB0C7AC690C380107CC888722844DE1C600B2ACFB74ECEB4425B63E8B7AF906540D30333D27BB3DEDAC1A7F04A0584D06EBF0867BC6ADDFBF52B17A7FBE3AD2E814DA4307607DA9C3FC2818A527CDF4E41F4CBF853F25086E90BF8836A9C839830AA9D72283E92A5C5CAACC786CF7FBED1528666FEE7B02CA1ED6F5A05630366AA0DFA37D3B0AB13ADBB2EE053465F7C39A01FF125EADA21619420A89B7FC1706B7E2C6F21ECC923AE9E602FAAD137DBEA66B7CA8C536B00218DC58C398CA465F20DB15438E0D8A2D421AA56FFC7765B7B1903C20312103B86B96B2F8A2F8A72CEBC7D66F86FC2B1EC1662B602C72EEC1C2D6A0B6AF0DF1BC2AFE635C2AB2C083F06D303FE3E45766C80499073177429C7A81EF3883A86FC4271D8F0C91EAB043DCF130CFC2AA1A48C3C20F1ABC1CE1E17B3E64DF5FE4996E285DEC0011A22DAAED5C58529B77E273A2389548748B780271D33A8BB8C380CE1C3CE8F3B2A487DD10D828F3146A2CE61F94CAFF3A5A099A59BF8B59196F271FFF718D097779D56BA71ECFEC97FDDF7BCAC120C264581B3EE45D6C2B01DD0382178134B940D4048847CFB5555A95E33DE7D59C35D41BC37625A64E87AC5F425F7CF88C3D78FF3449464AD4BE53818E8238C9EDB9A1389CAA421A656CDDE86057D08F636AD4462EEBB09B942CE6C86ABA6935DE352AF100257C7B416842C1B4DE70F5DBF55087B297C32A26DC47920B1CD70D1D893EB12703CF04DBD58C4EAE5B5CB674582C69FFD4A06F8491F56DAC15DADFB508EDF1FAA"; + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C07FF00000A0000000000000000000000042DD72659FA856512F4C35CA125B94FA62D41A46ECE953F746436776EDBB107E4CB804D02" + "C0A794341D4D7D5A83C8735001B649FABAC5D32D62E64D3A7768CA60B79861A05434DAF398873705D0226717B99079451D42F01FCA9CC8" + "95277B705096CA10A9873760CE387FCAB553B93D907F0C299B8427A514C09B36D9008DEFD8C38F7D9E2E7880430D08BFD76C98AE0A1E4A" + "78A5D6E3651C81C418A20C1AA6871BD2C9170A411AB9C00376BC7019E867F7BA0D6A7C28A49E8462216D35C97DA05779F1DEE2A2C1C83E" + "12362A2748E9D7555E8F8CAAAA85611DD3BE5E68C55949329FC64A94804449DA2442406FDFAD6878945EFC27479F4F4DCB82399978F9BA" + "B3D583AC548CEB7EFFEC13D6EE49ECD258781B8F395B9B129F41A72CEDA58D5AE2373EDE39C037042BBFB926DC5C01C92A8D32AF690875" + "4612C2CF6311CAEDF8E78DC3E632C4485D972CF70250A376E687551BB5CE544779AC915CB39ED489B0FA5F7B2948333F5D4DC9CD07D712" + "C764A1085C696473FE62AB77DF0E7E67D91EAF1B1A96F9FE3014B33450B63E6783D2DB965EED2BD26392B221814AA01EEB646B54B2AA45" + "A29F9808283E5FBF04B49C6A3BEE6480E67169825A4E2DA8EB0C7AC690C380107CC888722844DE1C600B2ACFB74ECEB4425B63E8B7AF90" + "6540D30333D27BB3DEDAC1A7F04A0584D06EBF0867BC6ADDFBF52B17A7FBE3AD2E814DA4307607DA9C3FC2818A527CDF4E41F4CBF853F2" + "5086E90BF8836A9C839830AA9D72283E92A5C5CAACC786CF7FBED1528666FEE7B02CA1ED6F5A05630366AA0DFA37D3B0AB13ADBB2EE053" + "465F7C39A01FF125EADA21619420A89B7FC1706B7E2C6F21ECC923AE9E602FAAD137DBEA66B7CA8C536B00218DC58C398CA465F20DB154" + "38E0D8A2D421AA56FFC7765B7B1903C20312103B86B96B2F8A2F8A72CEBC7D66F86FC2B1EC1662B602C72EEC1C2D6A0B6AF0DF1BC2AFE6" + "35C2AB2C083F06D303FE3E45766C80499073177429C7A81EF3883A86FC4271D8F0C91EAB043DCF130CFC2AA1A48C3C20F1ABC1CE1E17B3" + "E64DF5FE4996E285DEC0011A22DAAED5C58529B77E273A2389548748B780271D33A8BB8C380CE1C3CE8F3B2A487DD10D828F3146A2CE61" + "F94CAFF3A5A099A59BF8B59196F271FFF718D097779D56BA71ECFEC97FDDF7BCAC120C264581B3EE45D6C2B01DD0382178134B940D4048" + "847CFB5555A95E33DE7D59C35D41BC37625A64E87AC5F425F7CF88C3D78FF3449464AD4BE53818E8238C9EDB9A1389CAA421A656CDDE86" + "057D08F636AD4462EEBB09B942CE6C86ABA6935DE352AF100257C7B416842C1B4DE70F5DBF55087B297C32A26DC47920B1CD70D1D893EB" + "12703CF04DBD58C4EAE5B5CB674582C69FFD4A06F8491F56DAC15DADFB508EDF1FAA"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association;; + SecurityAssociation_t *test_association; + ; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 10 sa_if->sa_get_from_spi(10, &test_association); test_association->sa_state = SA_OPERATIONAL; - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Convert hex to binary hex_conversion(data_h, &data_b, &data_l); @@ -1033,7 +1356,7 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_lsa_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_lsa_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_lsa_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(processed_frame->tc_pdu_len, ttl_time_lsa_kmc_100, "LSA+KMC Process Security LONG", num_frames_1K, 0); Crypto_Shutdown(); @@ -1044,20 +1367,44 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_1K) UTEST(PERFORMANCE, MDB_KMC_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - char* data_h = "202C07FF00000200000000000000000000721BAC6AEED1D245278896BFCE8F455FC3DA3DFFFC84F3A42360697AC41AA8387B67F79EE9E336B4F2900A074274C3D380C3076550FF491C2CD0131DE6EB2F2D2E5F1F8222A1421E911AD331872BF8A6A48165A8D4B0126B8F156EA11117F975D7F1289375EEC9972796EAE4554AD30C9EDB323518644DC504F4484BBB8447DDE7464F74BF271002141DCD5D961D2FA774703F4D708D21922D5D322D95F87762F93BC53AB12E7539784A7622502BD8BDDAD8CFF1415AD0CC27834CF6009A32E50AAC9B20612D4848B93689F1283C844739D03F96A81970A473167F37CAA1E7FF66C539285EB79AC17AF709D3FC7395479CAA2724189ED064AFEEE81D28ECD0CDEEA105A7F3D8AC2AC42C5FD4BC25569EDD6A5B9674A1F90034E031DB30EFDE4789BC381BAF2D367165CA77114B2B72155DD90A48BE229AC984A6153C3E78B3A6C453CC7D791A1FDF6982F8530EAE61649B5FB83776CE0F607B438A7FF0C13F79A778B295F020FA993ADA08CCE57CB7B6098CC3ABF96EEBC6313C361F7DD0230B9FDDF04ED5E0D206178B8F63F072D4DE6DE8A60D1D5279E86F1E518FB875EC7F86406C4719BB6C4F8682F7F2693341599587EC884B882252437BDE838C318F13C2474D909331A737F0BB651656DF1CF46DB16B911851B1C2CCE0A03E3D9DF7494B3AFB5C24FC793A9D52144482B8A4FEA666B472CBD6E4B8355F39E02BEF428C5B950571D3D195561E0BD004A9BA089CA0776FC42C60E95CD5B190A12143F71473A352DC64BD8E5796C7ECC88506F0A6BEE0600E922053ADC2CB43EDC6852E52C82C388CE39C1C30F6DC30DD5B67B3A326F099C0FC5B8A3BDDDD3D3E0E136889AE5578FF746C2D81162023DA4F7C7EE2312284BB88CCA91AC5090BA5C2E101234E6D50F642F77960205CB9DDAB3E09FE77997B7CC4BF0BBC5AFC11CFB8E53936AD637101390BEC5B534AA48236DEEAEA2901EC42EA699B3DF1E0F91A533E0D1D76432DEDC1A5A2E6763662BD1E8D29D29FDA13C072C549B2F42B0E3B796981853DD7B776CA27142E60C65FCECD23CE7624CA0D81E966248C4C5D10953A6F742AD27C87A4950B4F172B706F65CCA2EFDA0FA6715BD95DD2841DB5C3262B210BF126A548D09C1EF0F7F83FA379D389C1890804AEE56B1CC7F45BF4422CCA3FC165F36BC5DD3546DB386A3551F0F467377D952C82D2890E70840F738FDC49838B1F30A16D1AF8DFE9E594D88EEBAEAE3B6DBA33F8DC69D95246E43A394E1463D0EFCAD040FE57CE9E95C57098E7EE76C6507889EB94232DA84B11572D462F932C04CCD60E3372024B7978B8960EA9145A297E7DF1114E48E6048CFDD31C1859B1A468991E1E67FAEAD138652A0BAA7A4D99669882357ECC0893E4D96A1E6E3D754CA24D5D997EDB91C647436A18A47377"; + Crypto_Config_MariaDB("client-demo-kmc.example.com", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, + "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, + "/home/itc/Desktop/CERTS/ammos-client-cert.pem", + "/home/itc/Desktop/CERTS/ammos-client-key.pem", NULL, "robert", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, + AOS_IZ_NA, 0); + char *data_h = + "202C07FF00000200000000000000000000721BAC6AEED1D245278896BFCE8F455FC3DA3DFFFC84F3A42360697AC41AA8387B67F79EE9E3" + "36B4F2900A074274C3D380C3076550FF491C2CD0131DE6EB2F2D2E5F1F8222A1421E911AD331872BF8A6A48165A8D4B0126B8F156EA111" + "17F975D7F1289375EEC9972796EAE4554AD30C9EDB323518644DC504F4484BBB8447DDE7464F74BF271002141DCD5D961D2FA774703F4D" + "708D21922D5D322D95F87762F93BC53AB12E7539784A7622502BD8BDDAD8CFF1415AD0CC27834CF6009A32E50AAC9B20612D4848B93689" + "F1283C844739D03F96A81970A473167F37CAA1E7FF66C539285EB79AC17AF709D3FC7395479CAA2724189ED064AFEEE81D28ECD0CDEEA1" + "05A7F3D8AC2AC42C5FD4BC25569EDD6A5B9674A1F90034E031DB30EFDE4789BC381BAF2D367165CA77114B2B72155DD90A48BE229AC984" + "A6153C3E78B3A6C453CC7D791A1FDF6982F8530EAE61649B5FB83776CE0F607B438A7FF0C13F79A778B295F020FA993ADA08CCE57CB7B6" + "098CC3ABF96EEBC6313C361F7DD0230B9FDDF04ED5E0D206178B8F63F072D4DE6DE8A60D1D5279E86F1E518FB875EC7F86406C4719BB6C" + "4F8682F7F2693341599587EC884B882252437BDE838C318F13C2474D909331A737F0BB651656DF1CF46DB16B911851B1C2CCE0A03E3D9D" + "F7494B3AFB5C24FC793A9D52144482B8A4FEA666B472CBD6E4B8355F39E02BEF428C5B950571D3D195561E0BD004A9BA089CA0776FC42C" + "60E95CD5B190A12143F71473A352DC64BD8E5796C7ECC88506F0A6BEE0600E922053ADC2CB43EDC6852E52C82C388CE39C1C30F6DC30DD" + "5B67B3A326F099C0FC5B8A3BDDDD3D3E0E136889AE5578FF746C2D81162023DA4F7C7EE2312284BB88CCA91AC5090BA5C2E101234E6D50" + "F642F77960205CB9DDAB3E09FE77997B7CC4BF0BBC5AFC11CFB8E53936AD637101390BEC5B534AA48236DEEAEA2901EC42EA699B3DF1E0" + "F91A533E0D1D76432DEDC1A5A2E6763662BD1E8D29D29FDA13C072C549B2F42B0E3B796981853DD7B776CA27142E60C65FCECD23CE7624" + "CA0D81E966248C4C5D10953A6F742AD27C87A4950B4F172B706F65CCA2EFDA0FA6715BD95DD2841DB5C3262B210BF126A548D09C1EF0F7" + "F83FA379D389C1890804AEE56B1CC7F45BF4422CCA3FC165F36BC5DD3546DB386A3551F0F467377D952C82D2890E70840F738FDC49838B" + "1F30A16D1AF8DFE9E594D88EEBAEAE3B6DBA33F8DC69D95246E43A394E1463D0EFCAD040FE57CE9E95C57098E7EE76C6507889EB94232D" + "A84B11572D462F932C04CCD60E3372024B7978B8960EA9145A297E7DF1114E48E6048CFDD31C1859B1A468991E1E67FAEAD138652A0BAA" + "7A4D99669882357ECC0893E4D96A1E6E3D754CA24D5D997EDB91C647436A18A47377"; int32_t status = Crypto_Init(); - char* data_b = NULL; - int data_l = 0; + char *data_b = NULL; + int data_l = 0; - TC_t* processed_frame; + TC_t *processed_frame; processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Convert hex to binary @@ -1069,7 +1416,7 @@ UTEST(PERFORMANCE, MDB_KMC_LONG_1K) printf("\tNumber of Frames Sent: %d\n", num_frames_1K); printf("\t\tEncrypted Bytes Per Frame: %d\n", processed_frame->tc_pdu_len); printf("\t\tTotal Time: %f\n", ttl_time_mdb_kmc_100); - printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K)/ttl_time_mdb_kmc_100)/1024/1024)); + printf("\tMbps: %f\n", (((processed_frame->tc_pdu_len * 8 * num_frames_1K) / ttl_time_mdb_kmc_100) / 1024 / 1024)); printf("\n"); Write_To_File(processed_frame->tc_pdu_len, ttl_time_mdb_kmc_100, "MDB+KMC Process Security LONG", num_frames_1K, 0); Crypto_Shutdown(); diff --git a/test/performance/pt_gcry_base.c b/test/performance/pt_gcry_base.c index 8ca9b706..2bfafe46 100644 --- a/test/performance/pt_gcry_base.c +++ b/test/performance/pt_gcry_base.c @@ -17,8 +17,8 @@ */ /** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. - * BE SURE TO HAVE APPROPRIATE SA's READY FOR EACH SET OF TESTS + * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB + *Functionality Enabled. BE SURE TO HAVE APPROPRIATE SA's READY FOR EACH SET OF TESTS **/ #include "utest.h" @@ -35,14 +35,14 @@ #include "shared_util.h" -void random_big_buffer(char* buffer, int32_t buffer_len) +void random_big_buffer(char *buffer, int32_t buffer_len) { - const char* hex_digits = "ABCDEF0123456789"; - for(int i = 0; i < buffer_len; i++) + const char *hex_digits = "ABCDEF0123456789"; + for (int i = 0; i < buffer_len; i++) { srand(clock()); int j = (rand() % 16); - //printf("J: %d\n", j); + // printf("J: %d\n", j); buffer[i] = hex_digits[j]; } } @@ -52,33 +52,33 @@ UTEST(PERFORMANCE, GCRY_BASE) int32_t status = Crypto_Init_TC_Unit_Test(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - int32_t big_buffer_len = 1024; - int num_loops = 1000; - int32_t len_data_out = 1024; + int32_t big_buffer_len = 1024; + int num_loops = 1000; + int32_t len_data_out = 1024; struct timespec begin, end; - double total_time = 0.0; + double total_time = 0.0; - for(int i = 0; i < num_loops; i++) + for (int i = 0; i < num_loops; i++) { - char* big_buffer = calloc(1, big_buffer_len * 2 * sizeof(char)); - uint8_t* big_buffer_b = NULL; - int32_t big_buffer_b_len = 0; - //clock_gettime(CLOCK_REALTIME, &begin); + char *big_buffer = calloc(1, big_buffer_len * 2 * sizeof(char)); + uint8_t *big_buffer_b = NULL; + int32_t big_buffer_b_len = 0; + // clock_gettime(CLOCK_REALTIME, &begin); random_big_buffer(big_buffer, (big_buffer_len * 2)); hex_conversion((char *)big_buffer, (char **)&big_buffer_b, &big_buffer_b_len); printf("\n"); - for (int i = 0; i < (big_buffer_b_len); i++) + for (int i = 0; i < (big_buffer_b_len); i++) { printf("%02x", big_buffer_b[i] & 0xff); } printf("\nLength: %d\n", big_buffer_b_len); - gcry_error_t gcry_error = GPG_ERR_NO_ERROR; + gcry_error_t gcry_error = GPG_ERR_NO_ERROR; gcry_cipher_hd_t tmp_hd; - - char* key_ptr_h = "FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210"; - char* key_ptr = NULL; + + char *key_ptr_h = "FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210"; + char *key_ptr = NULL; int32_t key_ptr_len = 32; hex_conversion(key_ptr_h, &key_ptr, &key_ptr_len); @@ -89,19 +89,19 @@ UTEST(PERFORMANCE, GCRY_BASE) } printf("\n"); - uint8_t* iv = (uint8_t* )calloc(1, 12 * sizeof(uint8_t)); - int32_t iv_len = 16; + uint8_t *iv = (uint8_t *)calloc(1, 12 * sizeof(uint8_t)); + int32_t iv_len = 16; printf("IV: "); - for(int i = 0; i < iv_len; i++) + for (int i = 0; i < iv_len; i++) { printf("%02x ", iv[i]); } printf("\n"); - char* aad_h = "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345"; - uint8_t* aad = NULL; - int32_t aad_len = 30; - hex_conversion(aad_h, (char **) &aad, &aad_len); + char *aad_h = "ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345"; + uint8_t *aad = NULL; + int32_t aad_len = 30; + hex_conversion(aad_h, (char **)&aad, &aad_len); printf("\nAAD: "); for (int i = 0; i < aad_len; i++) { @@ -109,15 +109,15 @@ UTEST(PERFORMANCE, GCRY_BASE) } printf("\n"); - uint8_t* data_out = calloc(1, len_data_out * sizeof(uint8_t)); - + uint8_t *data_out = calloc(1, len_data_out * sizeof(uint8_t)); + clock_gettime(CLOCK_REALTIME, &begin); gcry_error = gcry_cipher_open(&(tmp_hd), GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_CIPHER_NONE); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { printf(KRED "ERROR: gcry_cipher_open error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); printf(KRED "Failure: %s/%s\n", gcry_strsource(gcry_error), gcry_strerror(gcry_error)); - status = CRYPTO_LIB_ERR_LIBGCRYPT_ERROR; + status = CRYPTO_LIB_ERR_LIBGCRYPT_ERROR; total_time = -1.0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } @@ -145,28 +145,25 @@ UTEST(PERFORMANCE, GCRY_BASE) } gcry_error = gcry_cipher_authenticate(tmp_hd, - aad, // additional authenticated data - aad_len // length of AAD + aad, // additional authenticated data + aad_len // length of AAD ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { - printf(KRED "ERROR: gcry_cipher_authenticate error code %d\n" RESET, - gcry_error & GPG_ERR_CODE_MASK); + printf(KRED "ERROR: gcry_cipher_authenticate error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); printf(KRED "Failure: %s/%s\n", gcry_strsource(gcry_error), gcry_strerror(gcry_error)); status = CRYPTO_LIB_ERR_AUTHENTICATION_ERROR; gcry_cipher_close(tmp_hd); total_time = -1.0; ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } - - - + printf("BIG BUFFER LENGTH: %d\n", big_buffer_len); gcry_error = gcry_cipher_encrypt(tmp_hd, - data_out, // ciphertext output - len_data_out, // length of data - big_buffer_b, // plaintext input - big_buffer_b_len // in data length + data_out, // ciphertext output + len_data_out, // length of data + big_buffer_b, // plaintext input + big_buffer_b_len // in data length ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { @@ -179,9 +176,9 @@ UTEST(PERFORMANCE, GCRY_BASE) } clock_gettime(CLOCK_REALTIME, &end); - long seconds = end.tv_sec - begin.tv_sec; - long nanoseconds = end.tv_nsec - begin.tv_nsec; - double elapsed = seconds + nanoseconds*1e-9; + long seconds = end.tv_sec - begin.tv_sec; + long nanoseconds = end.tv_nsec - begin.tv_nsec; + double elapsed = seconds + nanoseconds * 1e-9; total_time += elapsed; @@ -199,8 +196,7 @@ UTEST(PERFORMANCE, GCRY_BASE) printf("Total Frames: %d\n", num_loops); printf("Bytes per Frame: %d\n", len_data_out); printf("Total Time: %f\n", total_time); - printf("Mbps: %f\n", (((len_data_out * 8 * num_loops)/total_time)/1024/1024)); - + printf("Mbps: %f\n", (((len_data_out * 8 * num_loops) / total_time) / 1024 / 1024)); } UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index 1082b7b5..24536f98 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -55,7 +55,7 @@ void setup_python() Py_Initialize(); PyRun_SimpleString("import sys\nsys.path.append('../test')"); PyRun_SimpleString("import sys\nsys.path.append('../../test')"); - pName = PyUnicode_FromString("encryption_test"); + pName = PyUnicode_FromString("encryption_test"); pModule = PyImport_Import(pName); if (pModule == NULL) { @@ -64,7 +64,7 @@ void setup_python() return; } - pDict = PyModule_GetDict(pModule); + pDict = PyModule_GetDict(pModule); pClass = PyDict_GetItemString(pDict, "Encryption"); if (PyCallable_Check(pClass)) @@ -83,21 +83,22 @@ void setup_python() * @brief Python Cryptodoem CMAC Truth Baseline * @param data Hexstring of the plain text * @param key Hexstring of the key to be used - * @param expected Output character array that will be allocated within this function. Memory must be freed upon completion of the test + * @param expected Output character array that will be allocated within this function. Memory must be freed upon + *completion of the test * @param expected_length The length of the expected character array this is set within this function * @note User must free memory themselves. **/ -void python_cmac(char* data, char* key, uint8_t** expected, long *expected_length) +void python_cmac(char *data, char *key, uint8_t **expected, long *expected_length) { setup_python(); - pValue = PyObject_CallMethod(pInstance, "encrypt_cmac", "ss", data, key); - pValue = PyObject_CallMethod(pInstance, "get_len", NULL); - long temp_length = PyLong_AsLong(pValue); - *expected_length = temp_length; - pValue = PyObject_CallMethod(pInstance, "get_results", NULL); - char* temp_expected = PyBytes_AsString(pValue); - *expected = (uint8_t* )malloc(sizeof(uint8_t) * (int)*expected_length); + pValue = PyObject_CallMethod(pInstance, "encrypt_cmac", "ss", data, key); + pValue = PyObject_CallMethod(pInstance, "get_len", NULL); + long temp_length = PyLong_AsLong(pValue); + *expected_length = temp_length; + pValue = PyObject_CallMethod(pInstance, "get_results", NULL); + char *temp_expected = PyBytes_AsString(pValue); + *expected = (uint8_t *)malloc(sizeof(uint8_t) * (int)*expected_length); memcpy(*expected, temp_expected, (int)*expected_length); return; } @@ -117,18 +118,18 @@ void python_cmac(char* data, char* key, uint8_t** expected, long *expected_lengt * @note The char** expected that is passsed to this function must be freed by the user upon completion of unit test or *other call. **/ -void python_auth_encryption(char* data, char* key, char* iv, char* header, char* bitmask, uint8_t** expected, +void python_auth_encryption(char *data, char *key, char *iv, char *header, char *bitmask, uint8_t **expected, long *expected_length) { setup_python(); pValue = PyObject_CallMethod(pInstance, "encrypt", "sssss", data, key, iv, header, bitmask); - pValue = PyObject_CallMethod(pInstance, "get_len", NULL); - long temp_length = PyLong_AsLong(pValue); - *expected_length = temp_length; - pValue = PyObject_CallMethod(pInstance, "get_results", NULL); - char* temp_expected = PyBytes_AsString(pValue); - *expected = (uint8_t* )malloc(sizeof(uint8_t) * (int)*expected_length); + pValue = PyObject_CallMethod(pInstance, "get_len", NULL); + long temp_length = PyLong_AsLong(pValue); + *expected_length = temp_length; + pValue = PyObject_CallMethod(pInstance, "get_results", NULL); + char *temp_expected = PyBytes_AsString(pValue); + *expected = (uint8_t *)malloc(sizeof(uint8_t) * (int)*expected_length); memcpy(*expected, temp_expected, (int)*expected_length); return; } @@ -181,7 +182,7 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST) // Expose SA 4 for testing sa_if->sa_get_from_spi(4, &test_association_4); test_association_4->sa_state = SA_KEYED; - + // Ensure that Process Security can activate SA 4 return_val = Crypto_TC_ProcessSecurity(activate_sa4_b, &activate_sa4_len, tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); @@ -202,7 +203,7 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST) ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); Crypto_Shutdown(); - + // Get Truth Baseline python_auth_encryption("1880d2ca0008197f0b0031000039c5", "FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210", @@ -236,41 +237,41 @@ UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - int status = CRYPTO_LIB_SUCCESS; + SaInterface sa_if = get_sa_interface_inmemory(); + int status = CRYPTO_LIB_SUCCESS; - char* activate_sa4_h = "2003002000ff000100011880d2c9000e197f0b001b0004000400003040d95ecbc2"; - char* dec_test_ping_h = + char *activate_sa4_h = "2003002000ff000100011880d2c9000e197f0b001b0004000400003040d95ecbc2"; + char *dec_test_ping_h = "2003043400FF00040000000000000000000000017E1D8EEA8D45CEBA17888E0CDCD747DC78E5F372F997F2A63AA5DFC168395DC987"; - char* enc_test_ping_h = "1880d2ca0008197f0b0031000039c5"; + char *enc_test_ping_h = "1880d2ca0008197f0b0031000039c5"; - uint8_t* activate_sa4_b, *dec_test_ping_b, *enc_test_ping_b = NULL; - int activate_sa4_len, dec_test_ping_len, enc_test_ping_len = 0; + uint8_t *activate_sa4_b, *dec_test_ping_b, *enc_test_ping_b = NULL; + int activate_sa4_len, dec_test_ping_len, enc_test_ping_len = 0; - hex_conversion(activate_sa4_h, (char**) &activate_sa4_b, &activate_sa4_len); - hex_conversion(dec_test_ping_h, (char**) &dec_test_ping_b, &dec_test_ping_len); - hex_conversion(enc_test_ping_h, (char**) &enc_test_ping_b, &enc_test_ping_len); + hex_conversion(activate_sa4_h, (char **)&activate_sa4_b, &activate_sa4_len); + hex_conversion(dec_test_ping_h, (char **)&dec_test_ping_b, &dec_test_ping_len); + hex_conversion(enc_test_ping_h, (char **)&enc_test_ping_b, &enc_test_ping_len); - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); // Default SA // Expose SA 1 for testing sa_if->sa_get_from_spi(1, &test_association); - test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 0; - test_association->arsn_len = 0; + test_association->arsn_len = 0; // Expose SA 7 for testing sa_if->sa_get_from_spi(4, &test_association); test_association->sa_state = SA_KEYED; - test_association->abm_len = ABM_SIZE; + test_association->abm_len = ABM_SIZE; // Ensure that Process Security can activate SA 4 status = Crypto_TC_ProcessSecurity(activate_sa4_b, &activate_sa4_len, tc_sdls_processed_frame); @@ -281,23 +282,23 @@ UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST) // Expose SA 4 for testing sa_if->sa_get_from_spi(4, &test_association); - test_association->arsn_len = 0; + test_association->arsn_len = 0; test_association->gvcid_blk.vcid = 1; - test_association->iv[11] = 0; - test_association->ast = 1; - test_association->est = 1; - test_association->ekid = 130; - test_association->ecs_len = 1; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->stmacf_len = 16; - test_association->arsnw_len = 1; - test_association->abm_len = ABM_SIZE; - test_association->arsnw = 5; - test_association->arsn_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->arsn_len = ((test_association->arsnw * 2) + 1); + test_association->iv[11] = 0; + test_association->ast = 1; + test_association->est = 1; + test_association->ekid = 130; + test_association->ecs_len = 1; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->stmacf_len = 16; + test_association->arsnw_len = 1; + test_association->abm_len = ABM_SIZE; + test_association->arsnw = 5; + test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->arsn_len = ((test_association->arsnw * 2) + 1); status = Crypto_TC_ProcessSecurity(dec_test_ping_b, &dec_test_ping_len, tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // 9 is the number of pings in that EP PDU. @@ -336,70 +337,72 @@ UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST) UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib // Crypto_Init_TC_Unit_Test(); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; - char* buffer_nist_pt_h = "2003001600722ee47da4b77424733546c2d400c4e567a8"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374c"; - char* buffer_nist_ct_h = "1224dfefb72a20d49e09256908874979"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; + char *buffer_nist_pt_h = "2003001600722ee47da4b77424733546c2d400c4e567a8"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374c"; + char *buffer_nist_ct_h = "1224dfefb72a20d49e09256908874979"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 1; - test_association->shivf_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 11; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 1; + test_association->shivf_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 11; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); + hex_conversion(buffer_nist_ct_h, (char **)&buffer_nist_ct_b, &buffer_nist_ct_len); Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) @@ -408,7 +411,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) Crypto_Shutdown(); for (int i = 0; i < buffer_nist_pt_len - 7; i++) { - //printf("[%d]: %02x -> %02x \n", i, *(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); + // printf("[%d]: %02x -> %02x \n", i, *(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); enc_data_idx++; } @@ -429,70 +432,72 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; - char* buffer_nist_pt_h = "2003001600722ee47da4b77424733546c2d400c4e567a8"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; - char* buffer_nist_et_h = "2003002500FF0009B6AC8E4963F49207FFD6374C00001224DFEFB72A20D49E09256908874979AD6F"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; + char *buffer_nist_pt_h = "2003001600722ee47da4b77424733546c2d400c4e567a8"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; + char *buffer_nist_et_h = "2003002500FF0009B6AC8E4963F49207FFD6374C00001224DFEFB72A20D49E09256908874979AD6F"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 1; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 1; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // for (int i = 0; i < buffer_nist_iv_len; i++) // { @@ -501,9 +506,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) // enc_data_idx++; // } - // Convert input encryptedtext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); + hex_conversion(buffer_nist_et_h, (char **)&buffer_nist_et_b, &buffer_nist_et_len); Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); @@ -534,72 +538,72 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; - char* buffer_nist_pt_h = "2003001600419635e6e12b257a8ecae411f94480ff56be"; - char* buffer_nist_iv_h = "1af2613c4184dbd101fcedce"; - char* buffer_nist_ct_h = "9cd21f414f1f54d5f6f58b1f2f77e5b6"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; + char *buffer_nist_pt_h = "2003001600419635e6e12b257a8ecae411f94480ff56be"; + char *buffer_nist_iv_h = "1af2613c4184dbd101fcedce"; + char *buffer_nist_ct_h = "9cd21f414f1f54d5f6f58b1f2f77e5b6"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 11; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 0; + test_association->shivf_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 11; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); + hex_conversion(buffer_nist_ct_h, (char **)&buffer_nist_ct_b, &buffer_nist_ct_len); sa_if->sa_get_from_spi(9, &test_association); - Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) // Calc payload index: total length - pt length @@ -627,77 +631,79 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; - char* buffer_nist_pt_h = "2003001600419635e6e12b257a8ecae411f94480ff56be"; - char* buffer_nist_iv_h = "1af2613c4184dbd101fcedcd"; - //2003002500FF0009B6AC8E4963F49207FFD6374C00001224DFEFB72A20D49E09256908874979AD6F - char* buffer_nist_et_h = "2003002500FF00091AF2613C4184DBD101FCEDCE00009CD21F414F1F54D5F6F58B1F2F77E5B66987"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; + char *buffer_nist_pt_h = "2003001600419635e6e12b257a8ecae411f94480ff56be"; + char *buffer_nist_iv_h = "1af2613c4184dbd101fcedcd"; + // 2003002500FF0009B6AC8E4963F49207FFD6374C00001224DFEFB72A20D49E09256908874979AD6F + char *buffer_nist_et_h = "2003002500FF00091AF2613C4184DBD101FCEDCE00009CD21F414F1F54D5F6F58B1F2F77E5B66987"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 0; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); + hex_conversion(buffer_nist_et_h, (char **)&buffer_nist_et_b, &buffer_nist_et_len); int32_t status; status = Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); - ASSERT_EQ(0,status); + ASSERT_EQ(0, status); Crypto_Shutdown(); for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) @@ -722,68 +728,70 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "7ecc9dcb3d5b413cadc3af7b7812758bd869295f8aaf611ba9935de76bd87013"; - char* buffer_nist_pt_h = "200300160073d4d7984ce422ac983797c0526ac6f9446b"; - char* buffer_nist_iv_h = "6805be41e983717bf6781052"; - char* buffer_nist_ct_h = "487211dd440f4d09d00bc5c3158a822c"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "7ecc9dcb3d5b413cadc3af7b7812758bd869295f8aaf611ba9935de76bd87013"; + char *buffer_nist_pt_h = "200300160073d4d7984ce422ac983797c0526ac6f9446b"; + char *buffer_nist_iv_h = "6805be41e983717bf6781052"; + char *buffer_nist_ct_h = "487211dd440f4d09d00bc5c3158a822c"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 0; + test_association->shivf_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); + hex_conversion(buffer_nist_ct_h, (char **)&buffer_nist_ct_b, &buffer_nist_ct_len); Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) @@ -812,72 +820,74 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "7ecc9dcb3d5b413cadc3af7b7812758bd869295f8aaf611ba9935de76bd87013"; - char* buffer_nist_pt_h = "200300160073d4d7984ce422ac983797c0526ac6f9446b"; - char* buffer_nist_iv_h = "6805be41e983717bf6781051"; - char* buffer_nist_et_h = "2003002500FF00096805BE41E983717BF67810520000487211DD440F4D09D00BC5C3158A822C46E3"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "7ecc9dcb3d5b413cadc3af7b7812758bd869295f8aaf611ba9935de76bd87013"; + char *buffer_nist_pt_h = "200300160073d4d7984ce422ac983797c0526ac6f9446b"; + char *buffer_nist_iv_h = "6805be41e983717bf6781051"; + char *buffer_nist_et_h = "2003002500FF00096805BE41E983717BF67810520000487211DD440F4D09D00BC5C3158A822C46E3"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 0; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); + hex_conversion(buffer_nist_et_h, (char **)&buffer_nist_et_b, &buffer_nist_et_len); Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); @@ -904,69 +914,71 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "a881373e248615e3d6576f5a5fb68883515ae72d6a2938e3a6f0b8dcb639c9c0"; - char* buffer_nist_pt_h = "200300160007d1dc9930e710b1ebe533c81f671101e43c"; - char* buffer_nist_iv_h = "f0b744f157087df4e41818a9"; - char* buffer_nist_ct_h = "b65a2878b9dddbd4a0204dae6a6a6fc0"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "a881373e248615e3d6576f5a5fb68883515ae72d6a2938e3a6f0b8dcb639c9c0"; + char *buffer_nist_pt_h = "200300160007d1dc9930e710b1ebe533c81f671101e43c"; + char *buffer_nist_iv_h = "f0b744f157087df4e41818a9"; + char *buffer_nist_ct_h = "b65a2878b9dddbd4a0204dae6a6a6fc0"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 0; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); + hex_conversion(buffer_nist_ct_h, (char **)&buffer_nist_ct_b, &buffer_nist_ct_len); Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) @@ -995,72 +1007,74 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "a881373e248615e3d6576f5a5fb68883515ae72d6a2938e3a6f0b8dcb639c9c0"; - char* buffer_nist_pt_h = "200300160007d1dc9930e710b1ebe533c81f671101e43c"; - char* buffer_nist_iv_h = "f0b744f157087df4e41818a8"; - char* buffer_nist_et_h = "2003002500FF0009F0B744F157087DF4E41818A90000B65A2878B9DDDBD4A0204DAE6A6A6FC0C327"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "a881373e248615e3d6576f5a5fb68883515ae72d6a2938e3a6f0b8dcb639c9c0"; + char *buffer_nist_pt_h = "200300160007d1dc9930e710b1ebe533c81f671101e43c"; + char *buffer_nist_iv_h = "f0b744f157087df4e41818a8"; + char *buffer_nist_et_h = "2003002500FF0009F0B744F157087DF4E41818A90000B65A2878B9DDDBD4A0204DAE6A6A6FC0C327"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 0; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); + hex_conversion(buffer_nist_et_h, (char **)&buffer_nist_et_b, &buffer_nist_et_len); Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); @@ -1087,69 +1101,71 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "84c90349539c2a7989cb24dfae5e4182382ae94ba717d385977017f74f0d87d6"; - char* buffer_nist_pt_h = "200300160031c4e1d0ccece6b7a999bfc31f38559af5dd"; - char* buffer_nist_iv_h = "eeddeaf4355c826dfd153393"; - char* buffer_nist_ct_h = "5c6cfbdd06c19445ecf500c21aeca173"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "84c90349539c2a7989cb24dfae5e4182382ae94ba717d385977017f74f0d87d6"; + char *buffer_nist_pt_h = "200300160031c4e1d0ccece6b7a999bfc31f38559af5dd"; + char *buffer_nist_iv_h = "eeddeaf4355c826dfd153393"; + char *buffer_nist_ct_h = "5c6cfbdd06c19445ecf500c21aeca173"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 0; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); + hex_conversion(buffer_nist_ct_h, (char **)&buffer_nist_ct_b, &buffer_nist_ct_len); Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) @@ -1178,72 +1194,74 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "84c90349539c2a7989cb24dfae5e4182382ae94ba717d385977017f74f0d87d6"; - char* buffer_nist_pt_h = "200300160031c4e1d0ccece6b7a999bfc31f38559af5dd"; - char* buffer_nist_iv_h = "eeddeaf4355c826dfd153392"; - char* buffer_nist_et_h = "2003002500FF0009EEDDEAF4355C826DFD15339300005C6CFBDD06C19445ECF500C21AECA1738A7D"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "84c90349539c2a7989cb24dfae5e4182382ae94ba717d385977017f74f0d87d6"; + char *buffer_nist_pt_h = "200300160031c4e1d0ccece6b7a999bfc31f38559af5dd"; + char *buffer_nist_iv_h = "eeddeaf4355c826dfd153392"; + char *buffer_nist_et_h = "2003002500FF0009EEDDEAF4355C826DFD15339300005C6CFBDD06C19445ECF500C21AECA1738A7D"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ecs_len = 1; + test_association->acs_len = 0; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->abm_len = 1024; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); + hex_conversion(buffer_nist_et_h, (char **)&buffer_nist_et_b, &buffer_nist_et_len); Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); @@ -1281,74 +1299,76 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_pt_h = "200300060028C2"; // Empty Transfer frame - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c8a"; - char* buffer_nist_aad_h = "b96baa8c1c75a671bfb2d08d06be5f36"; // Zeroed out by abm - char* buffer_cyber_chef_mac_h = "b04cb89841f1591793f6e1bca1479d92"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_nist_aad_b, + char *buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; + char *buffer_nist_pt_h = "200300060028C2"; // Empty Transfer frame + char *buffer_nist_iv_h = "d79cf22d504cc793c3fb6c8a"; + char *buffer_nist_aad_h = "b96baa8c1c75a671bfb2d08d06be5f36"; // Zeroed out by abm + char *buffer_cyber_chef_mac_h = "b04cb89841f1591793f6e1bca1479d92"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_nist_aad_b, *buffer_cyber_chef_mac_b = NULL; int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_key_len, buffer_nist_aad_len, buffer_cyber_chef_mac_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; - test_association->ast = 1; - test_association->ecs_len = 1; - test_association->acs_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 0; + test_association->ast = 1; + test_association->ecs_len = 1; + test_association->acs_len = 0; test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; + test_association->iv_len = 12; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->stmacf_len = 16; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input aad - hex_conversion(buffer_nist_aad_h, (char**) &buffer_nist_aad_b, &buffer_nist_aad_len); + hex_conversion(buffer_nist_aad_h, (char **)&buffer_nist_aad_b, &buffer_nist_aad_len); // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); + hex_conversion(buffer_cyber_chef_mac_h, (char **)&buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) @@ -1382,71 +1402,73 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_pt_h = "200300060028C2"; // Empty Transfer frame - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c8a"; - char* buffer_cyber_chef_mac_h = "b04cb89841f1591793f6e1bca1479d92"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_key_len, buffer_cyber_chef_mac_len = 0; + char *buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; + char *buffer_nist_pt_h = "200300060028C2"; // Empty Transfer frame + char *buffer_nist_iv_h = "d79cf22d504cc793c3fb6c8a"; + char *buffer_cyber_chef_mac_h = "b04cb89841f1591793f6e1bca1479d92"; + uint8_t *buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b = NULL; + int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_key_len, buffer_cyber_chef_mac_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; - test_association->ast = 1; - test_association->ecs_len = 1; - test_association->acs_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 0; + test_association->ast = 1; + test_association->ecs_len = 1; + test_association->acs_len = 0; test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; + test_association->iv_len = 12; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; + test_association->stmacf_len = 16; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->gvcid_blk.tfvn = 0; test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); + hex_conversion(buffer_cyber_chef_mac_h, (char **)&buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); @@ -1480,108 +1502,109 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; - char* buffer_cyber_chef_mac_h = "E7BB31D506998FCBDA078E66D5680194"; - char* buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; + char *buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; + char *buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; + char *buffer_cyber_chef_mac_h = "E7BB31D506998FCBDA078E66D5680194"; + char *buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; // Create a MAC'd frame by adding our headers and a fecf - // | Header | SPI | iv | plaintext | mac |fecf| - char* buffer_nist_mac_frame_h = - "2003003700FF0009D79CF22D504CC793C3FB6C8A0000722ee47da4b77424733546c2d400c4e5E7BB31D506998FCBDA078E66D5680194B401"; + // | Header | SPI | iv | plaintext | mac |fecf| + char *buffer_nist_mac_frame_h = "2003003700FF0009D79CF22D504CC793C3FB6C8A0000722ee47da4b77424733546c2d400c4e5E7BB31" + "D506998FCBDA078E66D5680194B401"; - uint8_t* buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, + uint8_t *buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, *buffer_nist_mac_frame_b, *buffer_nist_cp_b = NULL; int buffer_nist_iv_len, buffer_nist_pt_len, buffer_nist_key_len, buffer_cyber_chef_mac_len, buffer_nist_mac_frame_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 2; + test_association->ast = 1; + test_association->est = 0; + test_association->arsn_len = 2; test_association->arsnw_len = 1; - test_association->abm_len = 1024; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; test_association->gvcid_blk.tfvn = 0; - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); + hex_conversion(buffer_cyber_chef_mac_h, (char **)&buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); // Convert mac frame - hex_conversion(buffer_nist_mac_frame_h, (char**) &buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); + hex_conversion(buffer_nist_mac_frame_h, (char **)&buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); Crypto_TC_ProcessSecurity(buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len, tc_nist_processed_frame); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) // Calc payload index: total length - pt length #ifdef DEBUG - printf("Expected MAC: "); - for (int i=0; istmacf_len; i++) - { - printf("%02x ", tc_nist_processed_frame->tc_sec_trailer.mac[i]); - } - printf("\n"); + printf("Expected MAC: "); + for (int i = 0; i < buffer_cyber_chef_mac_len; i++) + { + printf("%02x ", buffer_cyber_chef_mac_b[i]); + } + printf("\nReceived MAC: "); + for (int i = 0; i < test_association->stmacf_len; i++) + { + printf("%02x ", tc_nist_processed_frame->tc_sec_trailer.mac[i]); + } + printf("\n"); #endif #ifdef DEBUG - printf("PDU Length: %d \n",tc_nist_processed_frame->tc_pdu_len); - printf("Expected PDU: "); - for (int i=0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - printf("%02x ", buffer_nist_pt_b[i]); - } - printf("\nReceived PDU: "); - for (int i=0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - printf("%02x ", tc_nist_processed_frame->tc_pdu[i]); - } - printf("\n"); + printf("PDU Length: %d \n", tc_nist_processed_frame->tc_pdu_len); + printf("Expected PDU: "); + for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) + { + printf("%02x ", buffer_nist_pt_b[i]); + } + printf("\nReceived PDU: "); + for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) + { + printf("%02x ", tc_nist_processed_frame->tc_pdu[i]); + } + printf("\n"); #endif // Verify the MAC @@ -1590,11 +1613,11 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) ASSERT_EQ(tc_nist_processed_frame->tc_sec_trailer.mac[i], buffer_cyber_chef_mac_b[i]); } for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { // Verify the PDU Data is present and not stomped + { // Verify the PDU Data is present and not stomped ASSERT_EQ(tc_nist_processed_frame->tc_pdu[i], buffer_nist_pt_b[i]); } - Crypto_Shutdown(); + Crypto_Shutdown(); free(buffer_nist_iv_b); free(buffer_nist_key_b); free(buffer_cyber_chef_mac_b); @@ -1612,81 +1635,83 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; + char *buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; + char *buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; // char* buffer_cyber_chef_mac_h = "99eff39be8327e6950f03a329209d577"; - char* buffer_cyber_chef_mac_h = "34d0e323f5e4b80426401d4aa37930da"; - char* buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; + char *buffer_cyber_chef_mac_h = "34d0e323f5e4b80426401d4aa37930da"; + char *buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; // Create a MAC'd frame by adding our headers and a fecf // | Header | SPI | iv | plaintext | mac |fecf| - char* buffer_nist_mac_frame_h = - "2003003700FF0009D79CF22D504CC793C3FB6C8A0000722ee47da4b77424733546c2d400c40034d0e323f5e4b80426401d4aa37930da123b"; + char *buffer_nist_mac_frame_h = "2003003700FF0009D79CF22D504CC793C3FB6C8A0000722ee47da4b77424733546c2d400c40034d0e3" + "23f5e4b80426401d4aa37930da123b"; - uint8_t* buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, + uint8_t *buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, *buffer_nist_mac_frame_b, *buffer_nist_cp_b = NULL; int buffer_nist_iv_len, buffer_nist_pt_len, buffer_nist_key_len, buffer_cyber_chef_mac_len, buffer_nist_mac_frame_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 2; + test_association->ast = 1; + test_association->est = 0; + test_association->arsn_len = 2; test_association->arsnw_len = 1; - test_association->abm_len = 1024; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; test_association->gvcid_blk.tfvn = 0; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); + hex_conversion(buffer_cyber_chef_mac_h, (char **)&buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); // Convert mac frame - hex_conversion(buffer_nist_mac_frame_h, (char**) &buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); + hex_conversion(buffer_nist_mac_frame_h, (char **)&buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); status = Crypto_TC_ProcessSecurity(buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len, tc_nist_processed_frame); - //printf("TC_Process returned status %d\n", status); + // printf("TC_Process returned status %d\n", status); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) // Calc payload index: total length - pt length @@ -1723,81 +1748,83 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NIST supplied vectors - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; + char *buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; + char *buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; // char* buffer_cyber_chef_mac_h = "99eff39be8327e6950f03a329209d577"; - char* buffer_cyber_chef_mac_h = "34d0e323f5e4b80426401d4aa37930da"; - char* buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; + char *buffer_cyber_chef_mac_h = "34d0e323f5e4b80426401d4aa37930da"; + char *buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; // Create a MAC'd frame by adding our headers and a fecf // | Header | SPI | iv | plaintext | mac |fecf| - char* buffer_nist_mac_frame_h = + char *buffer_nist_mac_frame_h = "2003003500FF0009D79CF22D504CC793C3FB6C8A722ee47da4b77424733546c2d400c4e534d0e323f5e4b80426401d4aa37930009f68"; - uint8_t* buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, + uint8_t *buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, *buffer_nist_mac_frame_b, *buffer_nist_cp_b = NULL; int buffer_nist_iv_len, buffer_nist_pt_len, buffer_nist_key_len, buffer_cyber_chef_mac_len, buffer_nist_mac_frame_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 2; + test_association->ast = 1; + test_association->est = 0; + test_association->arsn_len = 2; test_association->arsnw_len = 1; - test_association->abm_len = 1024; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; test_association->gvcid_blk.tfvn = 0; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); + hex_conversion(buffer_nist_pt_h, (char **)&buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); + hex_conversion(buffer_cyber_chef_mac_h, (char **)&buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); // Convert mac frame - hex_conversion(buffer_nist_mac_frame_h, (char**) &buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); + hex_conversion(buffer_nist_mac_frame_h, (char **)&buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); status = Crypto_TC_ProcessSecurity(buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len, tc_nist_processed_frame); - //printf("TC_Process returned status %d\n", status); + // printf("TC_Process returned status %d\n", status); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) // Calc payload index: total length - pt length @@ -1832,74 +1859,78 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char* buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; + // | Header | NIST CMAC Test Vector |FECF| + char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A" + "71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; + // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the + // LENGTH (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac + // length to be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC - char* buffer_python_mac_h = "7629961f6b92145290ad3e149940511a"; - uint8_t* buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + // Python output MAC + char *buffer_python_mac_h = "7629961f6b92145290ad3e149940511a"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs_len = 1; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; - //sa_if->sa_get_from_spi(9, &test_association); + // sa_if->sa_get_from_spi(9, &test_association); // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); + hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); // Convert input mac - hex_conversion(buffer_python_mac_h, (char**) &buffer_python_mac_b, &buffer_python_mac_len); + hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); @@ -1912,7 +1943,8 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) { if (ptr_enc_frame[enc_data_idx] != buffer_python_mac_b[i]) { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], ptr_enc_frame[enc_data_idx]); + printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], + ptr_enc_frame[enc_data_idx]); } ASSERT_EQ(ptr_enc_frame[enc_data_idx], buffer_python_mac_b[i]); enc_data_idx++; @@ -1933,72 +1965,77 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA,1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char* buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatevr the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; + char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; + // | Header | NIST CMAC Test Vector |FECF| + char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A" + "71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; + // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH + // (including fecf) needs to be updated in the Tf Header Length is dependent on whatevr the variable mac length to + // be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | + // char* buffer_frame_pt_h = + // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; // 2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D - // Python output MAC - char* buffer_python_mac_h = "cf549cc15d63eab7ad25eb3089d94e6c"; - uint8_t* buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + // Python output MAC + char *buffer_python_mac_h = "cf549cc15d63eab7ad25eb3089d94e6c"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 0; + test_association->ast = 1; + test_association->est = 0; + test_association->arsn_len = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); + hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); // Convert input mac - hex_conversion(buffer_python_mac_h, (char**) &buffer_python_mac_b, &buffer_python_mac_len); + hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); int status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -2009,7 +2046,8 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) for (int i = 0; i < buffer_python_mac_len; i++) { - // printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + enc_data_idx)); + // printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + + // enc_data_idx)); ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_python_mac_b[i]); enc_data_idx++; } @@ -2029,73 +2067,80 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) remove("sa_save_file.bin"); uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI| ARSN | NIST CMAC Test Vector | MAC |FECF| - char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F193942587629961f6b92145290ad3e149940511a46ce"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatevr the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; + char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; + // | Header |SPI| ARSN | NIST CMAC Test Vector | MAC |FECF| + char *buffer_frame_pt_h = + "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D8" + "0B699E8006E52345FB7273B2E084407F193942587629961f6b92145290ad3e149940511a46ce"; + // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH + // (including fecf) needs to be updated in the Tf Header Length is dependent on whatevr the variable mac length to + // be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | + // char* buffer_frame_pt_h = + // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; // 2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D - // Zeroed out w. bitmask 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 - // Python output MAC - char* buffer_python_mac_h = "7629961f6b92145290ad3e149940511a"; - uint8_t* buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + // Zeroed out w. bitmask + // 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 + // Python output MAC + char *buffer_python_mac_h = "7629961f6b92145290ad3e149940511a"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 0; + test_association->ast = 1; + test_association->est = 0; + test_association->arsn_len = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->ekid = 0; - test_association->akid = 136; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ekid = 0; + test_association->akid = 136; - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); + hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); // Convert input mac - hex_conversion(buffer_python_mac_h, (char**) &buffer_python_mac_b, &buffer_python_mac_len); + hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); int32_t status = Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); @@ -2107,7 +2152,8 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) for (int i = 0; i < buffer_python_mac_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], (tc_sdls_processed_frame->tc_sec_trailer.mac[i])); + printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], + (tc_sdls_processed_frame->tc_sec_trailer.mac[i])); ASSERT_EQ(tc_sdls_processed_frame->tc_sec_trailer.mac[i], buffer_python_mac_b[i]); enc_data_idx++; } @@ -2129,71 +2175,77 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) remove("sa_save_file.bin"); uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI| ARSN | NIST CMAC Test Vector | MAC |FECF| - char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatevr the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; + char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; + // | Header |SPI| ARSN | NIST CMAC Test Vector | MAC |FECF| + char *buffer_frame_pt_h = + "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D8" + "0B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D"; + // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH + // (including fecf) needs to be updated in the Tf Header Length is dependent on whatevr the variable mac length to + // be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | + // char* buffer_frame_pt_h = + // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; // 2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D - // Python output MAC - char* buffer_python_mac_h = "cf549cc15d63eab7ad25eb3089d94e6c"; - uint8_t* buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + // Python output MAC + char *buffer_python_mac_h = "cf549cc15d63eab7ad25eb3089d94e6c"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 0; + test_association->ast = 1; + test_association->est = 0; + test_association->arsn_len = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->ekid = 0; - test_association->akid = 136; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ekid = 0; + test_association->akid = 136; - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); + hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); // Convert input mac - hex_conversion(buffer_python_mac_h, (char**) &buffer_python_mac_b, &buffer_python_mac_len); + hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); @@ -2204,7 +2256,8 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) for (int i = 0; i < buffer_python_mac_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], (tc_sdls_processed_frame->tc_sec_trailer.mac[i])); + printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], + (tc_sdls_processed_frame->tc_sec_trailer.mac[i])); ASSERT_EQ(tc_sdls_processed_frame->tc_sec_trailer.mac[i], buffer_python_mac_b[i]); enc_data_idx++; } @@ -2226,61 +2279,65 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + // | Header | NIST CMAC Test Vector |FECF| + char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A" + "71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; + // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the + // LENGTH (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac + // length to be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC + // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + // Python output MAC // 6b5953e41cffb4d15a62e25da5e092f98bd26b7487f0c98f440374d42e136f13 // Trunc to first 16 bytes // 6b5953e41cffb4d15a62e25da5e092f9 - char* buffer_python_mac_h = "6b5953e41cffb4d15a62e25da5e092f9"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "6b5953e41cffb4d15a62e25da5e092f9"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA256; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; // Insert key into keyring of SA 9 @@ -2303,7 +2360,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) { if (ptr_enc_frame[enc_data_idx] != buffer_python_mac_b[i]) { - printf("[%d] Truth: %02x, Actual: %02x \n", enc_data_idx, buffer_python_mac_b[i], ptr_enc_frame[enc_data_idx]); + printf("[%d] Truth: %02x, Actual: %02x \n", enc_data_idx, buffer_python_mac_b[i], + ptr_enc_frame[enc_data_idx]); } ASSERT_EQ(ptr_enc_frame[enc_data_idx], buffer_python_mac_b[i]); enc_data_idx++; @@ -2324,62 +2382,66 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) remove("sa_save_file.bin"); uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - int32_t status; + int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + // | Header | NIST CMAC Test Vector |FECF| + char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A" + "71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; + // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the + // LENGTH (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac + // length to be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC + // Python output MAC // 5d0ae5c3859d51d9c1e31681db475acba1f2cd1ade8e5ba7356ae9f2372e4444 // Trunc to first 16 bytes // 5d0ae5c3859d51d9c1e31681db475acb - char* buffer_python_mac_h = "5d0ae5c3859d51d9c1e31681db475acb"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "5d0ae5c3859d51d9c1e31681db475acb"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA256; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; // Insert key into keyring of SA 9 @@ -2403,7 +2465,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) { if (ptr_enc_frame[enc_data_idx] != buffer_python_mac_b[i]) { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + enc_data_idx)); + printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], + *(ptr_enc_frame + enc_data_idx)); } ASSERT_EQ(ptr_enc_frame[enc_data_idx], buffer_python_mac_b[i]); enc_data_idx++; @@ -2423,160 +2486,171 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) remove("sa_save_file.bin"); uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - int32_t status; + int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC - // 676e9ebdf306b7db7ad41892887342e892bcc59688caef44693c1659b6a683e844d584030b7c532105b8c2539e0aed51af6df77e87f1834e92c2085889d1c44b - // Trunc to first 16 bytes - // 676e9ebdf306b7db7ad41892887342e8 - char* buffer_python_mac_h = "676e9ebdf306b7db7ad41892887342e8"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - akp->key_len = 64; - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + enc_data_idx)); - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_python_mac_b[i]); - enc_data_idx++; - } - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; + + // NIST supplied vectors + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a" + "591bf960d8555c3f6284afe7c6846cbb6c6f5445"; + // | Header | NIST CMAC Test Vector |FECF| + char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A" + "71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; + // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the + // LENGTH (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac + // length to be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | + // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; + // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + // Python output MAC + // 676e9ebdf306b7db7ad41892887342e892bcc59688caef44693c1659b6a683e844d584030b7c532105b8c2539e0aed51af6df77e87f1834e92c2085889d1c44b + // Trunc to first 16 bytes + // 676e9ebdf306b7db7ad41892887342e8 + char *buffer_python_mac_h = "676e9ebdf306b7db7ad41892887342e8"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + // Activate SA 9 + sa_if->sa_get_from_spi(9, &test_association); + test_association->ast = 1; + test_association->est = 0; + test_association->shivf_len = 0; + test_association->iv_len = 0; + test_association->shsnf_len = 4; + test_association->arsn_len = 4; + test_association->abm_len = 1024; + memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ekid = 0; + test_association->akid = 136; + test_association->gvcid_blk.tfvn = 0; + + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + akp = key_if->get_key(test_association->akid); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); + akp->key_len = 64; + + // Convert input plaintext + hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); + // Convert input mac + hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); + + status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Note: For comparison, primarily interested in the MAC + // Calc payload index: total length - pt length + uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; + Crypto_Shutdown(); + + for (int i = 0; i < buffer_python_mac_len; i++) + { + printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], + *(ptr_enc_frame + enc_data_idx)); + ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_python_mac_b[i]); + enc_data_idx++; + } + + free(ptr_enc_frame); + free(buffer_frame_pt_b); + free(buffer_nist_key_b); + free(buffer_python_mac_b); } /** -* @brief Unit Test: Test HMAC SHA-512, key length 64 bytes, bitmask of 1s -**/ + * @brief Unit Test: Test HMAC SHA-512, key length 64 bytes, bitmask of 1s + **/ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) { remove("sa_save_file.bin"); uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - int32_t status; + int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a" + "591bf960d8555c3f6284afe7c6846cbb6c6f5445"; + // | Header | NIST CMAC Test Vector |FECF| + char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A" + "71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; + // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH + // (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac length to + // be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; // Python output MAC // 907bbd1d9f2fd37e541f0b1ee12f5db0b1e0cbc57cfe08aecfc74b001371db711abb39caf658ee692d418725dc92cabd8d0a93ce423ff7594adf3fd91e7a6435 // Trunc to first 16 bytes // 907bbd1d9f2fd37e541f0b1ee12f5db0 - char* buffer_python_mac_h = "907bbd1d9f2fd37e541f0b1ee12f5db0"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "907bbd1d9f2fd37e541f0b1ee12f5db0"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = calloc(1, sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = calloc(1, sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; // Insert key into keyring of SA 9 @@ -2600,7 +2674,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) for (int i = 0; i < buffer_python_mac_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + enc_data_idx + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], + *(ptr_enc_frame + enc_data_idx + i)); ASSERT_EQ(*(ptr_enc_frame + enc_data_idx + i), buffer_python_mac_b[i]); // enc_data_idx++; } @@ -2617,63 +2692,68 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) { remove("sa_save_file.bin"); - int32_t status = 0; + int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | arsn | Payload | SHA 256 HMAC |FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F193942586B5953E41CFFB4D15A62E25DA5E092F969F2"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + // | Header |SPI | arsn | Payload | SHA 256 HMAC |FECF| + char *buffer_frame_pt_h = + "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D8" + "0B699E8006E52345FB7273B2E084407F193942586B5953E41CFFB4D15A62E25DA5E092F969F2"; + // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the + // LENGTH (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac + // length to be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" // Python output MAC // 6b5953e41cffb4d15a62e25da5e092f98bd26b7487f0c98f440374d42e136f13 // Trunc to first 16 bytes // 6b5953e41cffb4d15a62e25da5e092f9 - char* buffer_python_mac_h = "6b5953e41cffb4d15a62e25da5e092f9"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "6b5953e41cffb4d15a62e25da5e092f9"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA256; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; TC_t *tc_sdls_processed_frame; @@ -2698,7 +2778,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) { if (*(tc_sdls_processed_frame->tc_sec_trailer.mac + i) != buffer_python_mac_b[i]) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], + *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); } ASSERT_EQ(*(tc_sdls_processed_frame->tc_sec_trailer.mac + i), buffer_python_mac_b[i]); } @@ -2718,63 +2799,68 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) { remove("sa_save_file.bin"); - int32_t status = 0; + int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | arsn | Payload | SHA 256 HMAC | FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F193942585d0ae5c3859d51d9c1e31681db475acb5b35"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header. - // | Header |SPI| ARSN | NIST CMAC Frame Data | + // | Header |SPI | arsn | Payload | SHA 256 HMAC | FECF| + char *buffer_frame_pt_h = + "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D8" + "0B699E8006E52345FB7273B2E084407F193942585d0ae5c3859d51d9c1e31681db475acb5b35"; + // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH + // (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac length to + // be updated in the header. + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC + // Python output MAC // 5d0ae5c3859d51d9c1e31681db475acba1f2cd1ade8e5ba7356ae9f2372e4444 // Trunc to first 16 bytes // 5d0ae5c3859d51d9c1e31681db475acb - char* buffer_python_mac_h = "5d0ae5c3859d51d9c1e31681db475acb"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "5d0ae5c3859d51d9c1e31681db475acb"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA256; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; TC_t *tc_sdls_processed_frame; @@ -2798,7 +2884,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) for (int i = 0; i < buffer_python_mac_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], + *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); ASSERT_EQ(*(tc_sdls_processed_frame->tc_sec_trailer.mac + i), buffer_python_mac_b[i]); } @@ -2817,61 +2904,67 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) remove("sa_save_file.bin"); int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | ARSN | Payload | SHA 512 HMAC |FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258676e9ebdf306b7db7ad41892887342e80DC5"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a" + "591bf960d8555c3f6284afe7c6846cbb6c6f5445"; + // | Header |SPI | ARSN | Payload | SHA 512 HMAC |FECF| + char *buffer_frame_pt_h = + "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D8" + "0B699E8006E52345FB7273B2E084407F19394258676e9ebdf306b7db7ad41892887342e80DC5"; + // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the + // LENGTH (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac + // length to be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" // Python output MAC // 676e9ebdf306b7db7ad41892887342e892bcc59688caef44693c1659b6a683e844d584030b7c532105b8c2539e0aed51af6df77e87f1834e92c2085889d1c44b // Trunc to first 16 bytes // 676e9ebdf306b7db7ad41892887342e8 - char* buffer_python_mac_h = "676e9ebdf306b7db7ad41892887342e8"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "676e9ebdf306b7db7ad41892887342e8"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; TC_t *tc_sdls_processed_frame; @@ -2896,7 +2989,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) for (int i = 0; i < buffer_python_mac_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], + *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); ASSERT_EQ(*(tc_sdls_processed_frame->tc_sec_trailer.mac + i), buffer_python_mac_b[i]); } @@ -2913,60 +3007,66 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) remove("sa_save_file.bin"); int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | ARSN | Payload | SHA 512 HMAC |FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258907bbd1d9f2fd37e541f0b1ee12f5db0679a"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a" + "591bf960d8555c3f6284afe7c6846cbb6c6f5445"; + // | Header |SPI | ARSN | Payload | SHA 512 HMAC |FECF| + char *buffer_frame_pt_h = + "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D8" + "0B699E8006E52345FB7273B2E084407F19394258907bbd1d9f2fd37e541f0b1ee12f5db0679a"; + // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the + // LENGTH (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac + // length to be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" // Python output MAC // 907bbd1d9f2fd37e541f0b1ee12f5db0b1e0cbc57cfe08aecfc74b001371db711abb39caf658ee692d418725dc92cabd8d0a93ce423ff7594adf3fd91e7a6435 // Trunc to first 16 bytes // 907bbd1d9f2fd37e541f0b1ee12f5db0b1e0cbc57cfe08aecfc74b001371db711abb39caf658ee692d418725dc92cabd8d0a93ce423ff7594adf3fd91e7a6435 - char* buffer_python_mac_h = "907bbd1d9f2fd37e541f0b1ee12f5db0"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "907bbd1d9f2fd37e541f0b1ee12f5db0"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; TC_t *tc_sdls_processed_frame; @@ -2991,7 +3091,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) for (int i = 0; i < buffer_python_mac_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], + *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); ASSERT_EQ(*(tc_sdls_processed_frame->tc_sec_trailer.mac + i), buffer_python_mac_b[i]); } @@ -3006,38 +3107,40 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) UTEST(PLAINTEXT, ENCRYPT_DECRYPT) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; - uint8_t* ptr_enc_frame = NULL; + int32_t status = CRYPTO_LIB_ERROR; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - char* jpl_frame_pt_h = "2003001c00ff000100001880d03e000a197f0b000300020093d4ba21c4555555555555"; - uint8_t* jpl_frame_pt_b = NULL; - int jpl_frame_pt_len = 0; - TC_t* tc_sdls_processed_frame; + char *jpl_frame_pt_h = "2003001c00ff000100001880d03e000a197f0b000300020093d4ba21c4555555555555"; + uint8_t *jpl_frame_pt_b = NULL; + int jpl_frame_pt_len = 0; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); // Convert input jpl frame - hex_conversion(jpl_frame_pt_h, (char**) &jpl_frame_pt_b, &jpl_frame_pt_len); + hex_conversion(jpl_frame_pt_h, (char **)&jpl_frame_pt_b, &jpl_frame_pt_len); // Apply, save the generated frame status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - + // Process the generated frame int len = (int)enc_frame_len; - status = Crypto_TC_ProcessSecurity(ptr_enc_frame, &len, tc_sdls_processed_frame); + status = Crypto_TC_ProcessSecurity(ptr_enc_frame, &len, tc_sdls_processed_frame); Crypto_Shutdown(); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } @@ -3049,63 +3152,67 @@ UTEST(PLAINTEXT, ENCRYPT_DECRYPT) UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) { remove("sa_save_file.bin"); - int32_t status = 0; + int32_t status = 0; uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + // | Header | NIST CMAC Test Vector |FECF| + char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A" + "71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; + // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the + // LENGTH (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac + // length to be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC + // Python output MAC // 75c570016a9458a71cea6aaca6ff46971ea007ed0a84e97fd2df79f6634c3efbb62edef3d1fb6549d0c9319e2d1dea866f634f67a2006c435b5bd2a3dd314fef // Trunc to first 16 bytes // 75c570016a9458a71cea6aaca6ff4697 - char* buffer_python_mac_h = "75c570016a9458a71cea6aaca6ff4697"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "75c570016a9458a71cea6aaca6ff4697"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; // Insert key into keyring of SA 9 @@ -3136,62 +3243,67 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) { remove("sa_save_file.bin"); - int32_t status = 0; + int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | arsn | Payload | SHA 512 HMAC |FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F1939425875c570016a9458a71cea6aaca6ff46970f67"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | + // | Header |SPI | arsn | Payload | SHA 512 HMAC |FECF| + char *buffer_frame_pt_h = + "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D8" + "0B699E8006E52345FB7273B2E084407F1939425875c570016a9458a71cea6aaca6ff46970f67"; + // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH + // (including fecf) needs to be updated in the Tf Header Length is dependent on whatever the variable mac length to + // be updated in the header + // | Header |SPI| ARSN | NIST CMAC Frame Data | // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC + // Python output MAC // 75c570016a9458a71cea6aaca6ff46971ea007ed0a84e97fd2df79f6634c3efbb62edef3d1fb6549d0c9319e2d1dea866f634f67a2006c435b5bd2a3dd314fef // Trunc to first 16 bytes // 75c570016a9458a71cea6aaca6ff4697 - char* buffer_python_mac_h = "75c570016a9458a71cea6aaca6ff4697"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; + char *buffer_python_mac_h = "75c570016a9458a71cea6aaca6ff4697"; + uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; + int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; // Expose/setup SAs for testing SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; + test_association->ast = 1; + test_association->est = 0; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; + test_association->arsn_len = 4; + test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; + test_association->stmacf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ekid = 0; + test_association->akid = 136; test_association->gvcid_blk.tfvn = 0; TC_t *tc_sdls_processed_frame; diff --git a/test/unit/ut_aes_gcm_siv.c b/test/unit/ut_aes_gcm_siv.c index 27784bdb..66218cd7 100644 --- a/test/unit/ut_aes_gcm_siv.c +++ b/test/unit/ut_aes_gcm_siv.c @@ -2,14 +2,15 @@ // All Foreign Rights are Reserved to the U.S. Government. // This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, -// including, but not limited to, any warranty that the software will conform to specifications, any implied warranties -// of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the -// documentation will conform to the program, or any warranty that the software will be error free. +// including, but not limited to, any warranty that the software will conform to specifications, any implied +// warranties of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty +// that the documentation will conform to the program, or any warranty that the software will be error free. // In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or // consequential damages, arising out of, resulting from, or in any way connected with the software or its -// documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained -// from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. +// documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was +// sustained from, or arose out of the results of, or use of, the software, documentation or services provided +// hereunder. // ITC Team // NASA IV&V @@ -30,7 +31,7 @@ UTEST(AES_GCM_SIV, GET_ECS_ALGO_KEY_LEN_SIV) remove("sa_save_file.bin"); int32_t algo_keylen = -1; uint8_t crypto_algo = CRYPTO_CIPHER_AES256_GCM_SIV; - algo_keylen = Crypto_Get_ACS_Algo_Keylen(crypto_algo); + algo_keylen = Crypto_Get_ACS_Algo_Keylen(crypto_algo); ASSERT_EQ(algo_keylen, 32); Crypto_Shutdown(); } @@ -43,88 +44,93 @@ UTEST(AES_GCM_SIV, GET_ECS_ALGO_SIV) remove("sa_save_file.bin"); Crypto_Init_TC_Unit_Test(); int32_t libgcrypt_algo = -1; - int8_t crypto_algo = CRYPTO_CIPHER_AES256_GCM_SIV; + int8_t crypto_algo = CRYPTO_CIPHER_AES256_GCM_SIV; libgcrypt_algo = cryptography_if->cryptography_get_ecs_algo(crypto_algo); ASSERT_EQ(libgcrypt_algo, 9); Crypto_Shutdown(); -} +} /** * @brief Validation Test: AEAD_AES_256_GCM_SIV Test Vectors * Reference: * https://datatracker.ietf.org/doc/rfc8452/?include_text=1 C.2. Second Example - * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to generate truth data. + * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to + *generate truth data. **/ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_8_ENC_TEST_1) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // RFC supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_rfc_pt_h = "2003000c000100000000000000"; - char* buffer_rfc_aad_h = ""; - char* buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; - char* buffer_rfc_nonce_h = "030000000000000000000000"; - char* buffer_rfc_ct_h = "4fa7a4cb7d3434f8a2855b40016daccb62a454551878fc26"; - uint8_t* buffer_rfc_pt_b, *buffer_rfc_aad_b, *buffer_rfc_key_b, *buffer_rfc_nonce_b, *buffer_rfc_ct_b = NULL; - int buffer_rfc_pt_len, buffer_rfc_aad_len, buffer_rfc_key_len, buffer_rfc_nonce_len, buffer_rfc_ct_len = 0; + char *buffer_rfc_pt_h = "2003000c000100000000000000"; + char *buffer_rfc_aad_h = ""; + char *buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; + char *buffer_rfc_nonce_h = "030000000000000000000000"; + char *buffer_rfc_ct_h = "4fa7a4cb7d3434f8a2855b40016daccb62a454551878fc26"; + uint8_t *buffer_rfc_pt_b, *buffer_rfc_aad_b, *buffer_rfc_key_b, *buffer_rfc_nonce_b, *buffer_rfc_ct_b = NULL; + int buffer_rfc_pt_len, buffer_rfc_aad_len, buffer_rfc_key_len, buffer_rfc_nonce_len, buffer_rfc_ct_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 1; - test_association->est = 1; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; - test_association->acs_len = 1; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->stmacf_len = 16; + test_association->arsn_len = 0; + test_association->shsnf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 1; + test_association->est = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->stmacf_len = 16; test_association->gvcid_blk.tfvn = 0; - test_association->abm_len = 1024; + test_association->abm_len = 1024; // Insert key into keyring of SA 9 - hex_conversion(buffer_rfc_key_h, (char**) &buffer_rfc_key_b, &buffer_rfc_key_len); + hex_conversion(buffer_rfc_key_h, (char **)&buffer_rfc_key_b, &buffer_rfc_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_rfc_key_b, buffer_rfc_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_rfc_pt_h, (char**) &buffer_rfc_pt_b, &buffer_rfc_pt_len); + hex_conversion(buffer_rfc_pt_h, (char **)&buffer_rfc_pt_b, &buffer_rfc_pt_len); // Convert/Set input AAD - hex_conversion(buffer_rfc_aad_h, (char**) &buffer_rfc_aad_b, &buffer_rfc_aad_len); + hex_conversion(buffer_rfc_aad_h, (char **)&buffer_rfc_aad_b, &buffer_rfc_aad_len); memcpy(test_association->abm, buffer_rfc_aad_b + 5, buffer_rfc_aad_len); - hex_conversion(buffer_rfc_nonce_h, (char**) &buffer_rfc_nonce_b, &buffer_rfc_nonce_len); + hex_conversion(buffer_rfc_nonce_h, (char **)&buffer_rfc_nonce_b, &buffer_rfc_nonce_len); memcpy(test_association->iv, buffer_rfc_nonce_b, buffer_rfc_nonce_len); // Convert input ciphertext - hex_conversion(buffer_rfc_ct_h, (char**) &buffer_rfc_ct_b, &buffer_rfc_ct_len); + hex_conversion(buffer_rfc_ct_h, (char **)&buffer_rfc_ct_b, &buffer_rfc_ct_len); Crypto_TC_ApplySecurity(buffer_rfc_pt_b, buffer_rfc_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) @@ -137,11 +143,11 @@ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_8_ENC_TEST_1) ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_rfc_ct_b[i]); enc_data_idx++; } - //ASSERT_EQ(1,0); + // ASSERT_EQ(1,0); free(ptr_enc_frame); free(buffer_rfc_pt_b); free(buffer_rfc_aad_b); - free(buffer_rfc_nonce_b); + free(buffer_rfc_nonce_b); free(buffer_rfc_ct_b); free(buffer_rfc_key_b); } @@ -150,84 +156,89 @@ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_8_ENC_TEST_1) * @brief Validation Test: AEAD_AES_256_GCM_SIV Test Vectors * Reference: * https://datatracker.ietf.org/doc/rfc8452/?include_text=1 C.2. Second Example - * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to generate truth data. + * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to + *generate truth data. **/ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_8_DEC_TEST_1) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // rfc supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; - char* buffer_rfc_pt_h = "2003000c000100000000000000"; - char* buffer_rfc_aad_h = ""; - char* buffer_rfc_nonce_h = "030000000000000000000000"; - char* buffer_rfc_et_h = "2003002a0000090300000000000000000000004fa7a4cb7d3434f8a2855b40016daccb62a454551878fc26"; - uint8_t* buffer_rfc_pt_b, *buffer_rfc_nonce_b, *buffer_rfc_et_b, *buffer_rfc_key_b, *buffer_rfc_aad_b = NULL; - int buffer_rfc_pt_len, buffer_rfc_nonce_len, buffer_rfc_et_len, buffer_rfc_key_len, buffer_rfc_aad_len = 0; + char *buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; + char *buffer_rfc_pt_h = "2003000c000100000000000000"; + char *buffer_rfc_aad_h = ""; + char *buffer_rfc_nonce_h = "030000000000000000000000"; + char *buffer_rfc_et_h = "2003002a0000090300000000000000000000004fa7a4cb7d3434f8a2855b40016daccb62a454551878fc26"; + uint8_t *buffer_rfc_pt_b, *buffer_rfc_nonce_b, *buffer_rfc_et_b, *buffer_rfc_key_b, *buffer_rfc_aad_b = NULL; + int buffer_rfc_pt_len, buffer_rfc_nonce_len, buffer_rfc_et_len, buffer_rfc_key_len, buffer_rfc_aad_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_rfc_processed_frame; + TC_t *tc_rfc_processed_frame; tc_rfc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->arsn_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 1; - test_association->est = 1; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; - test_association->stmacf_len = 16; - test_association->shsnf_len = 0; + test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 1; + test_association->est = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; + test_association->stmacf_len = 16; + test_association->shsnf_len = 0; test_association->gvcid_blk.tfvn = 0; - test_association->abm_len = 1024; + test_association->abm_len = 1024; // Insert key into keyring of SA 9 - hex_conversion(buffer_rfc_key_h, (char**) &buffer_rfc_key_b, &buffer_rfc_key_len); + hex_conversion(buffer_rfc_key_h, (char **)&buffer_rfc_key_b, &buffer_rfc_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_rfc_key_b, buffer_rfc_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_rfc_pt_h, (char**) &buffer_rfc_pt_b, &buffer_rfc_pt_len); + hex_conversion(buffer_rfc_pt_h, (char **)&buffer_rfc_pt_b, &buffer_rfc_pt_len); // Convert/Set input nonce - hex_conversion(buffer_rfc_nonce_h, (char**) &buffer_rfc_nonce_b, &buffer_rfc_nonce_len); + hex_conversion(buffer_rfc_nonce_h, (char **)&buffer_rfc_nonce_b, &buffer_rfc_nonce_len); memcpy(test_association->iv, buffer_rfc_nonce_b, buffer_rfc_nonce_len); - hex_conversion(buffer_rfc_aad_h, (char**) &buffer_rfc_aad_b, &buffer_rfc_aad_len); + hex_conversion(buffer_rfc_aad_h, (char **)&buffer_rfc_aad_b, &buffer_rfc_aad_len); // Convert input encryptedtext - hex_conversion(buffer_rfc_et_h, (char**) &buffer_rfc_et_b, &buffer_rfc_et_len); + hex_conversion(buffer_rfc_et_h, (char **)&buffer_rfc_et_b, &buffer_rfc_et_len); ASSERT_EQ(0, Crypto_TC_ProcessSecurity(buffer_rfc_et_b, &buffer_rfc_et_len, tc_rfc_processed_frame)); for (int i = 0; i < tc_rfc_processed_frame->tc_pdu_len; i++) { - + if (buffer_rfc_pt_b[i + 5] != tc_rfc_processed_frame->tc_pdu[i]) { printf("[%d]: %02x -> %02x \n", i, buffer_rfc_pt_b[i + 5], tc_rfc_processed_frame->tc_pdu[i]); @@ -247,77 +258,82 @@ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_8_DEC_TEST_1) * @brief Validation Test: AEAD_AES_256_GCM_SIV Test Vectors * Reference: * https://datatracker.ietf.org/doc/rfc8452/?include_text=1 C.2. - * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to generate truth data. + * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to + *generate truth data. **/ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_8_ENC_TEST_2) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // RFC supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_rfc_pt_h = "2003001000010000000000000000000000"; - char* buffer_rfc_aad_h = ""; - char* buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; - char* buffer_rfc_nonce_h = "030000000000000000000000"; - char *buffer_rfc_ct_h = "08fbd140589f067e2772b4a1480eefe49f5ec5c2e65c135e1ad51c58"; - uint8_t* buffer_rfc_pt_b, *buffer_rfc_aad_b, *buffer_rfc_key_b, *buffer_rfc_nonce_b, *buffer_rfc_ct_b = NULL; - int buffer_rfc_pt_len, buffer_rfc_aad_len, buffer_rfc_key_len, buffer_rfc_nonce_len, buffer_rfc_ct_len = 0; + char *buffer_rfc_pt_h = "2003001000010000000000000000000000"; + char *buffer_rfc_aad_h = ""; + char *buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; + char *buffer_rfc_nonce_h = "030000000000000000000000"; + char *buffer_rfc_ct_h = "08fbd140589f067e2772b4a1480eefe49f5ec5c2e65c135e1ad51c58"; + uint8_t *buffer_rfc_pt_b, *buffer_rfc_aad_b, *buffer_rfc_key_b, *buffer_rfc_nonce_b, *buffer_rfc_ct_b = NULL; + int buffer_rfc_pt_len, buffer_rfc_aad_len, buffer_rfc_key_len, buffer_rfc_nonce_len, buffer_rfc_ct_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->arsn_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 1; - test_association->est = 1; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; - test_association->acs_len = 1; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->stmacf_len = 16; - test_association->shsnf_len = 0; + test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 1; + test_association->est = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->stmacf_len = 16; + test_association->shsnf_len = 0; test_association->gvcid_blk.tfvn = 0; - test_association->abm_len = 1024; + test_association->abm_len = 1024; // Insert key into keyring of SA 9 - hex_conversion(buffer_rfc_key_h, (char**) &buffer_rfc_key_b, &buffer_rfc_key_len); + hex_conversion(buffer_rfc_key_h, (char **)&buffer_rfc_key_b, &buffer_rfc_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_rfc_key_b, buffer_rfc_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_rfc_pt_h, (char**) &buffer_rfc_pt_b, &buffer_rfc_pt_len); + hex_conversion(buffer_rfc_pt_h, (char **)&buffer_rfc_pt_b, &buffer_rfc_pt_len); // Convert/Set input AAD - hex_conversion(buffer_rfc_aad_h, (char**) &buffer_rfc_aad_b, &buffer_rfc_aad_len); + hex_conversion(buffer_rfc_aad_h, (char **)&buffer_rfc_aad_b, &buffer_rfc_aad_len); memcpy(test_association->abm, buffer_rfc_aad_b + 5, buffer_rfc_aad_len); - hex_conversion(buffer_rfc_nonce_h, (char**) &buffer_rfc_nonce_b, &buffer_rfc_nonce_len); + hex_conversion(buffer_rfc_nonce_h, (char **)&buffer_rfc_nonce_b, &buffer_rfc_nonce_len); memcpy(test_association->iv, buffer_rfc_nonce_b, buffer_rfc_nonce_len); // Convert input ciphertext - hex_conversion(buffer_rfc_ct_h, (char**) &buffer_rfc_ct_b, &buffer_rfc_ct_len); + hex_conversion(buffer_rfc_ct_h, (char **)&buffer_rfc_ct_b, &buffer_rfc_ct_len); Crypto_TC_ApplySecurity(buffer_rfc_pt_b, buffer_rfc_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) @@ -333,7 +349,7 @@ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_8_ENC_TEST_2) free(ptr_enc_frame); free(buffer_rfc_pt_b); free(buffer_rfc_aad_b); - free(buffer_rfc_nonce_b); + free(buffer_rfc_nonce_b); free(buffer_rfc_ct_b); free(buffer_rfc_key_b); } @@ -342,78 +358,83 @@ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_8_ENC_TEST_2) * @brief Validation Test: AEAD_AES_256_GCM_SIV Test Vectors * Reference: * https://datatracker.ietf.org/doc/rfc8452/?include_text=1 C.2. - * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to generate truth data. + * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to + *generate truth data. **/ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_20_WITH_AAD_ENC_TEST_1) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib // Crypto_Init_TC_Unit_Test(); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_FALSE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // RFC8452 supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_rfc_pt_h = "20030018000300000000000000000000000000000004000000"; - char* buffer_rfc_aad_h = "010000000000000000000000000000000200"; - char* buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; - char* buffer_rfc_nonce_h = "030000000000000000000000"; - char* buffer_rfc_ct_h = "e6e883db43a9ef98fa6271cb7d4834139acf479e3b910775e769286f3f59d2e588f69b06"; - uint8_t* buffer_rfc_pt_b, *buffer_rfc_aad_b, *buffer_rfc_key_b, *buffer_rfc_nonce_b, *buffer_rfc_ct_b = NULL; - int buffer_rfc_pt_len, buffer_rfc_aad_len, buffer_rfc_key_len, buffer_rfc_nonce_len, buffer_rfc_ct_len = 0; + char *buffer_rfc_pt_h = "20030018000300000000000000000000000000000004000000"; + char *buffer_rfc_aad_h = "010000000000000000000000000000000200"; + char *buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; + char *buffer_rfc_nonce_h = "030000000000000000000000"; + char *buffer_rfc_ct_h = "e6e883db43a9ef98fa6271cb7d4834139acf479e3b910775e769286f3f59d2e588f69b06"; + uint8_t *buffer_rfc_pt_b, *buffer_rfc_aad_b, *buffer_rfc_key_b, *buffer_rfc_nonce_b, *buffer_rfc_ct_b = NULL; + int buffer_rfc_pt_len, buffer_rfc_aad_len, buffer_rfc_key_len, buffer_rfc_nonce_len, buffer_rfc_ct_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->arsn_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 1; - test_association->est = 1; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; - test_association->acs_len = 1; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->stmacf_len = 16; - test_association->shsnf_len = 0; + test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 1; + test_association->est = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->stmacf_len = 16; + test_association->shsnf_len = 0; test_association->gvcid_blk.tfvn = 0; - test_association->abm_len = 1024; + test_association->abm_len = 1024; // Insert key into keyring of SA 9 - hex_conversion(buffer_rfc_key_h, (char**) &buffer_rfc_key_b, &buffer_rfc_key_len); + hex_conversion(buffer_rfc_key_h, (char **)&buffer_rfc_key_b, &buffer_rfc_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_rfc_key_b, buffer_rfc_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_rfc_pt_h, (char**) &buffer_rfc_pt_b, &buffer_rfc_pt_len); + hex_conversion(buffer_rfc_pt_h, (char **)&buffer_rfc_pt_b, &buffer_rfc_pt_len); // Convert/Set input AAD - hex_conversion(buffer_rfc_aad_h, (char**) &buffer_rfc_aad_b, &buffer_rfc_aad_len); + hex_conversion(buffer_rfc_aad_h, (char **)&buffer_rfc_aad_b, &buffer_rfc_aad_len); memcpy(test_association->abm, buffer_rfc_aad_b, buffer_rfc_aad_len); - hex_conversion(buffer_rfc_nonce_h, (char**) &buffer_rfc_nonce_b, &buffer_rfc_nonce_len); + hex_conversion(buffer_rfc_nonce_h, (char **)&buffer_rfc_nonce_b, &buffer_rfc_nonce_len); memcpy(test_association->iv, buffer_rfc_nonce_b, buffer_rfc_nonce_len); // Convert input ciphertext - hex_conversion(buffer_rfc_ct_h, (char**) &buffer_rfc_ct_b, &buffer_rfc_ct_len); + hex_conversion(buffer_rfc_ct_h, (char **)&buffer_rfc_ct_b, &buffer_rfc_ct_len); Crypto_TC_ApplySecurity(buffer_rfc_pt_b, buffer_rfc_pt_len, &ptr_enc_frame, &enc_frame_len); // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) @@ -429,7 +450,7 @@ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_20_WITH_AAD_ENC_TEST_1) free(ptr_enc_frame); free(buffer_rfc_pt_b); free(buffer_rfc_aad_b); - free(buffer_rfc_nonce_b); + free(buffer_rfc_nonce_b); free(buffer_rfc_ct_b); free(buffer_rfc_key_b); } @@ -438,70 +459,76 @@ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_20_WITH_AAD_ENC_TEST_1) * @brief Validation Test: AEAD_AES_256_GCM_SIV Test Vectors * Reference: * https://datatracker.ietf.org/doc/rfc8452/?include_text=1 C.2. Second Example - * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to generate truth data. + * Recreated test vectors with https://github.com/line/aes-gcm-siv/tree/master, then input CryptoLib test vectors to + *generate truth data. **/ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_20_WITH_AAD_DEC_TEST_1) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // rfc supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_rfc_pt_h = "20030018000300000000000000000000000000000004000000"; - char* buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; - char* buffer_rfc_et_h = "20030036000009030000000000000000000000e6e883db43a9ef98fa6271cb7d4834139acf479e3b910775e769286f3f59d2e588f69b06"; - uint8_t* buffer_rfc_pt_b, *buffer_rfc_et_b, *buffer_rfc_key_b = NULL; - int buffer_rfc_pt_len, buffer_rfc_et_len, buffer_rfc_key_len = 0; + char *buffer_rfc_pt_h = "20030018000300000000000000000000000000000004000000"; + char *buffer_rfc_key_h = "0100000000000000000000000000000000000000000000000000000000000000"; + char *buffer_rfc_et_h = "20030036000009030000000000000000000000e6e883db43a9ef98fa6271cb7d4834139acf479e3b910775e769" + "286f3f59d2e588f69b06"; + uint8_t *buffer_rfc_pt_b, *buffer_rfc_et_b, *buffer_rfc_key_b = NULL; + int buffer_rfc_pt_len, buffer_rfc_et_len, buffer_rfc_key_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_rfc_processed_frame; + TC_t *tc_rfc_processed_frame; tc_rfc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->arsn_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 1; - test_association->est = 1; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; - test_association->stmacf_len = 16; - test_association->shsnf_len = 0; + test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 1; + test_association->est = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM_SIV; + test_association->stmacf_len = 16; + test_association->shsnf_len = 0; test_association->gvcid_blk.tfvn = 0; - test_association->abm_len = 1024; + test_association->abm_len = 1024; // Insert key into keyring of SA 9 - hex_conversion(buffer_rfc_key_h, (char**) &buffer_rfc_key_b, &buffer_rfc_key_len); + hex_conversion(buffer_rfc_key_h, (char **)&buffer_rfc_key_b, &buffer_rfc_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_rfc_key_b, buffer_rfc_key_len); // Convert input plaintext - hex_conversion(buffer_rfc_pt_h, (char**) &buffer_rfc_pt_b, &buffer_rfc_pt_len); + hex_conversion(buffer_rfc_pt_h, (char **)&buffer_rfc_pt_b, &buffer_rfc_pt_len); // Convert input encryptedtext - hex_conversion(buffer_rfc_et_h, (char**) &buffer_rfc_et_b, &buffer_rfc_et_len); + hex_conversion(buffer_rfc_et_h, (char **)&buffer_rfc_et_b, &buffer_rfc_et_len); Crypto_TC_ProcessSecurity(buffer_rfc_et_b, &buffer_rfc_et_len, tc_rfc_processed_frame); @@ -513,7 +540,7 @@ UTEST(AES_GCM_SIV, AES_GCM_SIV_256_KEY_32_PT_20_WITH_AAD_DEC_TEST_1) } ASSERT_EQ(buffer_rfc_pt_b[i + 5], tc_rfc_processed_frame->tc_pdu[i]); } - + Crypto_Shutdown(); free(ptr_enc_frame); free(buffer_rfc_pt_b); diff --git a/test/unit/ut_aos_apply.c b/test/unit/ut_aos_apply.c index e54349ce..5e24af1e 100644 --- a/test/unit/ut_aos_apply.c +++ b/test/unit/ut_aos_apply.c @@ -2,14 +2,15 @@ // All Foreign Rights are Reserved to the U.S. Government. // This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, -// including, but not limited to, any warranty that the software will conform to specifications, any implied warranties -// of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the -// documentation will conform to the program, or any warranty that the software will be error free. +// including, but not limited to, any warranty that the software will conform to specifications, any implied +// warranties of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty +// that the documentation will conform to the program, or any warranty that the software will be error free. // In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or // consequential damages, arising out of, resulting from, or in any way connected with the software or its -// documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained -// from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. +// documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was +// sustained from, or arose out of the results of, or use of, the software, documentation or services provided +// hereunder. // ITC Team // NASA IV&V @@ -31,24 +32,26 @@ UTEST(AOS_APPLY, NULL_BUFFER) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; + int32_t status = CRYPTO_LIB_ERROR; uint8_t *ingest = NULL; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {0, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 0, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_AOS_ApplySecurity(&ingest[0]); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_BUFFER, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NULL_BUFFER",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NULL_BUFFER", error_enum); Crypto_Shutdown(); } @@ -58,15 +61,15 @@ UTEST(AOS_APPLY, NULL_BUFFER) UTEST(AOS_APPLY, NO_CONFIG) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; + int32_t status = CRYPTO_LIB_ERROR; uint8_t ingest[1786] = {0}; status = Crypto_AOS_ApplySecurity(&ingest[0]); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); Crypto_Shutdown(); } @@ -81,37 +84,70 @@ UTEST(AOS_APPLY, NO_INIT) int32_t status = CRYPTO_LIB_ERROR; // No Crypto_Init(), but we still Configure It: - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Test frame setup // 6 byte header, 2 byte blank SPI, data, FECF - char* test_aos_h = "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Bit math to give concise access to values already set in the static transfer frame - //TFVN Mask (2 bits) = 1100 0000 = 0xCO + // TFVN Mask (2 bits) = 1100 0000 = 0xCO aos_frame_pri_hdr.tfvn = ((uint8_t)test_aos_b[0] & 0xC0) >> 6; - //SCID Mask (8 bits) = 0011 1111 1100 0000 = 0x3F 0xC0 + // SCID Mask (8 bits) = 0011 1111 1100 0000 = 0x3F 0xC0 aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); - //VCID Mask (6 bits) = 0011 1111 = 0x3F + // VCID Mask (6 bits) = 0011 1111 = 0x3F aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); // Sanity checks on the above bit math // Note: This is only checked in this UT, as the bit math is duplicated in other tests - ASSERT_EQ(aos_frame_pri_hdr.tfvn, 0x01); //TFVN - AOS Version 2 is seto to '0b01' per protocol - ASSERT_EQ(aos_frame_pri_hdr.scid, 0x03); //SCID 3 - ASSERT_EQ(aos_frame_pri_hdr.vcid, 0x00); //VCID 0 + ASSERT_EQ(aos_frame_pri_hdr.tfvn, 0x01); // TFVN - AOS Version 2 is seto to '0b01' per protocol + ASSERT_EQ(aos_frame_pri_hdr.scid, 0x03); // SCID 3 + ASSERT_EQ(aos_frame_pri_hdr.vcid, 0x00); // VCID 0 - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(test_aos_b); Crypto_Shutdown(); @@ -134,15 +170,81 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF) // Test Frame Setup // 6 byte header, 2 byte blank SPI, data, FECF - char* test_aos_h = "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Truth frame setup - char* truth_aos_h = "40C000000000000A112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA778A1E133306963F1D9DCA32D6D60C23966A"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "40C000000000000A112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAA778A1E133306963F1D9DCA32D6D60C23966A"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -150,15 +252,15 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_SUCCESS",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { - printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); + printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); + ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); } free(test_aos_b); @@ -179,26 +281,94 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) int32_t status = CRYPTO_LIB_ERROR; // Oddball setup that ensures FECF is left blank - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_FALSE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, TM_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, TM_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); // Test Frame Setup // 6 byte header, 2 byte blank SPI, data, FECF - char* test_aos_h = "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAAFFFF"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAAFFFF"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Truth frame setup - char* truth_aos_h = "40C000000000000A112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA3756F72DE2633CF59B14F1D89A5A7C67BBAABBAA0000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "40C000000000000A112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAA3756F72DE2633CF59B14F1D89A5A7C67BBAABBAA0000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -206,20 +376,19 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_SUCCESS",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { - printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); + printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); + ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); } - free(test_aos_b); Crypto_Shutdown(); } @@ -236,27 +405,95 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_FECF) remove("sa_save_file.bin"); // Configure, Add Managed Params, and Init int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_HAS_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, AOS_HAS_FHEC, AOS_NO_IZ, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_HAS_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, + // AOS_HAS_FHEC, AOS_NO_IZ, 0); status = Crypto_Init(); // Test Frame Setup // 8 byte header (Including FHEC stubbed as 0x8888), 2 byte blank SPI, data, FECF - char* test_aos_h = "40C00000000088880000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAAFFFF"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C00000000088880000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAAFFFF"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Truth frame setup - char* truth_aos_h = "40C0000000008888000A112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA3756F72DE2633CF59B14F1D89A5A7C67BBAABBAAD055"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "40C0000000008888000A112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAA3756F72DE2633CF59B14F1D89A5A7C67BBAABBAAD055"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -264,17 +501,17 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_FECF) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_SUCCESS",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); } free(test_aos_b); @@ -284,38 +521,105 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_FECF) /** * *** TODO: Revisit this when fleshing out Insert Zone functionality further * This might be OK as is, leaves incoming Insert Zone unmodified - * @brief Unit Test: Nominal Setup, AOS Pri Hdr w/ Frame Hdr Error Control field present, and insert zone present (6 bytes) - * This should call apply_security on the referenced AOS frame - * and continue down the "happy path", finally returning CRYPTOLIB_SUCCESS - * The Provided buffer should remain unchanged, except for filling in the SPI, - * and the FECF should be left zero'ed out + * @brief Unit Test: Nominal Setup, AOS Pri Hdr w/ Frame Hdr Error Control field present, and insert zone present (6 + *bytes) This should call apply_security on the referenced AOS frame and continue down the "happy path", finally + *returning CRYPTOLIB_SUCCESS The Provided buffer should remain unchanged, except for filling in the SPI, and the FECF + *should be left zero'ed out **/ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_OID_FECF) { remove("sa_save_file.bin"); // Configure, Add Managed Params, and Init int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_HAS_FHEC, AOS_HAS_IZ, 6, AOS_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, AOS_HAS_FHEC, AOS_HAS_IZ, 6); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_HAS_FHEC, AOS_HAS_IZ, 6, AOS_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, + // AOS_HAS_FHEC, AOS_HAS_IZ, 6); status = Crypto_Init(); // Test Frame Setup // 8 byte header (Including FHEC stubbed as 0x8888), 2 byte blank SPI, data, FECF - char* test_aos_h = "40C00000000088886666666666660000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAAFFFF"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C00000000088886666666666660000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAAFFFF"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Truth frame setup - char* truth_aos_h = "40C0000000008888666666666666000E112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA748e"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "40C0000000008888666666666666000E112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA748e"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -323,17 +627,17 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_OID_FECF) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_SUCCESS",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)truth_aos_b[i]); - //ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); + // ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); } free(test_aos_b); @@ -351,31 +655,99 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_1) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; - SaInterface sa_if = get_sa_interface_inmemory(); + SaInterface sa_if = get_sa_interface_inmemory(); // Configure, Add Managed Params, and Init - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_NO_IZ, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_NO_IZ, 0); status = Crypto_Init(); // Test Frame Setup // 6 byte header, 2 byte blank SPI, data, 16 byte MAC, FECF - char* test_aos_h = "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD0000"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD0000"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Truth frame setup - char* truth_aos_h = "40C000000000000A112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA778A1E133306963F1D9DCA32D6D60C23966A"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "40C000000000000A112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAA778A1E133306963F1D9DCA32D6D60C23966A"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -392,17 +764,17 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_1) sa_if->sa_get_from_spi(15, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_SUCCESS",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); } free(test_aos_b); @@ -420,31 +792,99 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_0) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; - SaInterface sa_if = get_sa_interface_inmemory(); + SaInterface sa_if = get_sa_interface_inmemory(); // Configure, Add Managed Params, and Init - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_NO_IZ, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_NO_IZ, 0); status = Crypto_Init(); // Test Frame Setup // 6 byte header, 2 byte blank SPI, data, 16 byte MAC, FECF - char* test_aos_h = "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD0000"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAADDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD0000"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Truth frame setup - char* truth_aos_h = "40C000000000000B112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA5DB19EB46F096B17BBE72C50448218D93872"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "40C000000000000B112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAA5DB19EB46F096B17BBE72C50448218D93872"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -453,24 +893,24 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_0) aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); // Expose/setup SA for testing - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->akid = 130; - sa_ptr->ekid = 0; - sa_ptr->est = 0; - sa_ptr->ast = 1; - sa_ptr->acs_len = 1; - sa_ptr->ecs_len = 0; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->stmacf_len = 16; - sa_ptr->abm_len = ABM_SIZE; + sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->akid = 130; + sa_ptr->ekid = 0; + sa_ptr->est = 0; + sa_ptr->ast = 1; + sa_ptr->acs_len = 1; + sa_ptr->ecs_len = 0; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->stmacf_len = 16; + sa_ptr->abm_len = ABM_SIZE; sa_ptr->gvcid_blk.scid = SCID & 0x3FF; - sa_ptr->iv_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->shsnf_len = 0; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones // sa_if->sa_get_from_spi(10, &sa_ptr); @@ -485,20 +925,19 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_0) // sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; // sa_ptr->stmacf_len = 16; // sa_ptr->abm_len = ABM_SIZE; - memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_SUCCESS",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { - //printf("%d: Checking %02x against %02X\n", i, (uint8_t)test_aos_b[i], (uint8_t)truth_aos_b[i]); + // printf("%d: Checking %02x against %02X\n", i, (uint8_t)test_aos_b[i], (uint8_t)truth_aos_b[i]); ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)truth_aos_b[i]); } @@ -517,33 +956,101 @@ UTEST(AOS_APPLY, AES_GCM) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; - SaInterface sa_if = get_sa_interface_inmemory(); + SaInterface sa_if = get_sa_interface_inmemory(); // Configure, Add Managed Params, and Init - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_NO_IZ, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_NO_IZ, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - + status = Crypto_Init(); // Test Frame Setup // 6 byte header, 2 byte blank SPI, 16 byte blank IV (CCC...), data, FECF // | Header |SPI| - char* test_aos_h = "40C0000000000000CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C0000000000000CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Truth frame setup - char* truth_aos_h = "40C000000000000ACCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA778A1E133306963F1D9DCA32D6D60C23C5D4"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "40C000000000000ACCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAA778A1E133306963F1D9DCA32D6D60C23C5D4"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -558,21 +1065,21 @@ UTEST(AOS_APPLY, AES_GCM) // Configure SA 16 on sa_if->sa_get_from_spi(11, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; sa_ptr->shplf_len = 0; - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_SUCCESS",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); } free(test_aos_b); @@ -585,39 +1092,108 @@ UTEST(AOS_APPLY, AES_GCM) * finally returning CRYPTOLIB_SUCCESS * The Provided buffer should be returned encrypted, also filling in the SPI and FECF * Utilizes an authentication bitmask of ones - * Sanity check: https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'40C000000000001100000000000000000000000000000000'%7D)AES_Decrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'48caf5a6921559a2384174c025a04874'%7D,%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D/disabled)&input=MTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI + * Sanity check: + *https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'40C000000000001100000000000000000000000000000000'%7D)AES_Decrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'48caf5a6921559a2384174c025a04874'%7D,%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D/disabled)&input=MTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI **/ UTEST(AOS_APPLY, AEAD_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; - SaInterface sa_if = get_sa_interface_inmemory(); + SaInterface sa_if = get_sa_interface_inmemory(); // Configure, Add Managed Params, and Init - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_NO_IZ, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_NO_IZ, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - + status = Crypto_Init(); // Test Frame Setup // 6 byte header, 2 byte blank SPI, 16 byte blank IV (CCC...), data, MAC, FECF // | Header |SPI| - char* test_aos_h = "40C0000000000000CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000"; - char* test_aos_b = NULL; - int test_aos_len = 0; + char *test_aos_h = + "40C0000000000000CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2AABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000"; + char *test_aos_b = NULL; + int test_aos_len = 0; hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); // Truth frame setup - char* truth_aos_h = "40C000000000000B00000000000000000000000000000000000032B9721EB04D75174AAAFF34EB9F942F5C0707A3C4918FF016B9107B12316E6C03EF5DDC68BA35152893EF7B9A8764D2A908F3C6CEBC23AC94290EA45455C67779B7BA49A899049613F80BEF44DC60E0AB41C63AAC0DDD50438010FF0B28D57FDC9B6EFA412555717700328C20013CD7260A1F3043CC210F2379C1B54F0ADA49668753F992A7B37457185AB28EA1DF00A28D58183D8A277148F662F5698143200B574E28AB766549401D18937E0FB491EB4D8C4A8766FCF29F57ED22EF9C212E8438D04D3AFC5D968D4AECBDC97301B520F1E2943A2689278BF0321A5FC4BF77F042646419FBC66F94CCBD915F9B518DDB9A8C2DFE1CC0C1389ADCACB0CCB227C77FF7A48E3E01EEB7C5AE88994A8193A92DC31D8B55B113D571421B8650F37F69A7F9E8258CE9F709A815FC10217FF8FC2B298265FEF52F4FC3ADC439852146673E8CD0C283EF3CC3ED7C8DBA8F256B34928D16AB56002ABC1722A7A4E18339AF96720DD0429D3E7F68F8CE1E09C749AC9A2BD54A287DEFBCC0611DB3FD84DCAF29F4FD102D65DC79C1124AA864D283E4007A770B839AE002D2DBDD910B95DAC2E9C2CD3362F1D4361C747759B59CA07E971F5B27FF6F9868CB5024F51F7843150B1C07A7E40DE76408A91B563A5DE4705C4B1A09CC644A6D9C72827F52CF34B2DCE1C12068BFAC4DD94EB0DD1D12EACC351CC969C756708DAE276B6F597F463D4727D6B6C8A406D474B456486C200A78001894A4E6D4C56815B7E7788F82D13FB6448C5AB85C028935F8FE1951BC2F20BECBBB60E6ABAB9924C479552A1CBA01B5E51152071ECF8870129ADA932BA461ABD1F718F06200B7A1FCBA5EDF89E9CE148085282E4018F677E7AE6F30D8B5550BDEE1DEC39749C59215220DA1D893CB922D85DE7B6BBCD9F3B787A78CE58FEDC6FEBCEC3F84AC2B8BA714D330F19A4E70E2BEE3587A6D98E89B67BB214007331D41053DEB5581807E6B7A9623928391C28B513C96EE6F6A0E60A7B352D207216F93A07160BC09F88B459ABDD5FC759CE58D7FBEDB1CA675A89D64B8F842070DA7C295530A562E84C7910C4502CACF5262BABA2378D1EBCF94BA77B8AFFB0C23573687CBD1135E55BCF808397A4F83599F43A40BCB0CFA1621D8A3F77A8A2D64CBA4085DE543DA737FB5C8534A39F7C86B8C82C4D70C0EC13FFB09C3A53149CF7542BABD0074651AF2D243C6380E9CE6BAC1D35F81AD9EACBCD23D20853F93E18E65E2EE64F31F486C96C027889A85C88261B9C7D2FFCE55412DDD3C6C471B2D179E9805EA76B867DA04C2AF303AD458A37702002B418168BC08F4BAC37576F37460D89E06F359F20BC4A1E598B14A60F29634465F8B167AE44C457E861DAD0983910A7B5A5AD6F2A93632DE340CDE2AEFF1DA2A9D45B40B88C4363F9074B7DE9A3A14B458C180181D9A6B732450E3A38453FFDD0325AD063129E9EDA1EF05502710E3C344619F5B21B698FD83B2E6AA397D91988997C3E48FCEF4F031128A3F1F7EDF6EB90CC04A05D70BED1D225104DE864A53DA42AD22CD400D7BBD96E0F29E59396D5FCF99A9B33BA102311C5C985618AD1779BD4EE17BCC4D39FE2675F2B7E40AB408347465625A1BC284C91FF997109DF1B0A824A0BE5656A56100FA121D3DB3BA66DE22108DEDB5AAACF308C23777DF8B3CA6B8F0E1E2ECEE33B1A3DE7C354E1D4CF561B51134B8E3F652D0EC737B10FA25382455D2CFF9A63983D9B3C5EAF1DA3CFD3ACB463AB5B0357A900220C91F4169A201FA8181B98307A281CE73760534E98F62DB627F58959279AF0FDB5DD4D2127CE3CDFF4DB759C088E75A8AA683B3A6FA6CCD4BF52E24ADC8A8B6E5A8A9C582E849777BE5CEE7B3CFD7B5DB819DC76E89C9954B720A2FDEE5D4F436B1745BF626994994534E7691CB3F42E5F703FF9DBE53F5C34DFD988F6699F0743E1BB0427D599CE49E641A6A72B0462C5CE1F2FCB4D9248CBBF117378DD5E68BBA5271DF26A3336AD06B6EFA3AC73019515A8C5FD7DB8C5B3D812B25C12CA4C79115C4324698F70B33FD64E89791A1938DAE814779D8720B4046C28C62C0BA6F449BF7DFC944828FB68A91E6347CD38EAE10ABDAC609F87807309F50D2EA330E4A8BD49FA2AA785FCED71B8B409E283AB86C453125C06DAB315FB83463766D2A7BE97292E102EA426AB9550C0A9E754398C9D0256266E2789B921BB93FAF8032919FA014FE307413DFF5DC6FE14B05E0F96A4B77FA826B4E6CEC615EA7BC782D81D850B2F5942B059BCB8378CF84943A503C5C8ED9831031924047D1D7FC079136004424FCAE5EE4A63B2E447325D79354D715099463C2B263B989AC7B528AC5B9C7513A39371F90FDF6AAE1DCE4B3B3892512398DA171E90C2BFCE9A5B93CDCBCEFC24B97B9A7CE5C46910E6609B04771E8A12F1D1541B606F05F83F369C74DD00A6F16366A7883141E78B05B531C8C2F145949C47BEC9E968C909967D2"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "40C000000000000B00000000000000000000000000000000000032B9721EB04D75174AAAFF34EB9F942F5C0707A3C4918FF016B9107B12" + "316E6C03EF5DDC68BA35152893EF7B9A8764D2A908F3C6CEBC23AC94290EA45455C67779B7BA49A899049613F80BEF44DC60E0AB41C63A" + "AC0DDD50438010FF0B28D57FDC9B6EFA412555717700328C20013CD7260A1F3043CC210F2379C1B54F0ADA49668753F992A7B37457185A" + "B28EA1DF00A28D58183D8A277148F662F5698143200B574E28AB766549401D18937E0FB491EB4D8C4A8766FCF29F57ED22EF9C212E8438" + "D04D3AFC5D968D4AECBDC97301B520F1E2943A2689278BF0321A5FC4BF77F042646419FBC66F94CCBD915F9B518DDB9A8C2DFE1CC0C138" + "9ADCACB0CCB227C77FF7A48E3E01EEB7C5AE88994A8193A92DC31D8B55B113D571421B8650F37F69A7F9E8258CE9F709A815FC10217FF8" + "FC2B298265FEF52F4FC3ADC439852146673E8CD0C283EF3CC3ED7C8DBA8F256B34928D16AB56002ABC1722A7A4E18339AF96720DD0429D" + "3E7F68F8CE1E09C749AC9A2BD54A287DEFBCC0611DB3FD84DCAF29F4FD102D65DC79C1124AA864D283E4007A770B839AE002D2DBDD910B" + "95DAC2E9C2CD3362F1D4361C747759B59CA07E971F5B27FF6F9868CB5024F51F7843150B1C07A7E40DE76408A91B563A5DE4705C4B1A09" + "CC644A6D9C72827F52CF34B2DCE1C12068BFAC4DD94EB0DD1D12EACC351CC969C756708DAE276B6F597F463D4727D6B6C8A406D474B456" + "486C200A78001894A4E6D4C56815B7E7788F82D13FB6448C5AB85C028935F8FE1951BC2F20BECBBB60E6ABAB9924C479552A1CBA01B5E5" + "1152071ECF8870129ADA932BA461ABD1F718F06200B7A1FCBA5EDF89E9CE148085282E4018F677E7AE6F30D8B5550BDEE1DEC39749C592" + "15220DA1D893CB922D85DE7B6BBCD9F3B787A78CE58FEDC6FEBCEC3F84AC2B8BA714D330F19A4E70E2BEE3587A6D98E89B67BB21400733" + "1D41053DEB5581807E6B7A9623928391C28B513C96EE6F6A0E60A7B352D207216F93A07160BC09F88B459ABDD5FC759CE58D7FBEDB1CA6" + "75A89D64B8F842070DA7C295530A562E84C7910C4502CACF5262BABA2378D1EBCF94BA77B8AFFB0C23573687CBD1135E55BCF808397A4F" + "83599F43A40BCB0CFA1621D8A3F77A8A2D64CBA4085DE543DA737FB5C8534A39F7C86B8C82C4D70C0EC13FFB09C3A53149CF7542BABD00" + "74651AF2D243C6380E9CE6BAC1D35F81AD9EACBCD23D20853F93E18E65E2EE64F31F486C96C027889A85C88261B9C7D2FFCE55412DDD3C" + "6C471B2D179E9805EA76B867DA04C2AF303AD458A37702002B418168BC08F4BAC37576F37460D89E06F359F20BC4A1E598B14A60F29634" + "465F8B167AE44C457E861DAD0983910A7B5A5AD6F2A93632DE340CDE2AEFF1DA2A9D45B40B88C4363F9074B7DE9A3A14B458C180181D9A" + "6B732450E3A38453FFDD0325AD063129E9EDA1EF05502710E3C344619F5B21B698FD83B2E6AA397D91988997C3E48FCEF4F031128A3F1F" + "7EDF6EB90CC04A05D70BED1D225104DE864A53DA42AD22CD400D7BBD96E0F29E59396D5FCF99A9B33BA102311C5C985618AD1779BD4EE1" + "7BCC4D39FE2675F2B7E40AB408347465625A1BC284C91FF997109DF1B0A824A0BE5656A56100FA121D3DB3BA66DE22108DEDB5AAACF308" + "C23777DF8B3CA6B8F0E1E2ECEE33B1A3DE7C354E1D4CF561B51134B8E3F652D0EC737B10FA25382455D2CFF9A63983D9B3C5EAF1DA3CFD" + "3ACB463AB5B0357A900220C91F4169A201FA8181B98307A281CE73760534E98F62DB627F58959279AF0FDB5DD4D2127CE3CDFF4DB759C0" + "88E75A8AA683B3A6FA6CCD4BF52E24ADC8A8B6E5A8A9C582E849777BE5CEE7B3CFD7B5DB819DC76E89C9954B720A2FDEE5D4F436B1745B" + "F626994994534E7691CB3F42E5F703FF9DBE53F5C34DFD988F6699F0743E1BB0427D599CE49E641A6A72B0462C5CE1F2FCB4D9248CBBF1" + "17378DD5E68BBA5271DF26A3336AD06B6EFA3AC73019515A8C5FD7DB8C5B3D812B25C12CA4C79115C4324698F70B33FD64E89791A1938D" + "AE814779D8720B4046C28C62C0BA6F449BF7DFC944828FB68A91E6347CD38EAE10ABDAC609F87807309F50D2EA330E4A8BD49FA2AA785F" + "CED71B8B409E283AB86C453125C06DAB315FB83463766D2A7BE97292E102EA426AB9550C0A9E754398C9D0256266E2789B921BB93FAF80" + "32919FA014FE307413DFF5DC6FE14B05E0F96A4B77FA826B4E6CEC615EA7BC782D81D850B2F5942B059BCB8378CF84943A503C5C8ED983" + "1031924047D1D7FC079136004424FCAE5EE4A63B2E447325D79354D715099463C2B263B989AC7B528AC5B9C7513A39371F90FDF6AAE1DC" + "E4B3B3892512398DA171E90C2BFCE9A5B93CDCBCEFC24B97B9A7CE5C46910E6609B04771E8A12F1D1541B606F05F83F369C74DD00A6F16" + "366A7883141E78B05B531C8C2F145949C47BEC9E968C909967D2"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -633,27 +1209,27 @@ UTEST(AOS_APPLY, AEAD_GCM_BITMASK_1) // Configure SA 17 on sa_if->sa_get_from_spi(11, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ekid = 130; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - sa_ptr->est = 1; - sa_ptr->ast = 1; - sa_ptr->abm_len = ABM_SIZE; + sa_ptr->ekid = 130; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->est = 1; + sa_ptr->ast = 1; + sa_ptr->abm_len = ABM_SIZE; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); - sa_ptr->iv_len = 16; - sa_ptr->shivf_len = 16; + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 16; - status = Crypto_AOS_ApplySecurity((uint8_t*)test_aos_b); + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_SUCCESS",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { - //printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); } free(test_aos_b); diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index 505e9b87..6facf1d2 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -37,20 +37,54 @@ UTEST(AOS_PROCESS, NO_CONFIG) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_ERROR; - int framed_aos_len = 0; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_ERROR; + int framed_aos_len = 0; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_aos_len; - char* framed_aos_h = "42C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; - char* framed_aos_b = NULL; + char *framed_aos_h = + "42C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; + char *framed_aos_b = NULL; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_h, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_aos_b); Crypto_Shutdown(); @@ -64,42 +98,76 @@ UTEST(AOS_PROCESS, NO_INIT) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_ERROR; - int framed_aos_len = 0; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_ERROR; + int framed_aos_len = 0; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_aos_len; // No Crypto_Init(), but we still Configure It: - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Test Frame Setup // 6 byte header, 2 byte blank SPI, data, FECF - char* framed_aos_h = "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; - char* framed_aos_b = NULL; + char *framed_aos_h = + "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; + char *framed_aos_b = NULL; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Bit math to give concise access to values already set in the static transfer frame - //TFVN Mask (2 bits) = 1100 0000 = 0xCO + // TFVN Mask (2 bits) = 1100 0000 = 0xCO aos_frame_pri_hdr.tfvn = ((uint8_t)framed_aos_b[0] & 0xC0) >> 6; - //SCID Mask (8 bits) = 0011 1111 1100 0000 = 0x3F 0xC0 + // SCID Mask (8 bits) = 0011 1111 1100 0000 = 0x3F 0xC0 aos_frame_pri_hdr.scid = (((uint16_t)framed_aos_b[0] & 0x3F) << 2) | (((uint16_t)framed_aos_b[1] & 0xC0) >> 6); - //VCID Mask (6 bits) = 0011 1111 = 0x3F + // VCID Mask (6 bits) = 0011 1111 = 0x3F aos_frame_pri_hdr.vcid = ((uint8_t)framed_aos_b[1] & 0x3F); // Sanity checks on the above bit math // Note: This is only checked in this UT, as the bit math is duplicated in other tests - ASSERT_EQ(aos_frame_pri_hdr.tfvn, 0x01); //TFVN - AOS Version 2 is set to '0b01' per protocol - ASSERT_EQ(aos_frame_pri_hdr.scid, 0x03); //SCID 3 - ASSERT_EQ(aos_frame_pri_hdr.vcid, 0x00); //VCID 0 + ASSERT_EQ(aos_frame_pri_hdr.tfvn, 0x01); // TFVN - AOS Version 2 is set to '0b01' per protocol + ASSERT_EQ(aos_frame_pri_hdr.scid, 0x03); // SCID 3 + ASSERT_EQ(aos_frame_pri_hdr.vcid, 0x00); // VCID 0 - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_h, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_aos_b); Crypto_Shutdown(); @@ -115,52 +183,122 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_aos_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - + status = Crypto_Init(); // Test frame setup // Note: SPI 14 (0x0E) - char* framed_aos_h = "42C000001800000908010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB2d41"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000001800000908010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB2d41"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup - char* truth_aos_h = "42C000001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); SecurityAssociation_t *sa_ptr = NULL; - SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 9 + sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 9 sa_ptr->sa_state = SA_OPERATIONAL; - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } Crypto_Shutdown(); @@ -184,30 +322,33 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) // uint16_t processed_aos_len; // // Configure Parameters -// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, // IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // // AOS Tests -// Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); -// status = Crypto_Init(); +// Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, 1786, AOS_FHEC_NA, +// AOS_IZ_NA, 0); status = Crypto_Init(); // // Test frame setup -// char* framed_aos_h = "42C00000980006AABBCCDDEEFF000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA6e76"; +// char* framed_aos_h = +// "42C00000980006AABBCCDDEEFF000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA6e76"; // char* framed_aos_b = NULL; // int framed_aos_len = 0; // hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // // Truth frame setup -// char* truth_aos_h = "42C00000980006AABBCCDDEEFF000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; +// char* truth_aos_h = +// "42C00000980006AABBCCDDEEFF000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; // char* truth_aos_b = NULL; // int truth_aos_len = 0; // hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); -// status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, +// &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // // Determine managed parameters by GVCID, which nominally happens in TO -// status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, +// status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, +// aos_frame_pri_hdr.vcid, // gvcid_managed_parameters, ¤t_managed_parameters); // // Now, byte by byte verify the static frame in memory is equivalent to what we started with // for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) @@ -232,50 +373,120 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_aos_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_HAS_IZ, 10); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - + status = Crypto_Init(); // Test frame setup | 6 byte hdr | 10 byte insert zn|spi|data -----> FECF - char* framed_aos_h = "42C000000000112233445566778899AA0009112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA86E9"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000000000112233445566778899AA0009112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA86E9"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup - char* truth_aos_h = "42C000000000112233445566778899AA0000000000000000000000000000DDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000000000112233445566778899AA0000000000000000000000000000DDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); SecurityAssociation_t *sa_ptr = NULL; - SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 9 + sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 9 sa_ptr->sa_state = SA_OPERATIONAL; - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { - printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t)truth_aos_b[i]); } @@ -295,70 +506,140 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_aos_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF - char* framed_aos_h = "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB5db19eb46f096b17bbe72c50448218d980A2"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB5db19eb46f096b17bbe72c50448218d980A2"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->akid = 130; - sa_ptr->ekid = 0; - sa_ptr->est = 0; - sa_ptr->ast = 1; - sa_ptr->acs_len = 1; - sa_ptr->ecs_len = 0; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->stmacf_len = 16; - sa_ptr->abm_len = ABM_SIZE; + sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->akid = 130; + sa_ptr->ekid = 0; + sa_ptr->est = 0; + sa_ptr->ast = 1; + sa_ptr->acs_len = 1; + sa_ptr->ecs_len = 0; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->stmacf_len = 16; + sa_ptr->abm_len = ABM_SIZE; sa_ptr->gvcid_blk.scid = 0x44; - sa_ptr->iv_len = 0; - sa_ptr->shivf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shivf_len = 0; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of zeros // Truth frame setup - char* truth_aos_h = "42C000001800000000010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000001800000000010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Test Specific Setup - //SaInterface sa_if = get_sa_interface_inmemory(); + // SaInterface sa_if = get_sa_interface_inmemory(); // Expose/setup SA for testing // Configure SA 15 - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } Crypto_Shutdown(); @@ -372,73 +653,143 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) * This should call process_security on an authenticated SDLS frame, * finally returning CRYPTO_LIB_SUCCESS * The SPI, FECF, and MAC should be zero'ed out on completion - * Sanity Check: https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')CMAC(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,'AES')&input=NDJDMDAwMDAxODAwMDAwRjA4MDEwMDAwMDAwRjAwMTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI + * Sanity Check: + *https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')CMAC(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,'AES')&input=NDJDMDAwMDAxODAwMDAwRjA4MDEwMDAwMDAwRjAwMTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI **/ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_aos_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; - // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF - char* framed_aos_h = "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB53C4ADF7070DA59218F49AAE917F4DA95D4E"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB53C4ADF7070DA59218F49AAE917F4DA95D4E"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->akid = 130; - sa_ptr->ekid = 0; - sa_ptr->est = 0; - sa_ptr->ast = 1; - sa_ptr->acs_len = 1; - sa_ptr->ecs_len = 0; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->stmacf_len = 16; - sa_ptr->abm_len = ABM_SIZE; + sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->akid = 130; + sa_ptr->ekid = 0; + sa_ptr->est = 0; + sa_ptr->ast = 1; + sa_ptr->acs_len = 1; + sa_ptr->ecs_len = 0; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->stmacf_len = 16; + sa_ptr->abm_len = ABM_SIZE; sa_ptr->gvcid_blk.scid = 0x44; - sa_ptr->iv_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->shsnf_len = 0; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones // Truth frame setup - char* truth_aos_h = "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } Crypto_Shutdown(); @@ -457,67 +808,137 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_aos_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF - char* framed_aos_h = "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBDCD9DACF7DFE95A6ED4C16C379CDEC28EB3A"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBDCD9DACF7DFE95A6ED4C16C379CDEC28EB3A"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup - char* truth_aos_h = "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->akid = 130; - sa_ptr->ekid = 0; - sa_ptr->est = 0; - sa_ptr->ast = 1; - sa_ptr->acs_len = 1; - sa_ptr->ecs_len = 0; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; - sa_ptr->stmacf_len = 16; - sa_ptr->abm_len = ABM_SIZE; + sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->akid = 130; + sa_ptr->ekid = 0; + sa_ptr->est = 0; + sa_ptr->ast = 1; + sa_ptr->acs_len = 1; + sa_ptr->ecs_len = 0; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->stmacf_len = 16; + sa_ptr->abm_len = ABM_SIZE; sa_ptr->gvcid_blk.scid = 0x44; - sa_ptr->iv_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->shsnf_len = 0; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of zeros - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } Crypto_Shutdown(); @@ -531,73 +952,144 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) * This should call process_security on an authenticated SDLS frame, * finally returning CRYPTO_LIB_SUCCESS * The SPI, FECF, and MAC should be zero'ed out on completion - * # Sanity check: https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')HMAC(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,'SHA256')&input=NDJDMDAwMDAxODAwMDAwRjA4MDEwMDAwMDAwRjAwMTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI + * # Sanity check: + *https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')HMAC(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,'SHA256')&input=NDJDMDAwMDAxODAwMDAwRjA4MDEwMDAwMDAwRjAwMTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI **/ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_aos_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF - char* framed_aos_h = "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0D2C91E544BEBAA356488CBD210314260099"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB0D2C91E544BEBAA356488CBD210314260099"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup - char* truth_aos_h = "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->akid = 130; - sa_ptr->ekid = 0; - sa_ptr->est = 0; - sa_ptr->ast = 1; - sa_ptr->acs_len = 1; - sa_ptr->ecs_len = 0; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; - sa_ptr->stmacf_len = 16; - sa_ptr->abm_len = ABM_SIZE; + sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->akid = 130; + sa_ptr->ekid = 0; + sa_ptr->est = 0; + sa_ptr->ast = 1; + sa_ptr->acs_len = 1; + sa_ptr->ecs_len = 0; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->stmacf_len = 16; + sa_ptr->abm_len = ABM_SIZE; sa_ptr->gvcid_blk.scid = 0x44; - sa_ptr->iv_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->shsnf_len = 0; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } Crypto_Shutdown(); @@ -616,67 +1108,137 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_aos_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF - char* framed_aos_h = "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBDCD9DACF7DFE95A6ED4C16C379CDEC28EB3A"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBDCD9DACF7DFE95A6ED4C16C379CDEC28EB3A"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup - char* truth_aos_h = "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Test Specific Setup SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->akid = 130; - sa_ptr->ekid = 0; - sa_ptr->est = 0; - sa_ptr->ast = 1; - sa_ptr->acs_len = 1; - sa_ptr->ecs_len = 0; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; - sa_ptr->stmacf_len = 16; - sa_ptr->abm_len = ABM_SIZE; + sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->akid = 130; + sa_ptr->ekid = 0; + sa_ptr->est = 0; + sa_ptr->ast = 1; + sa_ptr->acs_len = 1; + sa_ptr->ecs_len = 0; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->stmacf_len = 16; + sa_ptr->abm_len = ABM_SIZE; sa_ptr->gvcid_blk.scid = 0x44; - sa_ptr->iv_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->shsnf_len = 0; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of zeros - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } Crypto_Shutdown(); @@ -695,67 +1257,137 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_aos_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF - char* framed_aos_h = "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0D2C91E544BEBAA356488CBD210314260099"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB0D2C91E544BEBAA356488CBD210314260099"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup - char* truth_aos_h = "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Test Specific Setup SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->akid = 130; - sa_ptr->ekid = 0; - sa_ptr->est = 0; - sa_ptr->ast = 1; - sa_ptr->acs_len = 1; - sa_ptr->ecs_len = 0; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; - sa_ptr->stmacf_len = 16; - sa_ptr->abm_len = ABM_SIZE; + sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->akid = 130; + sa_ptr->ekid = 0; + sa_ptr->est = 0; + sa_ptr->ast = 1; + sa_ptr->acs_len = 1; + sa_ptr->ecs_len = 0; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->stmacf_len = 16; + sa_ptr->abm_len = ABM_SIZE; sa_ptr->gvcid_blk.scid = 0x44; - sa_ptr->iv_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->shsnf_len = 0; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } Crypto_Shutdown(); @@ -772,32 +1404,100 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_aos_len; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup Header |SPI| IV | Data - char* framed_aos_h = "42C000000000000B0000000000000000000000000000000010df143c92a39b3568cc9916c9d06c715bf8017168f88ef107a8016a03207f7d12fe4ccd79ab24043982fe6a8b9675c3b819e2d7dfad32bd85381fb54544d76668a6ab58b988158702e91afe55cd71f1ba50d72bbd1ccc41529101ee1a39c46ecd8a7feb503444606611239d31102dc6371b0e2152dd301e3268d0a45e1bcb58779642e883b6a26546094ba39fb0ce11b39c49092c9b366059e773e4789052311a465f39ba677458510c09826f1ea580fa5c9d5b9677ede38e46fc33fe8d303f9529c15c2bed4c879c5bfdacd86210a431e0f3852b3798369ae1230b4ed5ae66e153757508ead77e85ddac804e8a409cca8b9d3cef0dd1d0298bcdbda1dda336d66ee6b59f2f10ffa6d4bf99885b9082b83cd20c9a44a002c460530a9741e26e78b6e8f9349df8e618b904ed01306ee9ed3a389374efe43e5ed2bcd528943057762f9dc1d392fe2dd2fc6d9cab9e347a25839c07ba47113bad0633b6b5f09228be87631cc1538c2f6e79e9df0f18d658bd8b3ac45b396cfeadd1700ca2ec95cdbe38e5ec013c74cd68d0035bb975c392f5116b661a928bf113c3cacc801a84cbd3f8d3dc2273e0c5270d656648a48db16f860e4a36ee7e8979da4135e40e6952041a0d16b6f51cf67519b80a472b4cf5614d5a0b18dd755b7c8d63936e43de25a3cdf0d03179aebd5cc85fa1cc0c03fbdd240dd878d647619cbf367a7e486e572c5636c7a7d9b517c565a547597d311b69110985b5f7c5d47904a6f6699e93c02ea7559d4ba94d139824e9ef0840ad3e31afdaaa71f7baba8835d568443b0dab10a4f40043160fde9961038bcb823ab570bac0e609e17311a6b0edab4fce98f8df059194393f5109e766f6bf7e21c9a4441acff0cfd28658d48304331cb0c982da833c94cf6a7aadc8e2a696b69df49efcd7efadfd2e95bd3a9ab605c221e08b5f61f3aff2496b7c89f98a76aa305116220c50142cfa4490916f7a6b8732839280d39a402d87ff7e7b1f71b6a243c316307e82b16071ad18e99a548bacc4ed648df49c6eafca0db764b98c75a9e953161cb6d384421b473f95d6801d5413dbde4373abab3269c0fade85ab66a9beea1d32462796dac0024f44ade919286b5e92488e52b51ada1deb0730c9b2e66b9b3c75dab5194cf452cb626ea4d9425b28e6d97a9d93d5c61d1fd02eea18d2b42058de6453abac1165740be3c352d7291f8df7abd0c24e90bc8fbdadc32c31942e82f09f74f3ff75e20e597d87d136998b94d99370a8d6c3eedf44503ccc2d7d560a3c068f8914fb67a976cb15d3be212bc549b26613113a509079ad19e5abd26467e26571c98f17e248e31ad5b0f489a05b71e38725574e9a076bf55d546f970cbc1892801b6a4b4bc7e3b82723cf251dcf3bfee0cb3b8c54a51a99d5272e8165a6cf8b2b05a549d091090c8b7a623541f2b29542eecc1234bc172038f8fcb0fe14413601f2d255708e4a30a789ec92a3f7bb286c80899886d2f59edfe5e120039b2e0e6fce7fa81dd15b14c61afc0c334015cf975b42cb53bc33dc511c6aac87f1e38f48287c4ede88b8a22ab013200d4d894709bc0668ac5ff06add5c28ef3764e3a6f51ba519256574734b0ad395d80ee886018ce0a1b935b1af4747b47011eb030c2ca2ab77cf33019cfca4bbbde219d32666ce9a2db7a9e1f0f3fdff22a0b2cf6d245f0c5de470a40025a9f2e743c1fd626a01eb34293544c3dee8b72892c8a2d4fbe0cb2dec2bda572ba4a1246b811331d80e5078b310eb9090a89216b390df62671425f89e73ca736e49848368be1eca4cc5c3036df2dcee5ca648d199f64b9bb792a2b7eb7ddc5ae43f35bcd9b9a7f4b9b8d493f958666af4dff6a2dec6a4ca908cd67f98d8845a631b3ecff4c5e527a0654ae737885885425f6780da2e53f4e612ee8caf42e4d25cec899e7788e1652f0aa1536c488df58f750b7b63a1573d4df0e3eda5c8359daae006269cc4f79aab4360ce37b2227bc17a7feb2bd62108404b9d4ec6ca9d4a2c903a34d03db5d68004d5235789e61a22ec75f98680b0829cbf905668c9631a5157d39d73d1ab7e558ae6ced855939ea79b80f7256dc29fbf01bacbd718e96916218e41c3fb221f5b9ac58eb3bb694edfc60a9a518f392ba97d542034d17cba204ea92572677c3b6af86383f013fb537ba8441d1b8f645289d8c1347377f3698a830aa82ebe9123808eb105ef216502cee4cd7ef05a14f1e87b5a66eb937a5f7dfd704fb6ad693c90c941a3e4853a148ada9269de95852b412d4d9fc8920120835156c0c6ed168027115535edbf4ff5b72a3f556234c68245c604188572d3a372a898bd6a439bd4a8d6402b28260e81ece7bbf0cdf5a2a2983403289cb060f81d3aedf8b4a82dcdadfed35a86a8b6df4d57801f7718a15660f9b03e0c0450a717e14e92e278d65cc11b7e07277b6992050f69a101af3c11340d640ef7a98d89c32f485221351edc"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000000000000B0000000000000000000000000000000010df143c92a39b3568cc9916c9d06c715bf8017168f88ef107a8016a03207f" + "7d12fe4ccd79ab24043982fe6a8b9675c3b819e2d7dfad32bd85381fb54544d76668a6ab58b988158702e91afe55cd71f1ba50d72bbd1c" + "cc41529101ee1a39c46ecd8a7feb503444606611239d31102dc6371b0e2152dd301e3268d0a45e1bcb58779642e883b6a26546094ba39f" + "b0ce11b39c49092c9b366059e773e4789052311a465f39ba677458510c09826f1ea580fa5c9d5b9677ede38e46fc33fe8d303f9529c15c" + "2bed4c879c5bfdacd86210a431e0f3852b3798369ae1230b4ed5ae66e153757508ead77e85ddac804e8a409cca8b9d3cef0dd1d0298bcd" + "bda1dda336d66ee6b59f2f10ffa6d4bf99885b9082b83cd20c9a44a002c460530a9741e26e78b6e8f9349df8e618b904ed01306ee9ed3a" + "389374efe43e5ed2bcd528943057762f9dc1d392fe2dd2fc6d9cab9e347a25839c07ba47113bad0633b6b5f09228be87631cc1538c2f6e" + "79e9df0f18d658bd8b3ac45b396cfeadd1700ca2ec95cdbe38e5ec013c74cd68d0035bb975c392f5116b661a928bf113c3cacc801a84cb" + "d3f8d3dc2273e0c5270d656648a48db16f860e4a36ee7e8979da4135e40e6952041a0d16b6f51cf67519b80a472b4cf5614d5a0b18dd75" + "5b7c8d63936e43de25a3cdf0d03179aebd5cc85fa1cc0c03fbdd240dd878d647619cbf367a7e486e572c5636c7a7d9b517c565a547597d" + "311b69110985b5f7c5d47904a6f6699e93c02ea7559d4ba94d139824e9ef0840ad3e31afdaaa71f7baba8835d568443b0dab10a4f40043" + "160fde9961038bcb823ab570bac0e609e17311a6b0edab4fce98f8df059194393f5109e766f6bf7e21c9a4441acff0cfd28658d4830433" + "1cb0c982da833c94cf6a7aadc8e2a696b69df49efcd7efadfd2e95bd3a9ab605c221e08b5f61f3aff2496b7c89f98a76aa305116220c50" + "142cfa4490916f7a6b8732839280d39a402d87ff7e7b1f71b6a243c316307e82b16071ad18e99a548bacc4ed648df49c6eafca0db764b9" + "8c75a9e953161cb6d384421b473f95d6801d5413dbde4373abab3269c0fade85ab66a9beea1d32462796dac0024f44ade919286b5e9248" + "8e52b51ada1deb0730c9b2e66b9b3c75dab5194cf452cb626ea4d9425b28e6d97a9d93d5c61d1fd02eea18d2b42058de6453abac116574" + "0be3c352d7291f8df7abd0c24e90bc8fbdadc32c31942e82f09f74f3ff75e20e597d87d136998b94d99370a8d6c3eedf44503ccc2d7d56" + "0a3c068f8914fb67a976cb15d3be212bc549b26613113a509079ad19e5abd26467e26571c98f17e248e31ad5b0f489a05b71e38725574e" + "9a076bf55d546f970cbc1892801b6a4b4bc7e3b82723cf251dcf3bfee0cb3b8c54a51a99d5272e8165a6cf8b2b05a549d091090c8b7a62" + "3541f2b29542eecc1234bc172038f8fcb0fe14413601f2d255708e4a30a789ec92a3f7bb286c80899886d2f59edfe5e120039b2e0e6fce" + "7fa81dd15b14c61afc0c334015cf975b42cb53bc33dc511c6aac87f1e38f48287c4ede88b8a22ab013200d4d894709bc0668ac5ff06add" + "5c28ef3764e3a6f51ba519256574734b0ad395d80ee886018ce0a1b935b1af4747b47011eb030c2ca2ab77cf33019cfca4bbbde219d326" + "66ce9a2db7a9e1f0f3fdff22a0b2cf6d245f0c5de470a40025a9f2e743c1fd626a01eb34293544c3dee8b72892c8a2d4fbe0cb2dec2bda" + "572ba4a1246b811331d80e5078b310eb9090a89216b390df62671425f89e73ca736e49848368be1eca4cc5c3036df2dcee5ca648d199f6" + "4b9bb792a2b7eb7ddc5ae43f35bcd9b9a7f4b9b8d493f958666af4dff6a2dec6a4ca908cd67f98d8845a631b3ecff4c5e527a0654ae737" + "885885425f6780da2e53f4e612ee8caf42e4d25cec899e7788e1652f0aa1536c488df58f750b7b63a1573d4df0e3eda5c8359daae00626" + "9cc4f79aab4360ce37b2227bc17a7feb2bd62108404b9d4ec6ca9d4a2c903a34d03db5d68004d5235789e61a22ec75f98680b0829cbf90" + "5668c9631a5157d39d73d1ab7e558ae6ced855939ea79b80f7256dc29fbf01bacbd718e96916218e41c3fb221f5b9ac58eb3bb694edfc6" + "0a9a518f392ba97d542034d17cba204ea92572677c3b6af86383f013fb537ba8441d1b8f645289d8c1347377f3698a830aa82ebe912380" + "8eb105ef216502cee4cd7ef05a14f1e87b5a66eb937a5f7dfd704fb6ad693c90c941a3e4853a148ada9269de95852b412d4d9fc8920120" + "835156c0c6ed168027115535edbf4ff5b72a3f556234c68245c604188572d3a372a898bd6a439bd4a8d6402b28260e81ece7bbf0cdf5a2" + "a2983403289cb060f81d3aedf8b4a82dcdadfed35a86a8b6df4d57801f7718a15660f9b03e0c0450a717e14e92e278d65cc11b7e07277b" + "6992050f69a101af3c11340d640ef7a98d89c32f485221351edc"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup - char* truth_aos_h = "42C00000000000000000000000000000000000000000000000974F555545E8114714352C43BCAB3B62E961FEE145A672C3B292FFAE9A4563F5B359B8E199115C12A3A1DC24D78BB36CE3D2922E3C9567AF7D87DA9B58A13B64B5BEDE209DDEE5722C2FBC6E96346150A270BF3C12A6957E57ED061A65DB0B4F8307548270670D2C9CC70BC9772E62F39CC41B8BFEC800D1AAE21935136BCAF6F6FD4C6536917F484A065594ACC4A9F68AC02628FAB4B06B11F5785BEBA3091B326CFC348BDCD519ADAEB41358677850C5B168C75806D4D5218708F974A2C2D2403110B6AB129D7FE0D69B6865D59A3E170AA7EB4A0B1385AC35F644F901FFBD5CB821D384B65F7442A3AF9AA8824A7C73E46AB9E66B533C39D9F2988457E6E7D50B5DB046035DF52D9BD81D03646DAD98350EBE73E6D5ADC72C35B629D90B46EFD849C0B3451F627DF0FFA7D00A9B24EDC346CBE73814D3DF35F53EA294A42B03CBB1AB76E71EFE6575F58AA027C30E1BB7C4CB828149D85C1615F59B482FFB2F83CEE16E9F2F43B8D71A597C4444A3B901FD39E7D5B541B58EC8AD14BFC02DDD8DD83B451A962E8733012F108E5E34639D072B2DB99367234AE98A18C0413316900B80EB0C15B4AD0DDA725D07560DE690252D2AC31A5391FF565F16CBA7D31DCBE4AE14E90B2D8D18BCE4F6377D1E7A5FB14D98F726582AEAAC9777F70A4AF0C2956D8B032DC97BD36524F8F6872E6EA6A8C3BADEE8717F4FDF471E32C2B170DEEED4FE807A551353853676D5E68C4686FE1D87294EC27F05F5C42391CA6ED51A4D65AB3F940F32BBA4D7BBADC0A8233557218832F76C22CC660542F49F3428D3440BB8E251BF32B9BA1EB6CEE36F45F5310C6A1D3EA1488B438A5960489BDF8A2B74EC3F1A29F030ABB17FE5B6299EEE10C63302E46ABB087660B065A53A21C51EBDDB43EEE219C60057FE5C853FDE54EB2C8A5DDF195F50BDD1DA749C6D6EC01FF589C6A97F0E77FDAD73B16CB4592199936D6FECEE356A88C4E2ABEBA487CF8FEC48B31EA8656BE4E9F45FA5D14CC5125577E235378B090731D4CBDD623D9481D334D3483322547C8A148B20D75DF232D996FE552473FD419B7908E2D93158911D2B5BBEBAA8AB58D4B7E32C0247C9A79027FF0BEA60E7E2C2F739F118C423D30BA8F1DA0AE8EB259DE8985D2713986EBBB780C510C766DCCBB0A6B1E8D806C029B6978A1B358429410C6AA3256CB5805F0B077025C89239D62331324EBC6288BE3DBC8F1C14E097B0D7641FEE519AB693406616B68D956E47BDD78B5F4DE011839E87320D776EE92E29617326919131F0B450C810BEF3FBC7B24F3294DD12CB293C66BE0CD9F81C62F863642811682A8464FE959D63689A0E0141B4E3865D4457E7B76F9BEFE8EDE58FAE6B6E138C165A5F491C3D3344C1DD652A61B3AF5B4F608E60C73368B6559E5E5D0BD130AFF07F77CFD72B0F54140A03E0739C665EE3D73CE54AB3BEE154B401320A9D2360C179634A6F5E44F08A873B673949232B613F12FFF97236A96A24ECC977392EE26EFC9A2F8736048EA10F48F211C846543E36D9D52D5AEEEE9C87803B923570C7AE89C827AAB260147D2F5DE616042740322DFC37CD05A0CA48ADDA09B1AFCC6BB1291DD69B531DC7EEA9CEB2B7B516851E1EA55074548DE1F02D109A6B7DABEF210DB1F77178D239E73D748296E1D6A4FFDAC5C6F265E0BEBE2FF70E86808B6B8DBF66E133A2B99FFC7729AB3409E195A91D22D00A771340A29B529671DFD648E27D3422D92CF66D2BAF512CAB215DD4381FB36F4497DB7DE865EB469B26B8E24F224C73E30605AC6E3A05A0FC86E213CFE0E00D9B440916209305218ADB134AF7C8247E2B761D8FFA7ED9C1B052FE8470F5E60892E07CAFC3BCF61D67CCC5F737044EDA410283FBB2838CA2B4F6FFF19F4DBC4B5D20CCFCEDA7CBDB0245B42402B1BCCC95B97015BF06BB1451BC76B9EAD99CA21BC3EC702C314DCE2083F8F2E050F2BD0DB950C8553E00E662D70AD86855A79A0D3FA973EF00820084606A326EF92C2B48DF8486FEA8ECF63339A9AA2570372AE6CC4D92897CF5D081B8CF2B9A923AF3D5D31FB371CE63E82E5E3937ABF1E65AAB0A5CE9A613726510267E87296117C42DD03356364ED20EF5463C73393C1902A7C92A3883F1F726F43C5C6D4EA5360B4E7E4CD83CEE27BF13D2D4CEC198F9C755CA7FB6C0864737D128FE50A7ECE5B02C01C8E09EE6C455B89C7D447DEF0C6D0CE9607DD9458DC1CB3BE8DB613D70A392A6323639251AB6DA3A5431477EEE0BC3BF82EB3C3083482FADEFDC2B6EA5713BB8722CD5EC36FC1C7097F150FE1CD6E4404E633E23C9525CA165B649318D8D4AF0387256EAE754C45245B2B3C6DC21879D4E27466057FEED7552383C07CE7C4EDAD9310E0F12C62E75788DDEEFE70D1E8AE8EFCFECE71C3AB0BEDC048D9FAC161E071B02E7C39879FEA64EEBB825F75E936C93AE48881846000000000000000000000000000000000000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C00000000000000000000000000000000000000000000000974F555545E8114714352C43BCAB3B62E961FEE145A672C3B292FFAE9A45" + "63F5B359B8E199115C12A3A1DC24D78BB36CE3D2922E3C9567AF7D87DA9B58A13B64B5BEDE209DDEE5722C2FBC6E96346150A270BF3C12" + "A6957E57ED061A65DB0B4F8307548270670D2C9CC70BC9772E62F39CC41B8BFEC800D1AAE21935136BCAF6F6FD4C6536917F484A065594" + "ACC4A9F68AC02628FAB4B06B11F5785BEBA3091B326CFC348BDCD519ADAEB41358677850C5B168C75806D4D5218708F974A2C2D2403110" + "B6AB129D7FE0D69B6865D59A3E170AA7EB4A0B1385AC35F644F901FFBD5CB821D384B65F7442A3AF9AA8824A7C73E46AB9E66B533C39D9" + "F2988457E6E7D50B5DB046035DF52D9BD81D03646DAD98350EBE73E6D5ADC72C35B629D90B46EFD849C0B3451F627DF0FFA7D00A9B24ED" + "C346CBE73814D3DF35F53EA294A42B03CBB1AB76E71EFE6575F58AA027C30E1BB7C4CB828149D85C1615F59B482FFB2F83CEE16E9F2F43" + "B8D71A597C4444A3B901FD39E7D5B541B58EC8AD14BFC02DDD8DD83B451A962E8733012F108E5E34639D072B2DB99367234AE98A18C041" + "3316900B80EB0C15B4AD0DDA725D07560DE690252D2AC31A5391FF565F16CBA7D31DCBE4AE14E90B2D8D18BCE4F6377D1E7A5FB14D98F7" + "26582AEAAC9777F70A4AF0C2956D8B032DC97BD36524F8F6872E6EA6A8C3BADEE8717F4FDF471E32C2B170DEEED4FE807A551353853676" + "D5E68C4686FE1D87294EC27F05F5C42391CA6ED51A4D65AB3F940F32BBA4D7BBADC0A8233557218832F76C22CC660542F49F3428D3440B" + "B8E251BF32B9BA1EB6CEE36F45F5310C6A1D3EA1488B438A5960489BDF8A2B74EC3F1A29F030ABB17FE5B6299EEE10C63302E46ABB0876" + "60B065A53A21C51EBDDB43EEE219C60057FE5C853FDE54EB2C8A5DDF195F50BDD1DA749C6D6EC01FF589C6A97F0E77FDAD73B16CB45921" + "99936D6FECEE356A88C4E2ABEBA487CF8FEC48B31EA8656BE4E9F45FA5D14CC5125577E235378B090731D4CBDD623D9481D334D3483322" + "547C8A148B20D75DF232D996FE552473FD419B7908E2D93158911D2B5BBEBAA8AB58D4B7E32C0247C9A79027FF0BEA60E7E2C2F739F118" + "C423D30BA8F1DA0AE8EB259DE8985D2713986EBBB780C510C766DCCBB0A6B1E8D806C029B6978A1B358429410C6AA3256CB5805F0B0770" + "25C89239D62331324EBC6288BE3DBC8F1C14E097B0D7641FEE519AB693406616B68D956E47BDD78B5F4DE011839E87320D776EE92E2961" + "7326919131F0B450C810BEF3FBC7B24F3294DD12CB293C66BE0CD9F81C62F863642811682A8464FE959D63689A0E0141B4E3865D4457E7" + "B76F9BEFE8EDE58FAE6B6E138C165A5F491C3D3344C1DD652A61B3AF5B4F608E60C73368B6559E5E5D0BD130AFF07F77CFD72B0F54140A" + "03E0739C665EE3D73CE54AB3BEE154B401320A9D2360C179634A6F5E44F08A873B673949232B613F12FFF97236A96A24ECC977392EE26E" + "FC9A2F8736048EA10F48F211C846543E36D9D52D5AEEEE9C87803B923570C7AE89C827AAB260147D2F5DE616042740322DFC37CD05A0CA" + "48ADDA09B1AFCC6BB1291DD69B531DC7EEA9CEB2B7B516851E1EA55074548DE1F02D109A6B7DABEF210DB1F77178D239E73D748296E1D6" + "A4FFDAC5C6F265E0BEBE2FF70E86808B6B8DBF66E133A2B99FFC7729AB3409E195A91D22D00A771340A29B529671DFD648E27D3422D92C" + "F66D2BAF512CAB215DD4381FB36F4497DB7DE865EB469B26B8E24F224C73E30605AC6E3A05A0FC86E213CFE0E00D9B440916209305218A" + "DB134AF7C8247E2B761D8FFA7ED9C1B052FE8470F5E60892E07CAFC3BCF61D67CCC5F737044EDA410283FBB2838CA2B4F6FFF19F4DBC4B" + "5D20CCFCEDA7CBDB0245B42402B1BCCC95B97015BF06BB1451BC76B9EAD99CA21BC3EC702C314DCE2083F8F2E050F2BD0DB950C8553E00" + "E662D70AD86855A79A0D3FA973EF00820084606A326EF92C2B48DF8486FEA8ECF63339A9AA2570372AE6CC4D92897CF5D081B8CF2B9A92" + "3AF3D5D31FB371CE63E82E5E3937ABF1E65AAB0A5CE9A613726510267E87296117C42DD03356364ED20EF5463C73393C1902A7C92A3883" + "F1F726F43C5C6D4EA5360B4E7E4CD83CEE27BF13D2D4CEC198F9C755CA7FB6C0864737D128FE50A7ECE5B02C01C8E09EE6C455B89C7D44" + "7DEF0C6D0CE9607DD9458DC1CB3BE8DB613D70A392A6323639251AB6DA3A5431477EEE0BC3BF82EB3C3083482FADEFDC2B6EA5713BB872" + "2CD5EC36FC1C7097F150FE1CD6E4404E633E23C9525CA165B649318D8D4AF0387256EAE754C45245B2B3C6DC21879D4E27466057FEED75" + "52383C07CE7C4EDAD9310E0F12C62E75788DDEEFE70D1E8AE8EFCFECE71C3AB0BEDC048D9FAC161E071B02E7C39879FEA64EEBB825F75E" + "936C93AE48881846000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); // Bit math to give concise access to values already set in the static transfer frame @@ -806,51 +1506,44 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) aos_frame_pri_hdr.vcid = ((uint8_t)framed_aos_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Expose/setup SAs for testing - SecurityAssociation_t ta; - SecurityAssociation_t* test_association = &ta; + SecurityAssociation_t ta; + SecurityAssociation_t *test_association = &ta; - sa_if->sa_get_from_spi(10, &test_association); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &test_association); // Disable SPI 10 test_association->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &test_association); // Enable and setup 11 - test_association->sa_state = SA_OPERATIONAL; - test_association->akid = 0; - test_association->ekid = 136; - test_association->est = 1; - test_association->ast = 0; - test_association->acs_len = 1; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->acs = CRYPTO_MAC_NONE; - test_association->stmacf_len = 16; - test_association->abm_len = 1786; - test_association->arsn_len = 0; + sa_if->sa_get_from_spi(11, &test_association); // Enable and setup 11 + test_association->sa_state = SA_OPERATIONAL; + test_association->akid = 0; + test_association->ekid = 136; + test_association->est = 1; + test_association->ast = 0; + test_association->acs_len = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->acs = CRYPTO_MAC_NONE; + test_association->stmacf_len = 16; + test_association->abm_len = 1786; + test_association->arsn_len = 0; test_association->gvcid_blk.scid = SCID & 0x3FF; - test_association->iv_len = 16; - test_association->shivf_len = 16; - test_association->shsnf_len = 0; + test_association->iv_len = 16; + test_association->shivf_len = 16; + test_association->shsnf_len = 0; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask of ones - - - - - - - - - // Set a more obvious IV for test purposes - char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; - char* iv_b = NULL; - int iv_len = 0; + char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; + char *iv_b = NULL; + int iv_len = 0; hex_conversion(iv_h, &iv_b, &iv_len); memcpy(test_association->iv, iv_b, iv_len); - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // printf("Decrypted frame contents:\n\t"); @@ -874,7 +1567,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) for (int i = 0; i < 1786; i++) { // printf("%02x", ptr_processed_frame[i]); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } // printf("\n\n"); @@ -890,72 +1583,143 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) * finally returning CRYPTOLIB_SUCCESS * The Provided buffer should be returned decrypted, blanking the SPI, MAC, and FECF * Utilizes an authentication bitmask of ones - * Sanity check: https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D)AES_Decrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'48caf5a6921559a2384174c025a04874'%7D,%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D/disabled)&input=MTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUE**/ + * Sanity check: + * https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D)AES_Decrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'48caf5a6921559a2384174c025a04874'%7D,%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D/disabled)&input=MTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUE**/ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_aos_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup // Note: SPI 17 (0x0011) // Setup: | hdr 6 |SPI| IV | data | MAC | FECF - char* framed_aos_h = "42C000000000000B0000000000000000000000000000000010df143c92a39b3568cc9916c9d06c715bf8017168f88ef107a8016a03207f7d12fe4ccd79ab24043982fe6a8b9675c3b819e2d7dfad32bd85381fb54544d76668a6ab58b988158702e91afe55cd71f1ba50d72bbd1ccc41529101ee1a39c46ecd8a7feb503444606611239d31102dc6371b0e2152dd301e3268d0a45e1bcb58779642e883b6a26546094ba39fb0ce11b39c49092c9b366059e773e4789052311a465f39ba677458510c09826f1ea580fa5c9d5b9677ede38e46fc33fe8d303f9529c15c2bed4c879c5bfdacd86210a431e0f3852b3798369ae1230b4ed5ae66e153757508ead77e85ddac804e8a409cca8b9d3cef0dd1d0298bcdbda1dda336d66ee6b59f2f10ffa6d4bf99885b9082b83cd20c9a44a002c460530a9741e26e78b6e8f9349df8e618b904ed01306ee9ed3a389374efe43e5ed2bcd528943057762f9dc1d392fe2dd2fc6d9cab9e347a25839c07ba47113bad0633b6b5f09228be87631cc1538c2f6e79e9df0f18d658bd8b3ac45b396cfeadd1700ca2ec95cdbe38e5ec013c74cd68d0035bb975c392f5116b661a928bf113c3cacc801a84cbd3f8d3dc2273e0c5270d656648a48db16f860e4a36ee7e8979da4135e40e6952041a0d16b6f51cf67519b80a472b4cf5614d5a0b18dd755b7c8d63936e43de25a3cdf0d03179aebd5cc85fa1cc0c03fbdd240dd878d647619cbf367a7e486e572c5636c7a7d9b517c565a547597d311b69110985b5f7c5d47904a6f6699e93c02ea7559d4ba94d139824e9ef0840ad3e31afdaaa71f7baba8835d568443b0dab10a4f40043160fde9961038bcb823ab570bac0e609e17311a6b0edab4fce98f8df059194393f5109e766f6bf7e21c9a4441acff0cfd28658d48304331cb0c982da833c94cf6a7aadc8e2a696b69df49efcd7efadfd2e95bd3a9ab605c221e08b5f61f3aff2496b7c89f98a76aa305116220c50142cfa4490916f7a6b8732839280d39a402d87ff7e7b1f71b6a243c316307e82b16071ad18e99a548bacc4ed648df49c6eafca0db764b98c75a9e953161cb6d384421b473f95d6801d5413dbde4373abab3269c0fade85ab66a9beea1d32462796dac0024f44ade919286b5e92488e52b51ada1deb0730c9b2e66b9b3c75dab5194cf452cb626ea4d9425b28e6d97a9d93d5c61d1fd02eea18d2b42058de6453abac1165740be3c352d7291f8df7abd0c24e90bc8fbdadc32c31942e82f09f74f3ff75e20e597d87d136998b94d99370a8d6c3eedf44503ccc2d7d560a3c068f8914fb67a976cb15d3be212bc549b26613113a509079ad19e5abd26467e26571c98f17e248e31ad5b0f489a05b71e38725574e9a076bf55d546f970cbc1892801b6a4b4bc7e3b82723cf251dcf3bfee0cb3b8c54a51a99d5272e8165a6cf8b2b05a549d091090c8b7a623541f2b29542eecc1234bc172038f8fcb0fe14413601f2d255708e4a30a789ec92a3f7bb286c80899886d2f59edfe5e120039b2e0e6fce7fa81dd15b14c61afc0c334015cf975b42cb53bc33dc511c6aac87f1e38f48287c4ede88b8a22ab013200d4d894709bc0668ac5ff06add5c28ef3764e3a6f51ba519256574734b0ad395d80ee886018ce0a1b935b1af4747b47011eb030c2ca2ab77cf33019cfca4bbbde219d32666ce9a2db7a9e1f0f3fdff22a0b2cf6d245f0c5de470a40025a9f2e743c1fd626a01eb34293544c3dee8b72892c8a2d4fbe0cb2dec2bda572ba4a1246b811331d80e5078b310eb9090a89216b390df62671425f89e73ca736e49848368be1eca4cc5c3036df2dcee5ca648d199f64b9bb792a2b7eb7ddc5ae43f35bcd9b9a7f4b9b8d493f958666af4dff6a2dec6a4ca908cd67f98d8845a631b3ecff4c5e527a0654ae737885885425f6780da2e53f4e612ee8caf42e4d25cec899e7788e1652f0aa1536c488df58f750b7b63a1573d4df0e3eda5c8359daae006269cc4f79aab4360ce37b2227bc17a7feb2bd62108404b9d4ec6ca9d4a2c903a34d03db5d68004d5235789e61a22ec75f98680b0829cbf905668c9631a5157d39d73d1ab7e558ae6ced855939ea79b80f7256dc29fbf01bacbd718e96916218e41c3fb221f5b9ac58eb3bb694edfc60a9a518f392ba97d542034d17cba204ea92572677c3b6af86383f013fb537ba8441d1b8f645289d8c1347377f3698a830aa82ebe9123808eb105ef216502cee4cd7ef05a14f1e87b5a66eb937a5f7dfd704fb6ad693c90c941a3e4853a148ada9269de95852b412d4d9fc8920120835156c0c6ed168027115535edbf4ff5b72a3f556234c68245c604188572d3a372a898bd6a439bd4a8d6402b28260e81ece7bbf0cdf5a2a2983403289cb060f81d3aedf8b4a82dcdadfed35a86a8b6df4d57801f7718a15660f9b03e0c0450a717e14e92e278d65cc11b7e07277b6992050f69a101af8A2A043A6420DEC5FF4F7B14B80E26374173"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = + "42C000000000000B0000000000000000000000000000000010df143c92a39b3568cc9916c9d06c715bf8017168f88ef107a8016a03207f" + "7d12fe4ccd79ab24043982fe6a8b9675c3b819e2d7dfad32bd85381fb54544d76668a6ab58b988158702e91afe55cd71f1ba50d72bbd1c" + "cc41529101ee1a39c46ecd8a7feb503444606611239d31102dc6371b0e2152dd301e3268d0a45e1bcb58779642e883b6a26546094ba39f" + "b0ce11b39c49092c9b366059e773e4789052311a465f39ba677458510c09826f1ea580fa5c9d5b9677ede38e46fc33fe8d303f9529c15c" + "2bed4c879c5bfdacd86210a431e0f3852b3798369ae1230b4ed5ae66e153757508ead77e85ddac804e8a409cca8b9d3cef0dd1d0298bcd" + "bda1dda336d66ee6b59f2f10ffa6d4bf99885b9082b83cd20c9a44a002c460530a9741e26e78b6e8f9349df8e618b904ed01306ee9ed3a" + "389374efe43e5ed2bcd528943057762f9dc1d392fe2dd2fc6d9cab9e347a25839c07ba47113bad0633b6b5f09228be87631cc1538c2f6e" + "79e9df0f18d658bd8b3ac45b396cfeadd1700ca2ec95cdbe38e5ec013c74cd68d0035bb975c392f5116b661a928bf113c3cacc801a84cb" + "d3f8d3dc2273e0c5270d656648a48db16f860e4a36ee7e8979da4135e40e6952041a0d16b6f51cf67519b80a472b4cf5614d5a0b18dd75" + "5b7c8d63936e43de25a3cdf0d03179aebd5cc85fa1cc0c03fbdd240dd878d647619cbf367a7e486e572c5636c7a7d9b517c565a547597d" + "311b69110985b5f7c5d47904a6f6699e93c02ea7559d4ba94d139824e9ef0840ad3e31afdaaa71f7baba8835d568443b0dab10a4f40043" + "160fde9961038bcb823ab570bac0e609e17311a6b0edab4fce98f8df059194393f5109e766f6bf7e21c9a4441acff0cfd28658d4830433" + "1cb0c982da833c94cf6a7aadc8e2a696b69df49efcd7efadfd2e95bd3a9ab605c221e08b5f61f3aff2496b7c89f98a76aa305116220c50" + "142cfa4490916f7a6b8732839280d39a402d87ff7e7b1f71b6a243c316307e82b16071ad18e99a548bacc4ed648df49c6eafca0db764b9" + "8c75a9e953161cb6d384421b473f95d6801d5413dbde4373abab3269c0fade85ab66a9beea1d32462796dac0024f44ade919286b5e9248" + "8e52b51ada1deb0730c9b2e66b9b3c75dab5194cf452cb626ea4d9425b28e6d97a9d93d5c61d1fd02eea18d2b42058de6453abac116574" + "0be3c352d7291f8df7abd0c24e90bc8fbdadc32c31942e82f09f74f3ff75e20e597d87d136998b94d99370a8d6c3eedf44503ccc2d7d56" + "0a3c068f8914fb67a976cb15d3be212bc549b26613113a509079ad19e5abd26467e26571c98f17e248e31ad5b0f489a05b71e38725574e" + "9a076bf55d546f970cbc1892801b6a4b4bc7e3b82723cf251dcf3bfee0cb3b8c54a51a99d5272e8165a6cf8b2b05a549d091090c8b7a62" + "3541f2b29542eecc1234bc172038f8fcb0fe14413601f2d255708e4a30a789ec92a3f7bb286c80899886d2f59edfe5e120039b2e0e6fce" + "7fa81dd15b14c61afc0c334015cf975b42cb53bc33dc511c6aac87f1e38f48287c4ede88b8a22ab013200d4d894709bc0668ac5ff06add" + "5c28ef3764e3a6f51ba519256574734b0ad395d80ee886018ce0a1b935b1af4747b47011eb030c2ca2ab77cf33019cfca4bbbde219d326" + "66ce9a2db7a9e1f0f3fdff22a0b2cf6d245f0c5de470a40025a9f2e743c1fd626a01eb34293544c3dee8b72892c8a2d4fbe0cb2dec2bda" + "572ba4a1246b811331d80e5078b310eb9090a89216b390df62671425f89e73ca736e49848368be1eca4cc5c3036df2dcee5ca648d199f6" + "4b9bb792a2b7eb7ddc5ae43f35bcd9b9a7f4b9b8d493f958666af4dff6a2dec6a4ca908cd67f98d8845a631b3ecff4c5e527a0654ae737" + "885885425f6780da2e53f4e612ee8caf42e4d25cec899e7788e1652f0aa1536c488df58f750b7b63a1573d4df0e3eda5c8359daae00626" + "9cc4f79aab4360ce37b2227bc17a7feb2bd62108404b9d4ec6ca9d4a2c903a34d03db5d68004d5235789e61a22ec75f98680b0829cbf90" + "5668c9631a5157d39d73d1ab7e558ae6ced855939ea79b80f7256dc29fbf01bacbd718e96916218e41c3fb221f5b9ac58eb3bb694edfc6" + "0a9a518f392ba97d542034d17cba204ea92572677c3b6af86383f013fb537ba8441d1b8f645289d8c1347377f3698a830aa82ebe912380" + "8eb105ef216502cee4cd7ef05a14f1e87b5a66eb937a5f7dfd704fb6ad693c90c941a3e4853a148ada9269de95852b412d4d9fc8920120" + "835156c0c6ed168027115535edbf4ff5b72a3f556234c68245c604188572d3a372a898bd6a439bd4a8d6402b28260e81ece7bbf0cdf5a2" + "a2983403289cb060f81d3aedf8b4a82dcdadfed35a86a8b6df4d57801f7718a15660f9b03e0c0450a717e14e92e278d65cc11b7e07277b" + "6992050f69a101af8A2A043A6420DEC5FF4F7B14B80E26374173"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup - char* truth_aos_h = "42C000000000000000000000000000000000000000000000000015C1B5DB5CF084716870EB0A784FC8285D766989E0DB22E3BD68B9E0C7F7D629E5998ECCE605A62C7C42CE5645FF7670E16486D056BA0C2F2127E15B2988046A7854A97A17A5ACC4A3BDF4999F96700BD6D1D19DCAF7257AE8D5A07D65FDB24E09CB9475AFFE99DBFE26A927A77CA1778290E756D969B9DC596635152EE907648ED47AF49A795FC6B6006FB9EA0BC627413FDE38A151D42D91A9B0DE910BF3DDFED55EF475959EFEE324DD367134E476DCADB086C03ED80FC9DFB91475181EBCEFDF511BDCC06B76DA5D9E64736C9AEE79CF631808ABB97D0240D6745B19F49F2F8CC635643EE90992F759A0B5BC31BDEC1DC99B857743F15F9CD7CAB941CEF28B71C230347A0D81A2E78C68A3739314D19AF3E281ECDFC82CC07FE1CE8521722BE567CE77D15BF5A7FEBE77D47338796E03F7D62B7B014659AD2FEBA369FDD25044F5F99615977B04CA7DA8244EAA53022E9DEA10D60797251A3DEC9C729705663119E5F6D659FC3C0C5D6D62EAD0793CE5DA578C6D7A856677694A8C8B905FE07E5F7ACE5BA7B7D0210184C14D8D2925DDCA5E2AC9239862A5F17CBF7BEC99BB8E4A05791C7C62F9C196687EBF599DDA66830EF3CDBCF983451E9136F6D6E2B2A6004911A9D24576B9448BB074961280ECF97CD62CB27CA4B4B67A0BCCC642E8B77A03246E49DFB8C32807745D65756B56CEA4841D6074116FF398ABB5F9ABA13B2AB4A964CBD8DB884790D3CCE3A0DB3E07D8CB89077A645874C241F406CDC090A59EBD106E9DCA615A051ED4273B50AF10F770E78925E6F72AF9F23AA6A55F0E0CBCF7622D15214073A34A9DF1A50BF672ADC15A6E0BF0B119CF6C9CFC57F53B1301D39C0DC5AA7333340C2F36143040BB88F220E9716B1AA3296E98A8AB5DBD48540E6D09E5D5DEABA1F9A9B3E3A8D0A929D339148D3735CF8E990004401764BA4C229F592FB8259BEC408CC8B0C9B2C744D3C06E5550AE46F3BF0AB8EBA1390C6D69533FCBB103685FDAFF48C20965596A76C3FF2806BB43E5FA0ADB3AAA30880E19D7D2A453669E364155F40A74982A35BE8E6943AE616FA434672307537222684939A5D5CE49B972F80963F1AE7A46FC6325FD48161E7AD8CD53ADB6A191F3C5BC9BA17175289473C6FD554C7B694247A5958B0F7D1D5D28D1174A36FF43F3FF7373769B819C8306494645963665441072CFD53D731BAFD1730E538C9CC325F849B5BA88C52B4912A4BC65B73FC6302CA6D100D965060AE206A7E9AD12911DC183B61125C336AA1BC0DDD1A6082520D8C8F8AAC8D8B210582E4ED9DD940BCC83FA009297DBE2099D741F3DA828064574D6F5BAF88D009A93EF786A124D6C6BC176E34A588D0B8969D881AF84232351FA9A2613D57F3153AC69409D9B609F60EDD483F5967414400CF08D11875F2435E6CE72623739DC52E5986D48CD4BD135564304983694727FE2B90E0488FB6E680D197181145613F0B1F4CFA3756C025EB2B4E0C8E691D1856F5911963FFA6AABCCD9D3FD6F26A481BC74E69D25393E6E3AAADDDBCAD96A801A56F7DFD4100D8FCC196CDD8029B8823AA5C73FA03B51B47E119DE79F969C4E19A4216F68AD17EBA83BD6EABC84D32335B0318B2252A05A87E23EB3304D42489D1E31A94D94043C7FDFEE75054692FCB3E20E8A950E424749962EEDF3A9A7B775E43AD475509893A85387FBDA3A036CE40A8C05092CC93A9F79ABD65C2181D26A9E4A8BB6E29E8B679CAC8DD64A59312A710FC31A709533DC58C2E32AC092B9149A2CD75803DCF9460021EFAA1F9051605797CDDEE9A5346C155B0AB63BE2AFDD6A8D69C747A3AE8FF2608C8D83CF6A2957AFC5E7A5E6D68196612498291FB9D793CEC1A68FECFD59F50DA7285CEBE67E71A0AA48FEE85128C6C5D4A7A1709E75060432700E4CB334FA64F03A03946ED845BC2D4775C535F376B15A17B92A3FA4D3708F36A16715B7FD8F2BFF24D7176C2148D0F4E7737027ECD6AE6358AB053BEF97B174DAE966AFE02EE02A0A70AD0E51A3DE418E78EE8D39000A397F5CECBF48D38DA89797B7434335B07989E739601BE66305455E08EE8531F0618FAF9CC61E305C58C634BE60D67985DB44E223CAF6105A4EC22F25BECD9F615F0D226EF6E0BFD30E2BFC46F7DB5BF3C1E75E32C160E8B5F6AD69B2D1283AB0EA3B51841FE438C4775620F34609E93BB4C2403B819FBC0437AA078A21E58E3189104CB830868E5F01472009B70A5F2A66BC08B6187D48643B425F6AC01E8C653B0B64A319F756E0147FACB7183EA7721839DB6E3B2B876BC78A3BC98E032019E0437533D5E6CB1F1C38EEFA743AC0ED7B1AA151BF49544A3D88A85357D3A79D0D59CCECBDCDAFD4FD813C20B6243247E2C6684B68E2FA22CF3B99C50EEE588BDD402276E24CAD6DE47A056B6D0790E709FCECE2D917408F8EACED04B6E2D6F543D737D704D3A4000000000000000000000000000000000000"; - char* truth_aos_b = NULL; - int truth_aos_len = 0; + char *truth_aos_h = + "42C000000000000000000000000000000000000000000000000015C1B5DB5CF084716870EB0A784FC8285D766989E0DB22E3BD68B9E0C7" + "F7D629E5998ECCE605A62C7C42CE5645FF7670E16486D056BA0C2F2127E15B2988046A7854A97A17A5ACC4A3BDF4999F96700BD6D1D19D" + "CAF7257AE8D5A07D65FDB24E09CB9475AFFE99DBFE26A927A77CA1778290E756D969B9DC596635152EE907648ED47AF49A795FC6B6006F" + "B9EA0BC627413FDE38A151D42D91A9B0DE910BF3DDFED55EF475959EFEE324DD367134E476DCADB086C03ED80FC9DFB91475181EBCEFDF" + "511BDCC06B76DA5D9E64736C9AEE79CF631808ABB97D0240D6745B19F49F2F8CC635643EE90992F759A0B5BC31BDEC1DC99B857743F15F" + "9CD7CAB941CEF28B71C230347A0D81A2E78C68A3739314D19AF3E281ECDFC82CC07FE1CE8521722BE567CE77D15BF5A7FEBE77D4733879" + "6E03F7D62B7B014659AD2FEBA369FDD25044F5F99615977B04CA7DA8244EAA53022E9DEA10D60797251A3DEC9C729705663119E5F6D659" + "FC3C0C5D6D62EAD0793CE5DA578C6D7A856677694A8C8B905FE07E5F7ACE5BA7B7D0210184C14D8D2925DDCA5E2AC9239862A5F17CBF7B" + "EC99BB8E4A05791C7C62F9C196687EBF599DDA66830EF3CDBCF983451E9136F6D6E2B2A6004911A9D24576B9448BB074961280ECF97CD6" + "2CB27CA4B4B67A0BCCC642E8B77A03246E49DFB8C32807745D65756B56CEA4841D6074116FF398ABB5F9ABA13B2AB4A964CBD8DB884790" + "D3CCE3A0DB3E07D8CB89077A645874C241F406CDC090A59EBD106E9DCA615A051ED4273B50AF10F770E78925E6F72AF9F23AA6A55F0E0C" + "BCF7622D15214073A34A9DF1A50BF672ADC15A6E0BF0B119CF6C9CFC57F53B1301D39C0DC5AA7333340C2F36143040BB88F220E9716B1A" + "A3296E98A8AB5DBD48540E6D09E5D5DEABA1F9A9B3E3A8D0A929D339148D3735CF8E990004401764BA4C229F592FB8259BEC408CC8B0C9" + "B2C744D3C06E5550AE46F3BF0AB8EBA1390C6D69533FCBB103685FDAFF48C20965596A76C3FF2806BB43E5FA0ADB3AAA30880E19D7D2A4" + "53669E364155F40A74982A35BE8E6943AE616FA434672307537222684939A5D5CE49B972F80963F1AE7A46FC6325FD48161E7AD8CD53AD" + "B6A191F3C5BC9BA17175289473C6FD554C7B694247A5958B0F7D1D5D28D1174A36FF43F3FF7373769B819C8306494645963665441072CF" + "D53D731BAFD1730E538C9CC325F849B5BA88C52B4912A4BC65B73FC6302CA6D100D965060AE206A7E9AD12911DC183B61125C336AA1BC0" + "DDD1A6082520D8C8F8AAC8D8B210582E4ED9DD940BCC83FA009297DBE2099D741F3DA828064574D6F5BAF88D009A93EF786A124D6C6BC1" + "76E34A588D0B8969D881AF84232351FA9A2613D57F3153AC69409D9B609F60EDD483F5967414400CF08D11875F2435E6CE72623739DC52" + "E5986D48CD4BD135564304983694727FE2B90E0488FB6E680D197181145613F0B1F4CFA3756C025EB2B4E0C8E691D1856F5911963FFA6A" + "ABCCD9D3FD6F26A481BC74E69D25393E6E3AAADDDBCAD96A801A56F7DFD4100D8FCC196CDD8029B8823AA5C73FA03B51B47E119DE79F96" + "9C4E19A4216F68AD17EBA83BD6EABC84D32335B0318B2252A05A87E23EB3304D42489D1E31A94D94043C7FDFEE75054692FCB3E20E8A95" + "0E424749962EEDF3A9A7B775E43AD475509893A85387FBDA3A036CE40A8C05092CC93A9F79ABD65C2181D26A9E4A8BB6E29E8B679CAC8D" + "D64A59312A710FC31A709533DC58C2E32AC092B9149A2CD75803DCF9460021EFAA1F9051605797CDDEE9A5346C155B0AB63BE2AFDD6A8D" + "69C747A3AE8FF2608C8D83CF6A2957AFC5E7A5E6D68196612498291FB9D793CEC1A68FECFD59F50DA7285CEBE67E71A0AA48FEE85128C6" + "C5D4A7A1709E75060432700E4CB334FA64F03A03946ED845BC2D4775C535F376B15A17B92A3FA4D3708F36A16715B7FD8F2BFF24D7176C" + "2148D0F4E7737027ECD6AE6358AB053BEF97B174DAE966AFE02EE02A0A70AD0E51A3DE418E78EE8D39000A397F5CECBF48D38DA89797B7" + "434335B07989E739601BE66305455E08EE8531F0618FAF9CC61E305C58C634BE60D67985DB44E223CAF6105A4EC22F25BECD9F615F0D22" + "6EF6E0BFD30E2BFC46F7DB5BF3C1E75E32C160E8B5F6AD69B2D1283AB0EA3B51841FE438C4775620F34609E93BB4C2403B819FBC0437AA" + "078A21E58E3189104CB830868E5F01472009B70A5F2A66BC08B6187D48643B425F6AC01E8C653B0B64A319F756E0147FACB7183EA77218" + "39DB6E3B2B876BC78A3BC98E032019E0437533D5E6CB1F1C38EEFA743AC0ED7B1AA151BF49544A3D88A85357D3A79D0D59CCECBDCDAFD4" + "FD813C20B6243247E2C6684B68E2FA22CF3B99C50EEE588BDD402276E24CAD6DE47A056B6D0790E709FCECE2D917408F8EACED04B6E2D6" + "F543D737D704D3A4000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->akid = 0; - sa_ptr->ekid = 130; - sa_ptr->est = 1; - sa_ptr->ast = 1; - sa_ptr->acs_len = 0; - sa_ptr->ecs_len = 1; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - sa_ptr->stmacf_len = 16; - sa_ptr->abm_len = ABM_SIZE; + sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->akid = 0; + sa_ptr->ekid = 130; + sa_ptr->est = 1; + sa_ptr->ast = 1; + sa_ptr->acs_len = 0; + sa_ptr->ecs_len = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->stmacf_len = 16; + sa_ptr->abm_len = ABM_SIZE; sa_ptr->gvcid_blk.scid = 44; - sa_ptr->iv_len = 16; - sa_ptr->shivf_len = 16; - sa_ptr->shsnf_len = 0; - sa_ptr->shplf_len = 0; + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; + sa_ptr->shsnf_len = 0; + sa_ptr->shplf_len = 0; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); } Crypto_Shutdown(); @@ -967,28 +1731,31 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_aos_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_HAS_IZ, 10); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup - char* framed_aos_h = "42C00000000000000000000000000000FFFF"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = "42C00000000000000000000000000000FFFF"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); Crypto_Shutdown(); @@ -999,35 +1766,38 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_aos_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_HAS_IZ, 10); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup - char* framed_aos_h = "42C00000000000050000000000000000FFFF"; - char* framed_aos_b = NULL; - int framed_aos_len = 0; + char *framed_aos_h = "42C00000000000050000000000000000FFFF"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); SecurityAssociation_t *sa_ptr = NULL; - SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10 + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 + sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 sa_ptr->sa_state = SA_NONE; - status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); Crypto_Shutdown(); diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 1506a79c..96d2b2bc 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -31,19 +31,19 @@ UTEST(CRYPTO_C, CALC_CRC16) { remove("sa_save_file.bin"); - char* data_h = "2003002000ff000100001880d2c9000e197f0b001b0004000400003040d95e"; - uint8_t* data_b = NULL; - int data_b_len = 0; + char *data_h = "2003002000ff000100001880d2c9000e197f0b001b0004000400003040d95e"; + uint8_t *data_b = NULL; + int data_b_len = 0; Crypto_Init_TC_Unit_Test(); - hex_conversion(data_h, (char**) &data_b, &data_b_len); + hex_conversion(data_h, (char **)&data_b, &data_b_len); - int size = 31; - uint16_t crc = 0x00; + int size = 31; + uint16_t crc = 0x00; uint16_t validated_crc = 0xA61A; - crc = Crypto_Calc_CRC16(data_b, size); - - //printf("CRC = 0x%04x\n", crc); + crc = Crypto_Calc_CRC16(data_b, size); + + // printf("CRC = 0x%04x\n", crc); ASSERT_EQ(crc, validated_crc); } @@ -54,31 +54,33 @@ UTEST(CRYPTO_C, BAD_CC_FLAG) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, + // TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + Crypto_Init(); - char* raw_tc_sdls_ping_h = "3003002000ff000100001880d2c9000e197f0b001b0004000400003040d95ea61a"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + char *raw_tc_sdls_ping_h = "3003002000ff000100001880d2c9000e197f0b001b0004000400003040d95ea61a"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); Crypto_Shutdown(); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); @@ -94,177 +96,179 @@ UTEST(CRYPTO_C, PDU_SWITCH) remove("sa_save_file.bin"); int32_t status = CRYPTO_LIB_ERROR; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - sdls_frame.hdr.type = 0; + sdls_frame.hdr.type = 0; sdls_frame.pdu.hdr.uf = 0; printf("SG_KEY_MGMT\n"); - sdls_frame.pdu.hdr.sg = SG_KEY_MGMT; + sdls_frame.pdu.hdr.sg = SG_KEY_MGMT; sdls_frame.pdu.hdr.pid = PID_OTAR; - uint8_t* ingest = NULL; + uint8_t *ingest = NULL; TC_t tc_frame; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_KEY_ACTIVATION; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_KEY_DEACTIVATION; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pdu_len = 0; - sdls_frame.pdu.hdr.pid = PID_KEY_VERIFICATION; - status = Crypto_PDU(ingest, &tc_frame); + sdls_frame.pdu.hdr.pid = PID_KEY_VERIFICATION; + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_KEY_DESTRUCTION; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_KEY_INVENTORY; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = SG_KEY_MGMT; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("SG_SA_MGMT\n"); - sdls_frame.pdu.hdr.sg = SG_SA_MGMT; + sdls_frame.pdu.hdr.sg = SG_SA_MGMT; sdls_frame.pdu.hdr.pid = PID_CREATE_SA; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_DELETE_SA; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_SET_ARSNW; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_REKEY_SA; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_EXPIRE_SA; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_SET_ARSN; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_START_SA; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_STOP_SA; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_READ_ARSN; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_SA_STATUS; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 0b111; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("SG_SEC_MON_CTRL\n"); - sdls_frame.pdu.hdr.sg = SG_SEC_MON_CTRL; + sdls_frame.pdu.hdr.sg = SG_SEC_MON_CTRL; sdls_frame.pdu.hdr.pid = PID_LOG_STATUS; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_DUMP_LOG; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_ERASE_LOG; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_SELF_TEST; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_ALARM_FLAG; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 0b1111; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("PID_LOG_STATUS\n"); - sdls_frame.pdu.hdr.sg = PID_LOG_STATUS; + sdls_frame.pdu.hdr.sg = PID_LOG_STATUS; sdls_frame.pdu.hdr.pid = PID_LOG_STATUS; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("UF_TRUE\n"); - sdls_frame.pdu.hdr.uf = 1; + sdls_frame.pdu.hdr.uf = 1; sdls_frame.pdu.hdr.pid = 0; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 1; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 2; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 3; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 4; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 5; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 6; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); -// TODO: (RB) Disabled for now. Key Inventory needs to be re-worked. - Not currently using EP - + // TODO: (RB) Disabled for now. Key Inventory needs to be re-worked. - Not currently using EP + // sdls_frame.pdu.hdr.pid = 7; // status = Crypto_PDU(ingest, &tc_frame); // ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = 8; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.hdr.type = 1; + sdls_frame.hdr.type = 1; sdls_frame.pdu.hdr.pid = 8; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } @@ -274,13 +278,13 @@ UTEST(CRYPTO_C, PDU_SWITCH) UTEST(CRYPTO_C, EXT_PROC_PDU) { remove("sa_save_file.bin"); - uint8_t* ingest = NULL; - TC_t* tc_frame = NULL; - tc_frame = malloc(sizeof(uint8_t) * TC_SIZE); - int32_t status = CRYPTO_LIB_ERROR; + uint8_t *ingest = NULL; + TC_t *tc_frame = NULL; + tc_frame = malloc(sizeof(uint8_t) * TC_SIZE); + int32_t status = CRYPTO_LIB_ERROR; crypto_config.has_pus_hdr = TC_NO_PUS_HDR; - tc_frame->tc_header.vcid = TC_SDLS_EP_VCID; - tc_frame->tc_header.fl = 1; + tc_frame->tc_header.vcid = TC_SDLS_EP_VCID; + tc_frame->tc_header.fl = 1; status = Crypto_Process_Extended_Procedure_Pdu(tc_frame, ingest); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); @@ -294,13 +298,13 @@ UTEST(CRYPTO_C, GET_ACS_ALGO) remove("sa_save_file.bin"); Crypto_Init_TC_Unit_Test(); int32_t libgcrypt_algo = -1; - uint8_t crypto_algo = CRYPTO_MAC_CMAC_AES256; - + uint8_t crypto_algo = CRYPTO_MAC_CMAC_AES256; + //// Convert CRYPTOAES enum to GCRY_MAC_CMAC_AES - //libgcrypt_algo = cryptography_if->cryptography_get_acs_algo(crypto_algo); - //ASSERT_EQ(libgcrypt_algo, GCRY_MAC_CMAC_AES); + // libgcrypt_algo = cryptography_if->cryptography_get_acs_algo(crypto_algo); + // ASSERT_EQ(libgcrypt_algo, GCRY_MAC_CMAC_AES); - crypto_algo = 99; // Invalid / unsupported + crypto_algo = 99; // Invalid / unsupported libgcrypt_algo = cryptography_if->cryptography_get_acs_algo(crypto_algo); ASSERT_EQ(libgcrypt_algo, CRYPTO_LIB_ERR_UNSUPPORTED_ACS); } @@ -313,7 +317,7 @@ UTEST(CRYPTO_C, GET_ACS_ALGO_KEY_LEN) remove("sa_save_file.bin"); int32_t algo_keylen = -1; uint8_t crypto_algo = CRYPTO_MAC_CMAC_AES256; - algo_keylen = Crypto_Get_ACS_Algo_Keylen(crypto_algo); + algo_keylen = Crypto_Get_ACS_Algo_Keylen(crypto_algo); ASSERT_EQ(algo_keylen, 32); crypto_algo = CRYPTO_MAC_HMAC_SHA256; @@ -333,13 +337,13 @@ UTEST(CRYPTO_C, GET_ECS_ALGO) remove("sa_save_file.bin"); Crypto_Init_TC_Unit_Test(); int32_t libgcrypt_algo = -1; - int8_t crypto_algo = CRYPTO_CIPHER_AES256_GCM; - + int8_t crypto_algo = CRYPTO_CIPHER_AES256_GCM; + // Convert CRYPTOAES enum to GCRY_CIPHER_AES256 - //libgcrypt_algo = cryptography_if->cryptography_get_ecs_algo(crypto_algo); - //ASSERT_EQ(libgcrypt_algo, GCRY_CIPHER_AES256); + // libgcrypt_algo = cryptography_if->cryptography_get_ecs_algo(crypto_algo); + // ASSERT_EQ(libgcrypt_algo, GCRY_CIPHER_AES256); - crypto_algo = 99; // Invalid / unsupported + crypto_algo = 99; // Invalid / unsupported libgcrypt_algo = cryptography_if->cryptography_get_ecs_algo(crypto_algo); ASSERT_EQ(libgcrypt_algo, CRYPTO_LIB_ERR_UNSUPPORTED_ECS); } @@ -352,7 +356,7 @@ UTEST(CRYPTO_C, GET_ECS_ALGO_KEY_LEN) remove("sa_save_file.bin"); int32_t algo_keylen = -1; uint8_t crypto_algo = CRYPTO_CIPHER_AES256_GCM; - algo_keylen = Crypto_Get_ACS_Algo_Keylen(crypto_algo); + algo_keylen = Crypto_Get_ACS_Algo_Keylen(crypto_algo); ASSERT_EQ(algo_keylen, 32); } diff --git a/test/unit/ut_crypto_config.c b/test/unit/ut_crypto_config.c index 2ff7d4ca..f82278fc 100644 --- a/test/unit/ut_crypto_config.c +++ b/test/unit/ut_crypto_config.c @@ -32,7 +32,7 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_WITH_INCOMPLETE_CONFIG) { remove("sa_save_file.bin"); int32_t status = CRYPTO_LIB_ERROR; - status = Crypto_Init(); + status = Crypto_Init(); ASSERT_EQ(CRYPTO_CONFIGURATION_NOT_COMPLETE, status); } @@ -42,12 +42,13 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_WITH_INCOMPLETE_CONFIG) UTEST(CRYPTO_CONFIG, CRYPTO_INIT_NO_MANAGED_PARAM_CONFIG) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; - CryptoConfig_t* crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); - GvcidManagedParameters_t gvcid_managed_paramenters_p = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; - SadbMariaDBConfig_t* sa_mariadb_config_p = NULL; - CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config_p = NULL; - status = Crypto_Init_With_Configs(crypto_config_p, &gvcid_managed_paramenters_p, sa_mariadb_config_p, cryptography_kmc_crypto_config_p); + int32_t status = CRYPTO_LIB_ERROR; + CryptoConfig_t *crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); + GvcidManagedParameters_t gvcid_managed_paramenters_p = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; + SadbMariaDBConfig_t *sa_mariadb_config_p = NULL; + CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config_p = NULL; + status = Crypto_Init_With_Configs(crypto_config_p, &gvcid_managed_paramenters_p, sa_mariadb_config_p, + cryptography_kmc_crypto_config_p); free(crypto_config_p); ASSERT_EQ(CRYPTO_MANAGED_PARAM_CONFIGURATION_NOT_COMPLETE, status); } @@ -58,18 +59,20 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_NO_MANAGED_PARAM_CONFIG) UTEST(CRYPTO_CONFIG, CRYPTO_INIT_MARIADB_NULL) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; - CryptoConfig_t* crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); - crypto_config_p->key_type=KEY_TYPE_INTERNAL; - crypto_config_p->mc_type=MC_TYPE_INTERNAL; - GvcidManagedParameters_t gvcid_managed_paramenters_p = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1};// = malloc(sizeof(GvcidManagedParameters_t)); - //gvcid_managed_paramenters_p->next = NULL; - SadbMariaDBConfig_t* sa_mariadb_config_p = NULL; - CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config_p = NULL; + int32_t status = CRYPTO_LIB_ERROR; + CryptoConfig_t *crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); + crypto_config_p->key_type = KEY_TYPE_INTERNAL; + crypto_config_p->mc_type = MC_TYPE_INTERNAL; + GvcidManagedParameters_t gvcid_managed_paramenters_p = { + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}; // = malloc(sizeof(GvcidManagedParameters_t)); + // gvcid_managed_paramenters_p->next = NULL; + SadbMariaDBConfig_t *sa_mariadb_config_p = NULL; + CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config_p = NULL; crypto_config_p->sa_type = SA_TYPE_MARIADB; - status = Crypto_Init_With_Configs(crypto_config_p, &gvcid_managed_paramenters_p, sa_mariadb_config_p, cryptography_kmc_crypto_config_p); - + status = Crypto_Init_With_Configs(crypto_config_p, &gvcid_managed_paramenters_p, sa_mariadb_config_p, + cryptography_kmc_crypto_config_p); + free(crypto_config_p); ASSERT_EQ(CRYPTO_MARIADB_CONFIGURATION_NOT_COMPLETE, status); } @@ -77,7 +80,7 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_MARIADB_NULL) ///** // * @brief Unit Test: Crypto Init with NULL KMC Crypto configuration // **/ -//UTEST(CRYPTO_CONFIG, CRYPTO_INIT_KMCCRYPTO_NULL) +// UTEST(CRYPTO_CONFIG, CRYPTO_INIT_KMCCRYPTO_NULL) //{ // int32_t status = CRYPTO_LIB_ERROR; // CryptoConfig_t* crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); @@ -91,9 +94,8 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_MARIADB_NULL) // crypto_config_p->sa_type = SA_TYPE_MARIADB; // crypto_config_p->cryptography_type = CRYPTOGRAPHY_TYPE_KMCCRYPTO; // -// status = Crypto_Init_With_Configs(crypto_config_p, gvcid_managed_paramenters_p, sa_mariadb_config_p, cryptography_kmc_crypto_config_p); -// free(crypto_config_p); -// free(gvcid_managed_paramenters_p); +// status = Crypto_Init_With_Configs(crypto_config_p, gvcid_managed_paramenters_p, sa_mariadb_config_p, +// cryptography_kmc_crypto_config_p); free(crypto_config_p); free(gvcid_managed_paramenters_p); // free(sa_mariadb_config_p); // ASSERT_EQ(CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIGURATION_NOT_COMPLETE, status); //} @@ -101,14 +103,15 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_MARIADB_NULL) ///** // * @brief Unit Test: Crypto Init with Invalid Interface // **/ -//UTEST(CRYPTO_CONFIG, CRYPTO_INIT_INVALID_INTERFACE) +// UTEST(CRYPTO_CONFIG, CRYPTO_INIT_INVALID_INTERFACE) //{ // int32_t status = CRYPTO_LIB_ERROR; // -// status = Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_UNITIALIZED, -// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, -// TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, -// TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, +// status = Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, +// CRYPTOGRAPHY_TYPE_UNITIALIZED, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, +// TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, +// TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, // SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // status = Crypto_Init(); // @@ -121,19 +124,21 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_MARIADB_NULL) UTEST(CRYPTO_CONFIG, CRYPTO_INIT_INVALID_SADB) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; - CryptoConfig_t* crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); - crypto_config_p->key_type=KEY_TYPE_INTERNAL; - crypto_config_p->mc_type=MC_TYPE_INTERNAL; - GvcidManagedParameters_t gvcid_managed_paramenters_p = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1};// = malloc(sizeof(GvcidManagedParameters_t) * sizeof(uint8_t)); - //gvcid_managed_paramenters_p->next = NULL; - SadbMariaDBConfig_t* sa_mariadb_config_p = malloc(sizeof(SadbMariaDBConfig_t) * sizeof(uint8_t)); - CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config_p = NULL; - - crypto_config_p->sa_type = 99; // Currently an invalid ENUM + int32_t status = CRYPTO_LIB_ERROR; + CryptoConfig_t *crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); + crypto_config_p->key_type = KEY_TYPE_INTERNAL; + crypto_config_p->mc_type = MC_TYPE_INTERNAL; + GvcidManagedParameters_t gvcid_managed_paramenters_p = { + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}; // = malloc(sizeof(GvcidManagedParameters_t) * sizeof(uint8_t)); + // gvcid_managed_paramenters_p->next = NULL; + SadbMariaDBConfig_t *sa_mariadb_config_p = malloc(sizeof(SadbMariaDBConfig_t) * sizeof(uint8_t)); + CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config_p = NULL; + + crypto_config_p->sa_type = 99; // Currently an invalid ENUM crypto_config_p->cryptography_type = 99; // Currently an invalid ENUM - status = Crypto_Init_With_Configs(crypto_config_p, &gvcid_managed_paramenters_p, sa_mariadb_config_p, cryptography_kmc_crypto_config_p); + status = Crypto_Init_With_Configs(crypto_config_p, &gvcid_managed_paramenters_p, sa_mariadb_config_p, + cryptography_kmc_crypto_config_p); free(crypto_config_p); free(sa_mariadb_config_p); ASSERT_EQ(SADB_INVALID_SADB_TYPE, status); @@ -146,18 +151,18 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_INVALID_SADB) UTEST(CRYPTO_CONFIG, CRYPTO_CONFIG_MDB) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; - char* mysql_username = "ITC_JPL"; - char* mysql_password = "ITC_JPL"; - char* mysql_hostname = "ITC_JPL"; - char* mysql_database = "ITC_JPL"; - uint16_t mysql_port = 9999; - char* ssl_cert = "NONE"; - char* ssl_key = "NONE"; - char* ssl_ca = "NONE"; - char* ssl_capath = "NONE"; - uint8_t verify_server = 0; - char* client_key_password = NULL; + int32_t status = CRYPTO_LIB_ERROR; + char *mysql_username = "ITC_JPL"; + char *mysql_password = "ITC_JPL"; + char *mysql_hostname = "ITC_JPL"; + char *mysql_database = "ITC_JPL"; + uint16_t mysql_port = 9999; + char *ssl_cert = "NONE"; + char *ssl_key = "NONE"; + char *ssl_ca = "NONE"; + char *ssl_capath = "NONE"; + uint8_t verify_server = 0; + char *client_key_password = NULL; status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -169,42 +174,43 @@ UTEST(CRYPTO_CONFIG, CRYPTO_CONFIG_MDB) UTEST(CRYPTO_CONFIG, CRYPTO_CONFIG_KMC) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; - char* protocol = "https"; - char* hostname = "ITC_JPL"; - int16_t port = 9999; - - char* kmc_crypto_app_uri = "crypto-service"; - char* mtls_client_cert_path = "/dev/null"; - char* mtls_client_cert_type = "PEM"; - char* mtls_client_key_path = "/dev/null"; - char* mtls_client_key_pass = "12345"; - char* mtls_ca_bundle = "/dev/null"; - char* mtls_ca_path = "/dev/null"; - char* mtls_issuer_cert = "/dev/null"; + int32_t status = CRYPTO_LIB_ERROR; + char *protocol = "https"; + char *hostname = "ITC_JPL"; + int16_t port = 9999; + + char *kmc_crypto_app_uri = "crypto-service"; + char *mtls_client_cert_path = "/dev/null"; + char *mtls_client_cert_type = "PEM"; + char *mtls_client_key_path = "/dev/null"; + char *mtls_client_key_pass = "12345"; + char *mtls_ca_bundle = "/dev/null"; + char *mtls_ca_path = "/dev/null"; + char *mtls_issuer_cert = "/dev/null"; uint8_t ignore_ssl_hostname_validation = CRYPTO_TRUE; - status = Crypto_Config_Kmc_Crypto_Service(protocol, hostname, port, kmc_crypto_app_uri, mtls_ca_bundle, - mtls_ca_path, ignore_ssl_hostname_validation, mtls_client_cert_path, - mtls_client_cert_type, mtls_client_key_path, - mtls_client_key_pass, mtls_issuer_cert); + status = Crypto_Config_Kmc_Crypto_Service( + protocol, hostname, port, kmc_crypto_app_uri, mtls_ca_bundle, mtls_ca_path, ignore_ssl_hostname_validation, + mtls_client_cert_path, mtls_client_cert_type, mtls_client_key_path, mtls_client_key_pass, mtls_issuer_cert); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } #ifdef TODO_NEEDSWORK UTEST(CRYPTO_CONFIG, CRYPTO_INIT_KMC_OK) { - int32_t status = CRYPTO_LIB_ERROR; - CryptoConfig_t* crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); - crypto_config_p->key_type=KEY_TYPE_INTERNAL; - GvcidManagedParameters_t* gvcid_managed_paramenters_p = malloc(sizeof(GvcidManagedParameters_t) * sizeof(uint8_t)); - SadbMariaDBConfig_t* sa_mariadb_config_p = malloc(sizeof(SadbMariaDBConfig_t) * sizeof(uint8_t)); - CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config_p = malloc(sizeof(CryptographyKmcCryptoServiceConfig_t) * sizeof(uint8_t)); - - crypto_config_p->sa_type = SA_TYPE_MARIADB; + int32_t status = CRYPTO_LIB_ERROR; + CryptoConfig_t *crypto_config_p = malloc(CRYPTO_CONFIG_SIZE); + crypto_config_p->key_type = KEY_TYPE_INTERNAL; + GvcidManagedParameters_t *gvcid_managed_paramenters_p = malloc(sizeof(GvcidManagedParameters_t) * sizeof(uint8_t)); + SadbMariaDBConfig_t *sa_mariadb_config_p = malloc(sizeof(SadbMariaDBConfig_t) * sizeof(uint8_t)); + CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config_p = + malloc(sizeof(CryptographyKmcCryptoServiceConfig_t) * sizeof(uint8_t)); + + crypto_config_p->sa_type = SA_TYPE_MARIADB; crypto_config_p->cryptography_type = CRYPTOGRAPHY_TYPE_KMCCRYPTO; - status = Crypto_Init_With_Configs(crypto_config_p, gvcid_managed_paramenters_p, sa_mariadb_config_p, cryptography_kmc_crypto_config_p); + status = Crypto_Init_With_Configs(crypto_config_p, gvcid_managed_paramenters_p, sa_mariadb_config_p, + cryptography_kmc_crypto_config_p); free(crypto_config_p); free(gvcid_managed_paramenters_p); free(sa_mariadb_config_p); diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index d1fa5e81..79d8437b 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -8,28 +8,35 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // crypto_key_t* ekp = NULL; int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - //char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_OTAR_h = "2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + // char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_OTAR_h = + "2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bb" + "d55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af89" + "6d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; // |2003009e00| = Primary Header // |ff| = Ext. Procs // |0000| = SPI @@ -43,46 +50,48 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) // |0084| = PDU Length // |0000| = Master Key ID // |344892bbc54f5395297d4c37| = IV - // |172f| = Encrypted Key ID - // |2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd| = Encrypted Key + // |172f| = Encrypted + // Key ID + // |2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd| + // = Encrypted Key // |21cf| = Encrypted Key ID // |268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990| = Encrypted Key // |ba41| = EKID // |48af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e557| = EK // |10a47209c923b641d19a39001f9e9861| = MAC // |66f5ffd95555| = Trailer or Padding??? - - uint8_t *buffer_nist_key_b, *buffer_OTAR_b = NULL; - int buffer_nist_key_len, buffer_OTAR_len = 0; + + uint8_t *buffer_nist_key_b, *buffer_OTAR_b = NULL; + int buffer_nist_key_len, buffer_OTAR_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Activate SA 1 sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->est = 0; - test_association->ast = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; test_association->shsnf_len = 2; - test_association->arsn_len = 2; - test_association->arsnw = 5; - test_association->iv_len = 0; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->iv_len = 0; test_association->shivf_len = 0; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); // ekp = key_if->get_key(test_association->ekid); // memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - hex_conversion(buffer_OTAR_h, (char**) &buffer_OTAR_b, &buffer_OTAR_len); + hex_conversion(buffer_OTAR_h, (char **)&buffer_OTAR_b, &buffer_OTAR_len); // Convert/Set input IV - //hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - //memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + // hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + // memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); @@ -91,7 +100,7 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) printf("\n"); Crypto_Shutdown(); - //free(buffer_nist_iv_b); + // free(buffer_nist_iv_b); free(buffer_nist_key_b); free(buffer_OTAR_b); } @@ -99,30 +108,34 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) UTEST(EP_KEY_MGMT, ACTIVATE_141_142) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - int status = CRYPTO_LIB_SUCCESS; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_ACTIVATE_h = "2003001e00ff000000001880d038000c197f0b00020004008d008e82ebe4fc55555555"; + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_ACTIVATE_h = "2003001e00ff000000001880d038000c197f0b00020004008d008e82ebe4fc55555555"; // |2003001e00| = Primary Header // |ff| = SPI // |00010000| = Security Header @@ -136,15 +149,15 @@ UTEST(EP_KEY_MGMT, ACTIVATE_141_142) // |008d| = Key ID (141) // |008e| = Key ID (142) // |82ebe4fc55555555| = Trailer??? - - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_ACTIVATE_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_ACTIVATE_len = 0; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_ACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_ACTIVATE_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -152,23 +165,23 @@ UTEST(EP_KEY_MGMT, ACTIVATE_141_142) // Activate SA 9 sa_if->sa_get_from_spi(0, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->shsnf_len = 2; - test_association->arsn_len = 2; - test_association->arsnw = 5; - test_association->iv_len = 12; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->iv_len = 12; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - hex_conversion(buffer_ACTIVATE_h, (char**) &buffer_ACTIVATE_b, &buffer_ACTIVATE_len); + hex_conversion(buffer_ACTIVATE_h, (char **)&buffer_ACTIVATE_b, &buffer_ACTIVATE_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect success on next valid IV && ARSN @@ -187,30 +200,34 @@ UTEST(EP_KEY_MGMT, ACTIVATE_141_142) UTEST(EP_KEY_MGMT, DEACTIVATE_142) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - int status = CRYPTO_LIB_SUCCESS; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_DEACTIVATE_h = "2003001c00ff000000001880d039000a197f0b00030002008e1f6d21c4555555555555"; + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d039000a197f0b00030002008e1f6d21c4555555555555"; // |2003001c00| = Primary Header // |ff| = SPI // |00010000| = security Header @@ -223,15 +240,15 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142) // |0002| = PDU Length // |008e| = Key ID (142) // |1f6d82ebe4fc55555555| = Trailer??? - - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -240,25 +257,25 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142) // Activate SA 9 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; - //test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->est = 0; - test_association->ast = 0; - test_association->iv_len = 12; + // test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->iv_len = 12; test_association->shsnf_len = 2; - test_association->arsn_len = 2; - test_association->arsnw = 5; + test_association->arsn_len = 2; + test_association->arsnw = 5; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(142); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); ekp->key_state = KEY_ACTIVE; // Convert frames that will be processed - hex_conversion(buffer_DEACTIVATE_h, (char**) &buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); + hex_conversion(buffer_DEACTIVATE_h, (char **)&buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect success on next valid IV && ARSN @@ -278,51 +295,53 @@ UTEST(EP_KEY_MGMT, INVENTORY_132_134) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - //Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + // GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, + // TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + int status = CRYPTO_LIB_SUCCESS; - status = Crypto_Init(); + status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_nist_iv_h = "000000000000000000000000"; // The last valid IV that was seen by the SA - char* buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; - // |2003001c00| = Primary Header - // |ff| = SPI - // |00000000| = security Header - // |1880| = CryptoLib App ID - // |d03b| = seq, packet id - // |000a| = Packet Length - // |197f| = pusv, ack, st - // |0b| = sst - // |0007| = PDU Tag - // |0004| = PDU Length - // |0084| = Key ID (132) - // |0086| = Key ID (134) - // |1f6d82ebe4fc55555555| = Trailer??? - - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; - int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "000000000000000000000000"; // The last valid IV that was seen by the SA + char *buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; + // |2003001c00| = Primary Header + // |ff| = SPI + // |00000000| = security Header + // |1880| = CryptoLib App ID + // |d03b| = seq, packet id + // |000a| = Packet Length + // |197f| = pusv, ack, st + // |0b| = sst + // |0007| = PDU Tag + // |0004| = PDU Length + // |0084| = Key ID (132) + // |0086| = Key ID (134) + // |1f6d82ebe4fc55555555| = Trailer??? + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -330,24 +349,24 @@ UTEST(EP_KEY_MGMT, INVENTORY_132_134) // Activate SA 9 sa_if->sa_get_from_spi(0, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->est = 0; - test_association->ast = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; test_association->shsnf_len = 2; - test_association->arsn_len = 2; - test_association->arsnw = 5; - test_association->iv_len = 12; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->iv_len = 12; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - hex_conversion(buffer_INVENTORY_h, (char**) &buffer_INVENTORY_b, &buffer_INVENTORY_len); + hex_conversion(buffer_INVENTORY_h, (char **)&buffer_INVENTORY_b, &buffer_INVENTORY_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); @@ -356,14 +375,14 @@ UTEST(EP_KEY_MGMT, INVENTORY_132_134) // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -381,34 +400,39 @@ UTEST(EP_KEY_MGMT, INVENTORY_132_134) Crypto_Shutdown(); free(buffer_nist_iv_b); free(buffer_nist_key_b); - ASSERT_EQ(0,0); + ASSERT_EQ(0, 0); } UTEST(EP_KEY_MGMT, VERIFY_132_134) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); int status = CRYPTO_LIB_SUCCESS; - status = Crypto_Init(); + status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; - char* buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8"; + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c0" + "6302465bc6d5091a29957eebed35c00a6ed8"; // |2003003e00| = Primary Header // |ff| = SPI // |00000000| = Security header @@ -420,25 +444,34 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) // |0004| = PDU Tag // |0024| = PDU Length // |0084| = Key ID (132) - // |71fc3ad5b1c36ad56bd5a5432315cdab| = Challenge - // |0086| = Key ID (134) - // |75c06302465bc6d5091a29957eebed35| = Challenge + // |71fc3ad5b1c36ad56bd5a5432315cdab| = + // Challenge + // |0086| = + // Key ID + // (134) + // |75c06302465bc6d5091a29957eebed35| + // = + // Challenge // |c00a6ed8| = Trailer - // TRUTH PDU - char* buffer_TRUTH_RESPONSE_h = "0880D03A0068197F0B008402E00084000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF548E2885008600000000000000000000000275C47F30CA26E64AF30C19EBFFE0B314849133E138AC65BC2806E520A90C96A8"; + // TRUTH PDU + char *buffer_TRUTH_RESPONSE_h = + "0880D03A0068197F0B008402E00084000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF" + "548E2885008600000000000000000000000275C47F30CA26E64AF30C19EBFFE0B314849133E138AC65BC2806E520A90C96A8"; // 0880D03A0068 = Primary Header // 197F0B00 = PUS Header // 0402E0 = PDU Tag & Length - // 0084 000000000000000000000001 D8EAA795AFFAA0E951BB6CF0116192E1 6B1977D6723E92E01123CCEF548E2885 = #1: KID, IV, CHALLENGE, MAC - // 0086 000000000000000000000002 75C47F30CA26E64AF30C19EBFFE0B314 849133E138AC65BC2806E520A90C96A8 = #2: KID, IV, CHALLENGE, MAC - uint8_t *buffer_nist_key_b, *buffer_VERIFY_b, *buffer_TRUTH_RESPONSE_b = NULL; - int buffer_nist_key_len, buffer_VERIFY_len, buffer_TRUTH_RESPONSE_len = 0; + // 0084 000000000000000000000001 D8EAA795AFFAA0E951BB6CF0116192E1 + // 6B1977D6723E92E01123CCEF548E2885 = #1: KID, IV, CHALLENGE, MAC + // 0086 000000000000000000000002 75C47F30CA26E64AF30C19EBFFE0B314 + // 849133E138AC65BC2806E520A90C96A8 = #2: KID, IV, CHALLENGE, MAC + uint8_t *buffer_nist_key_b, *buffer_VERIFY_b, *buffer_TRUTH_RESPONSE_b = NULL; + int buffer_nist_key_len, buffer_VERIFY_len, buffer_TRUTH_RESPONSE_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame = {0}; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -446,25 +479,25 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) // Activate SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 0; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->est = 0; - test_association->ast = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 0; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; test_association->shsnf_len = 2; - test_association->arsn_len = 2; + test_association->arsn_len = 2; test_association->arsnw_len = 1; - test_association->arsnw = 5; + test_association->arsnw = 5; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - hex_conversion(buffer_VERIFY_h, (char**) &buffer_VERIFY_b, &buffer_VERIFY_len); + hex_conversion(buffer_VERIFY_h, (char **)&buffer_VERIFY_b, &buffer_VERIFY_len); - hex_conversion(buffer_TRUTH_RESPONSE_h, (char**) &buffer_TRUTH_RESPONSE_b, &buffer_TRUTH_RESPONSE_len); + hex_conversion(buffer_TRUTH_RESPONSE_h, (char **)&buffer_TRUTH_RESPONSE_b, &buffer_TRUTH_RESPONSE_len); // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); @@ -474,14 +507,14 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -499,7 +532,6 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) Crypto_Shutdown(); free(buffer_nist_key_b); free(buffer_VERIFY_b); - } UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_ep_mc.c b/test/unit/ut_ep_mc.c index a6baa023..83b97d52 100644 --- a/test/unit/ut_ep_mc.c +++ b/test/unit/ut_ep_mc.c @@ -8,22 +8,24 @@ UTEST(EP_MC, MC_REGULAR_PING) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_PING_h = "2003001a00ff000100001880d2c70008197f0b00310000b1fe312855"; + char *buffer_PING_h = "2003001a00ff000100001880d2c70008197f0b00310000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -38,14 +40,14 @@ UTEST(EP_MC, MC_REGULAR_PING) // |b1fe3128| = FSR // |55| = Padding - uint8_t *buffer_PING_b = NULL; - int buffer_PING_len = 0; + uint8_t *buffer_PING_b = NULL; + int buffer_PING_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -56,24 +58,24 @@ UTEST(EP_MC, MC_REGULAR_PING) test_association->sa_state = SA_UNKEYED; // Convert frames that will be processed - hex_conversion(buffer_PING_h, (char**) &buffer_PING_b, &buffer_PING_len); - + hex_conversion(buffer_PING_h, (char **)&buffer_PING_b, &buffer_PING_len); + status = Crypto_TC_ProcessSecurity(buffer_PING_b, &buffer_PING_len, &tc_nist_processed_frame); - //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -88,7 +90,7 @@ UTEST(EP_MC, MC_REGULAR_PING) } Crypto_Shutdown(); - + free(buffer_PING_b); } @@ -96,22 +98,24 @@ UTEST(EP_MC, MC_STATUS) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_STATUS_h = "2003001a00ff000100001880d2c70008197f0b00320000b1fe312855"; + char *buffer_STATUS_h = "2003001a00ff000100001880d2c70008197f0b00320000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs // |00010000| = Security Header @@ -126,14 +130,14 @@ UTEST(EP_MC, MC_STATUS) // |3128| // |55| = Padding - uint8_t *buffer_STATUS_b = NULL; - int buffer_STATUS_len = 0; + uint8_t *buffer_STATUS_b = NULL; + int buffer_STATUS_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -144,24 +148,24 @@ UTEST(EP_MC, MC_STATUS) test_association->sa_state = SA_UNKEYED; // Convert frames that will be processed - hex_conversion(buffer_STATUS_h, (char**) &buffer_STATUS_b, &buffer_STATUS_len); - + hex_conversion(buffer_STATUS_h, (char **)&buffer_STATUS_b, &buffer_STATUS_len); + status = Crypto_TC_ProcessSecurity(buffer_STATUS_b, &buffer_STATUS_len, &tc_nist_processed_frame); - //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -176,7 +180,7 @@ UTEST(EP_MC, MC_STATUS) } Crypto_Shutdown(); - + free(buffer_STATUS_b); } @@ -184,23 +188,25 @@ UTEST(EP_MC, MC_DUMP) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext // 0880d2c70039b300300a044e4153410a044e4153410a044e4153410a044e4153410a044e4153410a044e415341 - char* buffer_DUMP_h = "2003001a00ff000100001880d2c70008197f0b00330000b1fe312855"; + char *buffer_DUMP_h = "2003001a00ff000100001880d2c70008197f0b00330000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs // |00010000| = Security Header @@ -215,14 +221,14 @@ UTEST(EP_MC, MC_DUMP) // |3128| // |55| = Padding - uint8_t *buffer_DUMP_b = NULL; - int buffer_DUMP_len = 0; + uint8_t *buffer_DUMP_b = NULL; + int buffer_DUMP_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -233,24 +239,24 @@ UTEST(EP_MC, MC_DUMP) test_association->sa_state = SA_UNKEYED; // Convert frames that will be processed - hex_conversion(buffer_DUMP_h, (char**) &buffer_DUMP_b, &buffer_DUMP_len); - + hex_conversion(buffer_DUMP_h, (char **)&buffer_DUMP_b, &buffer_DUMP_len); + status = Crypto_TC_ProcessSecurity(buffer_DUMP_b, &buffer_DUMP_len, &tc_nist_processed_frame); - //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -265,7 +271,7 @@ UTEST(EP_MC, MC_DUMP) } Crypto_Shutdown(); - + free(buffer_DUMP_b); } @@ -273,22 +279,24 @@ UTEST(EP_MC, MC_ERASE) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_ERASE_h = "2003001a00ff000100001880d2c70008197f0b00340000b1fe312855"; + char *buffer_ERASE_h = "2003001a00ff000100001880d2c70008197f0b00340000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs // |00010000| = Security Header @@ -301,16 +309,16 @@ UTEST(EP_MC, MC_ERASE) // |0000| = PDU Length // |b1fe| // |3128| - // |55| = Padding + // |55| = Padding - uint8_t *buffer_ERASE_b = NULL; - int buffer_ERASE_len = 0; + uint8_t *buffer_ERASE_b = NULL; + int buffer_ERASE_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -321,24 +329,24 @@ UTEST(EP_MC, MC_ERASE) test_association->sa_state = SA_UNKEYED; // Convert frames that will be processed - hex_conversion(buffer_ERASE_h, (char**) &buffer_ERASE_b, &buffer_ERASE_len); - + hex_conversion(buffer_ERASE_h, (char **)&buffer_ERASE_b, &buffer_ERASE_len); + status = Crypto_TC_ProcessSecurity(buffer_ERASE_b, &buffer_ERASE_len, &tc_nist_processed_frame); - //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -353,7 +361,7 @@ UTEST(EP_MC, MC_ERASE) } Crypto_Shutdown(); - + free(buffer_ERASE_b); } @@ -361,22 +369,24 @@ UTEST(EP_MC, MC_SELF_TEST) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_SELF_h = "2003001a00ff000100001880d2c70008197f0b00350000b1fe312855"; + char *buffer_SELF_h = "2003001a00ff000100001880d2c70008197f0b00350000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs // |00010000| = Security Header @@ -391,14 +401,14 @@ UTEST(EP_MC, MC_SELF_TEST) // |3128| // |55| = Padding - uint8_t *buffer_SELF_b = NULL; - int buffer_SELF_len = 0; + uint8_t *buffer_SELF_b = NULL; + int buffer_SELF_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -409,24 +419,24 @@ UTEST(EP_MC, MC_SELF_TEST) test_association->sa_state = SA_UNKEYED; // Convert frames that will be processed - hex_conversion(buffer_SELF_h, (char**) &buffer_SELF_b, &buffer_SELF_len); - + hex_conversion(buffer_SELF_h, (char **)&buffer_SELF_b, &buffer_SELF_len); + status = Crypto_TC_ProcessSecurity(buffer_SELF_b, &buffer_SELF_len, &tc_nist_processed_frame); - //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("\n"); // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -441,7 +451,7 @@ UTEST(EP_MC, MC_SELF_TEST) } Crypto_Shutdown(); - + free(buffer_SELF_b); } @@ -449,22 +459,24 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_ALARM_h = "2003001a00ff000100001880d2c70008197f0b00370000b1fe312855"; + char *buffer_ALARM_h = "2003001a00ff000100001880d2c70008197f0b00370000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs // |00010000| = Security Header @@ -479,14 +491,14 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) // |3128| // |55| = Padding - uint8_t *buffer_ALARM_b = NULL; - int buffer_ALARM_len = 0; + uint8_t *buffer_ALARM_b = NULL; + int buffer_ALARM_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -497,15 +509,15 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) test_association->sa_state = SA_UNKEYED; // Convert frames that will be processed - hex_conversion(buffer_ALARM_h, (char**) &buffer_ALARM_b, &buffer_ALARM_len); - + hex_conversion(buffer_ALARM_h, (char **)&buffer_ALARM_b, &buffer_ALARM_len); + status = Crypto_TC_ProcessSecurity(buffer_ALARM_b, &buffer_ALARM_len, &tc_nist_processed_frame); - //ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); - + free(buffer_ALARM_b); } diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 41b6bcf3..419a2a8e 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -8,22 +8,25 @@ UTEST(EP_SA_MGMT, SA_6_REKEY_133) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_REKEY_h = "2003002a00ff000100001880d0ac0018197f0b0016000c00060085000000000000000000000000da959fc8555555555555"; + char *buffer_REKEY_h = + "2003002a00ff000100001880d0ac0018197f0b0016000c00060085000000000000000000000000da959fc8555555555555"; // |2003002a00| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -39,14 +42,14 @@ UTEST(EP_SA_MGMT, SA_6_REKEY_133) // |0085| = Key ID // |000000000000000000000000da959fc8| = IV - uint8_t *buffer_REKEY_b = NULL; - int buffer_REKEY_len = 0; + uint8_t *buffer_REKEY_b = NULL; + int buffer_REKEY_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -57,14 +60,14 @@ UTEST(EP_SA_MGMT, SA_6_REKEY_133) test_association->sa_state = SA_UNKEYED; // Convert frames that will be processed - hex_conversion(buffer_REKEY_h, (char**) &buffer_REKEY_b, &buffer_REKEY_len); - + hex_conversion(buffer_REKEY_h, (char **)&buffer_REKEY_b, &buffer_REKEY_len); + status = Crypto_TC_ProcessSecurity(buffer_REKEY_b, &buffer_REKEY_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); - + free(buffer_REKEY_b); } @@ -72,22 +75,24 @@ UTEST(EP_SA_MGMT, SA_START_6) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_START_h = "2003002000ff000100001880d0ad000e197f0b001b0004000600003040f6f7a61a5555"; + char *buffer_START_h = "2003002000ff000100001880d0ad000e197f0b001b0004000600003040f6f7a61a5555"; // |2003002000| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -101,28 +106,28 @@ UTEST(EP_SA_MGMT, SA_START_6) // |0004| = PDU Length // |0006| = SA being started - uint8_t *buffer_START_b = NULL; - int buffer_START_len = 0; + uint8_t *buffer_START_b = NULL; + int buffer_START_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->shivf_len = 0; - + // Convert frames that will be processed - hex_conversion(buffer_START_h, (char**) &buffer_START_b, &buffer_START_len); - + hex_conversion(buffer_START_h, (char **)&buffer_START_b, &buffer_START_len); + status = Crypto_TC_ProcessSecurity(buffer_START_b, &buffer_START_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); - + free(buffer_START_b); } @@ -130,22 +135,24 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_READ_h = "2003001c00ff000100001880d0b0000a197f0b001000020006555555555555"; + char *buffer_READ_h = "2003001c00ff000100001880d0b0000a197f0b001000020006555555555555"; // |2003001c00| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -159,14 +166,14 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) // |0002| = PDU Length // |0006| = SA being read - uint8_t *buffer_READ_b = NULL; - int buffer_READ_len = 0; + uint8_t *buffer_READ_b = NULL; + int buffer_READ_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -174,32 +181,32 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) // Modify SA 1 sa_if->sa_get_from_spi(6, &test_association); - test_association->sa_state = SA_OPERATIONAL; + test_association->sa_state = SA_OPERATIONAL; test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->ecs = 0; - test_association->arsn_len = 4; - test_association->arsn[0] = 0xDE; - test_association->arsn[1] = 0xAD; - test_association->arsn[2] = 0xBE; - test_association->arsn[3] = 0xEF; - + test_association->iv_len = 0; + test_association->ecs = 0; + test_association->arsn_len = 4; + test_association->arsn[0] = 0xDE; + test_association->arsn[1] = 0xAD; + test_association->arsn[2] = 0xBE; + test_association->arsn[3] = 0xEF; + // Convert frames that will be processed - hex_conversion(buffer_READ_h, (char**) &buffer_READ_b, &buffer_READ_len); - + hex_conversion(buffer_READ_h, (char **)&buffer_READ_b, &buffer_READ_len); + status = Crypto_TC_ProcessSecurity(buffer_READ_b, &buffer_READ_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -215,7 +222,7 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) printf("\n"); Crypto_Shutdown(); - + free(buffer_READ_b); } @@ -223,22 +230,24 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_SET_h = "2003001a00ff000100001880d0b1000a197f0b0015000400060955"; + char *buffer_SET_h = "2003001a00ff000100001880d0b1000a197f0b0015000400060955"; // |2003002800| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -253,14 +262,14 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) // |0006| = SA being modified // |09| = ARSNW - uint8_t *buffer_SET_b = NULL; - int buffer_SET_len = 0; + uint8_t *buffer_SET_b = NULL; + int buffer_SET_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -270,10 +279,10 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) // Modify SA 1 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; - + // Convert frames that will be processed - hex_conversion(buffer_SET_h, (char**) &buffer_SET_b, &buffer_SET_len); - + hex_conversion(buffer_SET_h, (char **)&buffer_SET_b, &buffer_SET_len); + status = Crypto_TC_ProcessSecurity(buffer_SET_b, &buffer_SET_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -281,7 +290,7 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) printf("\n"); Crypto_Shutdown(); - + free(buffer_SET_b); } @@ -289,22 +298,24 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_SET_h = "2003002800ff000100001880d0b10016197f0b001a000a000600000000000000000000006413b5983e55"; + char *buffer_SET_h = "2003002800ff000100001880d0b10016197f0b001a000a000600000000000000000000006413b5983e55"; // |2003002800| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -319,14 +330,14 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) // |0006| = SA being modified // |00000000000000000000006413b5983e| = ARSN - uint8_t *buffer_SET_b = NULL; - int buffer_SET_len = 0; + uint8_t *buffer_SET_b = NULL; + int buffer_SET_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -336,10 +347,10 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->arsn_len = 16; - + // Convert frames that will be processed - hex_conversion(buffer_SET_h, (char**) &buffer_SET_b, &buffer_SET_len); - + hex_conversion(buffer_SET_h, (char **)&buffer_SET_b, &buffer_SET_len); + status = Crypto_TC_ProcessSecurity(buffer_SET_b, &buffer_SET_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -347,7 +358,7 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) printf("\n"); Crypto_Shutdown(); - + free(buffer_SET_b); } @@ -355,22 +366,24 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_STATUS_h = "2003001800ff000100001880d0b00008197f0b001f00020006"; + char *buffer_STATUS_h = "2003001800ff000100001880d0b00008197f0b001f00020006"; // |2003002000| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -384,14 +397,14 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) // |0002| = PDU Length // |0006| = SA being started - uint8_t *buffer_STATUS_b = NULL; - int buffer_STATUS_len = 0; + uint8_t *buffer_STATUS_b = NULL; + int buffer_STATUS_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -400,23 +413,23 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) // Modify SA 1 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; - + // Convert frames that will be processed - hex_conversion(buffer_STATUS_h, (char**) &buffer_STATUS_b, &buffer_STATUS_len); - + hex_conversion(buffer_STATUS_h, (char **)&buffer_STATUS_b, &buffer_STATUS_len); + status = Crypto_TC_ProcessSecurity(buffer_STATUS_b, &buffer_STATUS_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Check reply values uint16_t reply_length = 0; - uint8_t sdls_ep_reply_local[1024]; + uint8_t sdls_ep_reply_local[1024]; status = Crypto_Get_Sdls_Ep_Reply(&sdls_ep_reply_local[0], &reply_length); // Expect success ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Print local copy printf("SDLS Reply LOCAL: 0x"); - for (int i =0; i < reply_length; i++) + for (int i = 0; i < reply_length; i++) { printf("%02X", sdls_ep_reply_local[i]); } @@ -432,7 +445,7 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) printf("\n"); Crypto_Shutdown(); - + free(buffer_STATUS_b); } @@ -440,22 +453,24 @@ UTEST(EP_SA_MGMT, SA_STOP_6) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_STOP_h = "2003001c00ff000100001880d0b6000a197f0b001e00020006938f21c4555555555555"; + char *buffer_STOP_h = "2003001c00ff000100001880d0b6000a197f0b001e00020006938f21c4555555555555"; // |2003001c00| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -469,14 +484,14 @@ UTEST(EP_SA_MGMT, SA_STOP_6) // |0002| = PDU Length // |0006| = SA being stopped - uint8_t *buffer_STOP_b = NULL; - int buffer_STOP_len = 0; + uint8_t *buffer_STOP_b = NULL; + int buffer_STOP_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); @@ -485,16 +500,16 @@ UTEST(EP_SA_MGMT, SA_STOP_6) // Modify SA 1 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; - + // Convert frames that will be processed - hex_conversion(buffer_STOP_h, (char**) &buffer_STOP_b, &buffer_STOP_len); - + hex_conversion(buffer_STOP_h, (char **)&buffer_STOP_b, &buffer_STOP_len); + status = Crypto_TC_ProcessSecurity(buffer_STOP_b, &buffer_STOP_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); - + free(buffer_STOP_b); } @@ -502,22 +517,24 @@ UTEST(EP_SA_MGMT, SA_EXPIRE_6) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_0_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - + Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char* buffer_EXPIRE_h = "2003001c00ff000100001880d0b7000a197f0b001900020006f72e21c4555555555555"; + char *buffer_EXPIRE_h = "2003001c00ff000100001880d0b7000a197f0b001900020006f72e21c4555555555555"; // |2003001c00| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -531,28 +548,28 @@ UTEST(EP_SA_MGMT, SA_EXPIRE_6) // |0002| = PDU Length // |0006| = SA being stopped - uint8_t *buffer_EXPIRE_b = NULL; - int buffer_EXPIRE_len = 0; + uint8_t *buffer_EXPIRE_b = NULL; + int buffer_EXPIRE_len = 0; // Setup Processed Frame For Decryption TC_t tc_nist_processed_frame; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Modify SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->shivf_len = 0; - + // Convert frames that will be processed - hex_conversion(buffer_EXPIRE_h, (char**) &buffer_EXPIRE_b, &buffer_EXPIRE_len); - + hex_conversion(buffer_EXPIRE_h, (char **)&buffer_EXPIRE_b, &buffer_EXPIRE_len); + status = Crypto_TC_ProcessSecurity(buffer_EXPIRE_b, &buffer_EXPIRE_len, &tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("\n"); Crypto_Shutdown(); - + free(buffer_EXPIRE_b); } diff --git a/test/unit/ut_mysql_m_tls_connection.c b/test/unit/ut_mysql_m_tls_connection.c index 68b9b3c2..8331ec42 100644 --- a/test/unit/ut_mysql_m_tls_connection.c +++ b/test/unit/ut_mysql_m_tls_connection.c @@ -1,51 +1,52 @@ -/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. All Foreign Rights are Reserved to the U.S. Government. - This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, including, but not - limited to, any warranty that the software will conform to specifications, any implied warranties of merchantability, fitness - for a particular purpose, and freedom from infringement, and any warranty that the documentation will conform to the program, or - any warranty that the software will be error free. - In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or consequential damages, - arising out of, resulting from, or in any way connected with the software or its documentation, whether or not based upon warranty, - contract, tort or otherwise, and whether or not loss was sustained from, or arose out of the results of, or use of, the software, - documentation or services provided hereunder. - ITC Team - NASA IV&V +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. All Foreign Rights are Reserved to the U.S. + Government. This software is provided "as is" without any warranty of any kind, either expressed, implied, or + statutory, including, but not limited to, any warranty that the software will conform to specifications, any implied + warranties of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that + the documentation will conform to the program, or any warranty that the software will be error free. In no event shall + NASA be liable for any damages, including, but not limited to direct, indirect, special or consequential damages, + arising out of, resulting from, or in any way connected with the software or its documentation, whether or not based + upon warranty, contract, tort or otherwise, and whether or not loss was sustained from, or arose out of the results + of, or use of, the software, documentation or services provided hereunder. ITC Team NASA IV&V jstar-development-team@mail.nasa.gov */ /** - * @brief Unit Test: Test - * - * Test mTLS (mutual trust) connection + * @brief Unit Test: Test + * + * Test mTLS (mutual trust) connection *1) Required development packages: sudo yum install mariadb-connector-c-devel.x86_64 - * + * 2)IMPORTANT:The .pem files & MySQL MUST be configured and on the host before running this test * using this test refer to the guide:https://dev.mysql.com/doc/refman/8.0/en/encrypted-connections.html - * + * The program requires these files to establish a TLS connection: i) ssl_cert=/etc/pki/tls/certs/local-test-cert.pem ii) ssl_key=/etc/pki/tls/private/local-test-key.pem iii) ssl_ca=/etc/pki/tls/certs/ammos-ca-bundle.crt - 3)IMPORTANT:Build with "cmake -DSA_MARIADB=ON ." - * + 3)IMPORTANT:Build with "cmake -DSA_MARIADB=ON ." + * IMPORTANT:The database must have similar configuration for this test to succeed: MariaDB server to use the standard host-based . -In our case host was asec-cmdenc-dev2.jpl.nasa.gov -This was done by editing the server configuration file -- /etc/my.cnf.d/mariadb.server -- and adding the following options: +In our case host was asec-cmdenc-dev2.jpl.nasa.gov +This was done by editing the server configuration file -- /etc/my.cnf.d/mariadb.server -- and adding the following +options: * For example: ssl_cert=/etc/pki/tls/certs/local-test-cert.pem ssl_key=/etc/pki/tls/private/local-test-key.pem ssl_ca=/etc/pki/tls/certs/ammos-ca-bundle.crt -This user is setup to allow normal password access. -This user is allowed to access MariaDB on both the localhost and asec-cmdenc-dev2.jpl.nasa.gov hostnames, -and *can* use TLS to connect, but is NOT REQUIRED to. TLS access requires the use of the full hostname, since the server certificate will not validate for 'localhost'. +This user is setup to allow normal password access. +This user is allowed to access MariaDB on both the localhost and asec-cmdenc-dev2.jpl.nasa.gov hostnames, +and *can* use TLS to connect, but is NOT REQUIRED to. TLS access requires the use of the full hostname, since the +server certificate will not validate for 'localhost'. To connect using 2-way TLS, with any certificate: To connect as testuser2 with 2-way TLS, using the local-test-cert.pem certificate: -mysql -u testuser2 -h asec-cmdenc-dev2.jpl.nasa.gov --ssl-ca=/etc/pki/tls/certs/ammos-ca-bundle.crt --ssl-verify-server-cert --ssl-cert=/etc/pki/tls/certs/local-test-cert.pem --ssl-key=/etc/pki/tls/private/local-test-key.pem -Password: mTLS does not require a password. +mysql -u testuser2 -h asec-cmdenc-dev2.jpl.nasa.gov --ssl-ca=/etc/pki/tls/certs/ammos-ca-bundle.crt +--ssl-verify-server-cert --ssl-cert=/etc/pki/tls/certs/local-test-cert.pem +--ssl-key=/etc/pki/tls/private/local-test-key.pem Password: mTLS does not require a password. **/ #include @@ -60,54 +61,55 @@ Password: mTLS does not require a password. #include "crypto_config_structs.h" #include - int32_t Crypto_Init_TC_Unit_Test_For_DB(void); -/*Attempting to test a connection similar to command line authentication: +/*Attempting to test a connection similar to command line authentication: To connect as testuser2 with 2-way TLS, using the local-test-cert.pem certificate: -mysql -u testuser2 -h asec-cmdenc-dev2.jpl.nasa.gov --ssl-ca=/etc/pki/tls/certs/ammos-ca-bundle.crt --ssl-verify-server-cert --ssl-cert=/etc/pki/tls/certs/local-test-cert.pem --ssl-key=/etc/pki/tls/private/local-test-key.pem -Password: 2 way TLS or mTLS does not require a password. -However using the MySQL's C API*/ -UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { +mysql -u testuser2 -h asec-cmdenc-dev2.jpl.nasa.gov --ssl-ca=/etc/pki/tls/certs/ammos-ca-bundle.crt +--ssl-verify-server-cert --ssl-cert=/etc/pki/tls/certs/local-test-cert.pem +--ssl-key=/etc/pki/tls/private/local-test-key.pem Password: 2 way TLS or mTLS does not require a password. However using +the MySQL's C API*/ +UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) +{ printf("START mariadb connection, TLS test() \n"); int status = 0; - /*connection input parameters. + /*connection input parameters. Note: username, pass, and paths may differ on your system*/ - char* mysql_username = "testuser1"; - char* password = "l0ngp@ssWord"; //replace with actual password or test will fail. - char* mysql_hostname = "asec-cmdenc-dev2.jpl.nasa.gov"; - char* mysql_database = NULL; - uint16_t mysql_port = 3306; - char* ssl_cert = "/etc/pki/tls/certs/local-test-cert.pem"; - char* ssl_key = "/etc/pki/tls/private/local-test-key.pem"; - char* ssl_ca = "/etc/pki/tls/certs/ammos-ca-bundle.crt"; - char* ssl_capath = "/etc/pki/tls/certs/"; - uint8_t verify_server = 0; - char* client_key_password = NULL; - //uint8_t ssl_verify_server_cert = 1; + char *mysql_username = "testuser1"; + char *password = "l0ngp@ssWord"; // replace with actual password or test will fail. + char *mysql_hostname = "asec-cmdenc-dev2.jpl.nasa.gov"; + char *mysql_database = NULL; + uint16_t mysql_port = 3306; + char *ssl_cert = "/etc/pki/tls/certs/local-test-cert.pem"; + char *ssl_key = "/etc/pki/tls/private/local-test-key.pem"; + char *ssl_ca = "/etc/pki/tls/certs/ammos-ca-bundle.crt"; + char *ssl_capath = "/etc/pki/tls/certs/"; + uint8_t verify_server = 0; + char *client_key_password = NULL; + // uint8_t ssl_verify_server_cert = 1; /*set configuration params*/ status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_TRUE, verify_server, ssl_ca, ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); /*Prepare SADB type from config*/ - status = Crypto_Init_TC_Unit_Test_For_DB(); + status = Crypto_Init_TC_Unit_Test_For_DB(); SaInterface sa_if = get_sa_interface_mariadb(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("END mariadb connection, TLS test() status:%d \n", status); printf("START mariadb connection, mTLS test() \n"); status = 0; - //close the connection to avoid a duplicate connection error when running the test multiple times. - sa_if->sa_close(); - /*connection input parameters. + // close the connection to avoid a duplicate connection error when running the test multiple times. + sa_if->sa_close(); + /*connection input parameters. Note: username, pass, and paths may differ on your system*/ mysql_username = "testuser2"; - password = NULL; //mTLS does not require a password. + password = NULL; // mTLS does not require a password. mysql_hostname = "asec-cmdenc-dev2.jpl.nasa.gov"; mysql_database = NULL; - mysql_port = 3306; - ssl_cert = "/etc/pki/tls/certs/local-test-cert.pem"; - ssl_key = "/etc/pki/tls/private/local-test-key.pem"; - ssl_ca = "/etc/pki/tls/certs/ammos-ca-bundle.crt"; - ssl_capath = "/etc/pki/tls/certs/"; + mysql_port = 3306; + ssl_cert = "/etc/pki/tls/certs/local-test-cert.pem"; + ssl_key = "/etc/pki/tls/private/local-test-key.pem"; + ssl_ca = "/etc/pki/tls/certs/ammos-ca-bundle.crt"; + ssl_capath = "/etc/pki/tls/certs/"; /*set configuration params*/ status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_TRUE, verify_server, ssl_ca, ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, password); @@ -116,30 +118,32 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { status = Crypto_Init_TC_Unit_Test_For_DB(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("END mariadb connection, mTLS test() status:%d \n", status); - //close the connection to avoid a duplicate connection error when running the test multiple times. - sa_if->sa_close(); - + // close the connection to avoid a duplicate connection error when running the test multiple times. + sa_if->sa_close(); } /*Helper Functions:*/ /* - * Note: SA_TYPE_INMEMORY was change to SA_TYPE_MARIADB for this test only. + * Note: SA_TYPE_INMEMORY was change to SA_TYPE_MARIADB for this test only. */ -int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { +int32_t Crypto_Init_TC_Unit_Test_For_DB(void) +{ int32_t status = CRYPTO_LIB_SUCCESS; - - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + status = Crypto_Init(); return status; } diff --git a/test/unit/ut_mysql_tls_connection.c b/test/unit/ut_mysql_tls_connection.c index 4089d5dd..50515c0e 100644 --- a/test/unit/ut_mysql_tls_connection.c +++ b/test/unit/ut_mysql_tls_connection.c @@ -1,51 +1,50 @@ -/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. All Foreign Rights are Reserved to the U.S. Government. - This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, including, but not - limited to, any warranty that the software will conform to specifications, any implied warranties of merchantability, fitness - for a particular purpose, and freedom from infringement, and any warranty that the documentation will conform to the program, or - any warranty that the software will be error free. - In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or consequential damages, - arising out of, resulting from, or in any way connected with the software or its documentation, whether or not based upon warranty, - contract, tort or otherwise, and whether or not loss was sustained from, or arose out of the results of, or use of, the software, - documentation or services provided hereunder. - ITC Team - NASA IV&V +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. All Foreign Rights are Reserved to the U.S. + Government. This software is provided "as is" without any warranty of any kind, either expressed, implied, or + statutory, including, but not limited to, any warranty that the software will conform to specifications, any implied + warranties of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that + the documentation will conform to the program, or any warranty that the software will be error free. In no event shall + NASA be liable for any damages, including, but not limited to direct, indirect, special or consequential damages, + arising out of, resulting from, or in any way connected with the software or its documentation, whether or not based + upon warranty, contract, tort or otherwise, and whether or not loss was sustained from, or arose out of the results + of, or use of, the software, documentation or services provided hereunder. ITC Team NASA IV&V jstar-development-team@mail.nasa.gov */ /** - * @brief Unit Test: Test - * - * Test TLS connection + * @brief Unit Test: Test + * + * Test TLS connection *1) Required development packages: sudo yum install mariadb-connector-c-devel.x86_64 - * + * 2)IMPORTANT:The .pem files & MySQL MUST be configured and on the host before running this test * using this test refer to the guide:https://dev.mysql.com/doc/refman/8.0/en/encrypted-connections.html - * + * The program requires these files to establish a TLS connection: i) ssl_cert=/etc/pki/tls/certs/ammos-server-cert.pem ii) ssl_key=/etc/pki/tls/private/ammos-server-key.pem iii) ssl_ca=/etc/pki/tls/certs/ammos-ca-bundle.crt - 3)IMPORTANT:Build with "cmake -DSA_MARIADB=ON ." - * + 3)IMPORTANT:Build with "cmake -DSA_MARIADB=ON ." + * IMPORTANT:The database must have similar configuration for this test to succeed: MariaDB server to use the standard host-based . -In our case host was asec-cmdenc-dev2.jpl.nasa.gov -This was done by editing the server configuration file -- /etc/my.cnf.d/mariadb.server -- and adding the following options: +In our case host was asec-cmdenc-dev2.jpl.nasa.gov +This was done by editing the server configuration file -- /etc/my.cnf.d/mariadb.server -- and adding the following +options: * For example: ssl_cert=/etc/pki/tls/certs/ammos-server-cert.pem ssl_key=/etc/pki/tls/private/ammos-server-key.pem ssl_ca=/etc/pki/tls/certs/ammos-ca-bundle.crt -This user is setup to allow normal password access. -This user is allowed to access MariaDB on both the localhost and asec-cmdenc-dev2.jpl.nasa.gov hostnames, -and *can* use TLS to connect, but is NOT REQUIRED to. TLS access requires the use of the full hostname, since the server certificate will not validate for 'localhost'. +This user is setup to allow normal password access. +This user is allowed to access MariaDB on both the localhost and asec-cmdenc-dev2.jpl.nasa.gov hostnames, +and *can* use TLS to connect, but is NOT REQUIRED to. TLS access requires the use of the full hostname, since the +server certificate will not validate for 'localhost'. To connect using TLS (encrypted connection) from the command line client: -mysql -u testuser1 -p -h asec-cmdenc-dev2.jpl.nasa.gov --ssl-ca=/etc/pki/tls/certs/ammos-ca-bundle.crt --ssl-verify-server-cert -Login: testuser1 -Password: +mysql -u testuser1 -p -h asec-cmdenc-dev2.jpl.nasa.gov --ssl-ca=/etc/pki/tls/certs/ammos-ca-bundle.crt +--ssl-verify-server-cert Login: testuser1 Password: **/ #include @@ -63,37 +62,36 @@ Password: #include #ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +#define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" #else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +/* KMC_MDB_DB */ +#define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" #endif - - int32_t Crypto_Init_TC_Unit_Test_For_DB(void); -/*Attempting to test a connection similar to command line authentication: -mysql -u testuser1 -p -h asec-cmdenc-dev2.jpl.nasa.gov --ssl-ca=/etc/pki/tls/certs/ammos-ca-bundle.crt --ssl-verify-server-cert -However using the MySQL's C API*/ -// - replace with actual password or test will fail. -UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { +/*Attempting to test a connection similar to command line authentication: +mysql -u testuser1 -p -h asec-cmdenc-dev2.jpl.nasa.gov --ssl-ca=/etc/pki/tls/certs/ammos-ca-bundle.crt +--ssl-verify-server-cert However using the MySQL's C API*/ +// - replace with actual password or test will fail. +UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) +{ printf("START mariadb connection, TLS test() \n"); int status = 0; - /*connection input parameters. + /*connection input parameters. Note: username, pass, and paths may differ on your system*/ - char* mysql_username = "testuser1"; - char* password = "l0ngp@ssWord"; //replace with actual password or test will fail. - char* mysql_hostname = "asec-cmdenc-dev2.jpl.nasa.gov"; - char* mysql_database = NULL; - uint16_t mysql_port = 3306; - char* ssl_cert = "/etc/pki/tls/certs/ammos-server-cert.pem"; - char* ssl_key = "/etc/pki/tls/private/ammos-server-key.pem"; - char* ssl_ca = "/etc/pki/tls/certs/ammos-ca-bundle.crt"; - char* ssl_capath = "/etc/pki/tls/certs/"; - uint8_t verify_server = 0; - char* client_key_password = NULL; + char *mysql_username = "testuser1"; + char *password = "l0ngp@ssWord"; // replace with actual password or test will fail. + char *mysql_hostname = "asec-cmdenc-dev2.jpl.nasa.gov"; + char *mysql_database = NULL; + uint16_t mysql_port = 3306; + char *ssl_cert = "/etc/pki/tls/certs/ammos-server-cert.pem"; + char *ssl_key = "/etc/pki/tls/private/ammos-server-key.pem"; + char *ssl_ca = "/etc/pki/tls/certs/ammos-ca-bundle.crt"; + char *ssl_capath = "/etc/pki/tls/certs/"; + uint8_t verify_server = 0; + char *client_key_password = NULL; /*set configuration params*/ status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_TRUE, verify_server, ssl_ca, @@ -108,22 +106,25 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { /*Helper Functions:*/ /* - * Note: SA_TYPE_INMEMORY was change to SA_TYPE_MARIADB for this test only. + * Note: SA_TYPE_INMEMORY was change to SA_TYPE_MARIADB for this test only. */ -int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { +int32_t Crypto_Init_TC_Unit_Test_For_DB(void) +{ int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + status = Crypto_Init(); return status; } diff --git a/test/unit/ut_sa_save.c b/test/unit/ut_sa_save.c index 18b4ad07..2a6cdf59 100644 --- a/test/unit/ut_sa_save.c +++ b/test/unit/ut_sa_save.c @@ -18,11 +18,11 @@ /** * NOTE: ALL OF THESE TESTS ARE MEANT TO BE RUN SEQUENTIALLY!! - * + * * ERRONEOUS BEHAVIOR OTHERWISE - * + * * NOTE: AS Security associations change, this tese will need to be updated for validation -*/ + */ /** * Unit Tests that macke use of CRYPTO_CONFIG functionality on the data. @@ -38,8 +38,8 @@ UTEST(SA_SAVE, VERIFY_INTERNAL) remove("sa_save_file.bin"); Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* test_association; + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(4, &test_association); @@ -47,7 +47,7 @@ UTEST(SA_SAVE, VERIFY_INTERNAL) ASSERT_EQ(test_association->ekid, 4); ASSERT_EQ(test_association->akid, 4); int str_cmp_output = 0; - str_cmp_output = strcmp(test_association->ek_ref, ""); + str_cmp_output = strcmp(test_association->ek_ref, ""); ASSERT_EQ(0, str_cmp_output); str_cmp_output = strcmp(test_association->ak_ref, ""); ASSERT_EQ(0, str_cmp_output); @@ -64,7 +64,7 @@ UTEST(SA_SAVE, VERIFY_INTERNAL) ASSERT_EQ(test_association->stmacf_len, 16); ASSERT_EQ(test_association->ecs, 0x01); ASSERT_EQ(test_association->ecs_len, 1); - for(int i = 0; iiv_len; i++) + for (int i = 0; i < test_association->iv_len; i++) { ASSERT_EQ(test_association->iv[i], 0x00); } @@ -72,17 +72,17 @@ UTEST(SA_SAVE, VERIFY_INTERNAL) ASSERT_EQ(test_association->acs_len, 0); ASSERT_EQ(test_association->acs, 0x00); ASSERT_EQ(test_association->abm_len, 1786); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0x00); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 11); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 1); ASSERT_EQ(test_association->arsnw, 5); } @@ -92,64 +92,64 @@ UTEST(SA_SAVE, INTERNAL_DEFAULT_PASS_1) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; - char* new_iv_h = "FFFFFFFFFFFC"; - char* new_iv_b = NULL; + char *new_iv_h = "FFFFFFFFFFFC"; + char *new_iv_b = NULL; - char* expected_iv_h = "000000000001000000000001"; - char* expected_iv_b = NULL; + char *expected_iv_h = "000000000001000000000001"; + char *expected_iv_b = NULL; int raw_tc_sdls_ping_len = 0; - int new_iv_len = 0; - int expected_iv_len = 0; + int new_iv_len = 0; + int expected_iv_len = 0; SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); test_association->gvcid_blk.vcid = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->shivf_len = 6; - test_association->iv_len = 12; - test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->shivf_len = 6; + test_association->iv_len = 12; + test_association->arsn_len = 0; strcpy(test_association->ek_ref, "TEST_EK_REF"); strcpy(test_association->ak_ref, "TEST_AK_REF"); memcpy(test_association->iv + (test_association->iv_len - test_association->shivf_len), new_iv_b, new_iv_len); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); for (int i = 0; i < test_association->iv_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); } @@ -165,8 +165,8 @@ UTEST(SA_SAVE, VERIFY_DEFAULT_PASS_1_SAVE) { Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* test_association; + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(4, &test_association); @@ -174,7 +174,7 @@ UTEST(SA_SAVE, VERIFY_DEFAULT_PASS_1_SAVE) ASSERT_EQ(test_association->ekid, 4); ASSERT_EQ(test_association->akid, 4); int str_cmp_output = 0; - str_cmp_output = strcmp(test_association->ek_ref, "TEST_EK_REF"); + str_cmp_output = strcmp(test_association->ek_ref, "TEST_EK_REF"); ASSERT_EQ(0, str_cmp_output); str_cmp_output = strcmp(test_association->ek_ref, "TEST_EK_REF_BAD"); ASSERT_NE(0, str_cmp_output); @@ -182,7 +182,7 @@ UTEST(SA_SAVE, VERIFY_DEFAULT_PASS_1_SAVE) ASSERT_EQ(0, str_cmp_output); str_cmp_output = strcmp(test_association->ak_ref, "TEST_AK_REF_BAD"); ASSERT_NE(0, str_cmp_output); - + ASSERT_EQ(test_association->sa_state, SA_OPERATIONAL); ASSERT_EQ(test_association->gvcid_blk.tfvn, 0); ASSERT_EQ(test_association->gvcid_blk.scid, (SCID & 0x3FF)); @@ -196,7 +196,7 @@ UTEST(SA_SAVE, VERIFY_DEFAULT_PASS_1_SAVE) ASSERT_EQ(test_association->stmacf_len, 16); ASSERT_EQ(test_association->ecs, 0x01); ASSERT_EQ(test_association->ecs_len, 1); - + ASSERT_EQ(test_association->iv[0], 0x00); ASSERT_EQ(test_association->iv[1], 0x00); ASSERT_EQ(test_association->iv[2], 0x00); @@ -210,22 +210,21 @@ UTEST(SA_SAVE, VERIFY_DEFAULT_PASS_1_SAVE) ASSERT_EQ(test_association->iv[10], 0x00); ASSERT_EQ(test_association->iv[11], 0x01); - ASSERT_EQ(test_association->iv_len, 12); ASSERT_EQ(test_association->acs_len, 0); ASSERT_EQ(test_association->acs, 0x00); ASSERT_EQ(test_association->abm_len, 1786); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0x00); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 0); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 1); ASSERT_EQ(test_association->arsnw, 5); } @@ -234,64 +233,64 @@ UTEST(SA_SAVE, SAVE_PASS_1) { // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; - char* new_iv_h = "FFFFFFFFFFFC"; - char* new_iv_b = NULL; + char *new_iv_h = "FFFFFFFFFFFC"; + char *new_iv_b = NULL; - char* expected_iv_h = "000000000002000000000001"; - char* expected_iv_b = NULL; + char *expected_iv_h = "000000000002000000000001"; + char *expected_iv_b = NULL; int raw_tc_sdls_ping_len = 0; - int new_iv_len = 0; - int expected_iv_len = 0; + int new_iv_len = 0; + int expected_iv_len = 0; SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); test_association->gvcid_blk.vcid = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->shivf_len = 6; - test_association->iv_len = 12; - test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->shivf_len = 6; + test_association->iv_len = 12; + test_association->arsn_len = 0; clean_akref(test_association); clean_ekref(test_association); memcpy(test_association->iv + (test_association->iv_len - test_association->shivf_len), new_iv_b, new_iv_len); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); for (int i = 0; i < test_association->iv_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); } @@ -307,8 +306,8 @@ UTEST(SA_SAVE, VERIFY_SAVE_PASS_1_SAVE) { Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* test_association; + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(4, &test_association); @@ -316,7 +315,7 @@ UTEST(SA_SAVE, VERIFY_SAVE_PASS_1_SAVE) ASSERT_EQ(test_association->ekid, 4); ASSERT_EQ(test_association->akid, 4); int str_cmp_output = 0; - str_cmp_output = strcmp(test_association->ek_ref, ""); + str_cmp_output = strcmp(test_association->ek_ref, ""); ASSERT_EQ(0, str_cmp_output); str_cmp_output = strcmp(test_association->ek_ref, "TEST_EK_REF_BAD"); ASSERT_NE(0, str_cmp_output); @@ -337,7 +336,7 @@ UTEST(SA_SAVE, VERIFY_SAVE_PASS_1_SAVE) ASSERT_EQ(test_association->stmacf_len, 16); ASSERT_EQ(test_association->ecs, 0x01); ASSERT_EQ(test_association->ecs_len, 1); - + ASSERT_EQ(test_association->iv[0], 0x00); ASSERT_EQ(test_association->iv[1], 0x00); ASSERT_EQ(test_association->iv[2], 0x00); @@ -350,22 +349,22 @@ UTEST(SA_SAVE, VERIFY_SAVE_PASS_1_SAVE) ASSERT_EQ(test_association->iv[9], 0x00); ASSERT_EQ(test_association->iv[10], 0x00); ASSERT_EQ(test_association->iv[11], 0x01); - + ASSERT_EQ(test_association->iv_len, 12); ASSERT_EQ(test_association->acs_len, 0); ASSERT_EQ(test_association->acs, 0x00); ASSERT_EQ(test_association->abm_len, 1786); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0x00); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 0); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 1); ASSERT_EQ(test_association->arsnw, 5); } @@ -374,62 +373,62 @@ UTEST(SA_SAVE, SAVE_PASS_2) { // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; - char* new_iv_h = "FFFFFFFFFFFC"; - char* new_iv_b = NULL; + char *new_iv_h = "FFFFFFFFFFFC"; + char *new_iv_b = NULL; - char* expected_iv_h = "000000000003000000000001"; - char* expected_iv_b = NULL; + char *expected_iv_h = "000000000003000000000001"; + char *expected_iv_b = NULL; int raw_tc_sdls_ping_len = 0; - int new_iv_len = 0; - int expected_iv_len = 0; + int new_iv_len = 0; + int expected_iv_len = 0; SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); test_association->gvcid_blk.vcid = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->shivf_len = 6; - test_association->iv_len = 12; - test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->shivf_len = 6; + test_association->iv_len = 12; + test_association->arsn_len = 0; memcpy(test_association->iv + (test_association->iv_len - test_association->shivf_len), new_iv_b, new_iv_len); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); for (int i = 0; i < test_association->iv_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); } @@ -445,16 +444,16 @@ UTEST(SA_SAVE, VERIFY_SAVE_PASS_2_SAVE) { Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* test_association; + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(4, &test_association); ASSERT_EQ(test_association->spi, 4); ASSERT_EQ(test_association->ekid, 4); ASSERT_EQ(test_association->akid, 4); - //test_association->ek_ref = sa_ptr->ek_ref; - //test_association->ak_ref = sa_ptr->ak_ref; + // test_association->ek_ref = sa_ptr->ek_ref; + // test_association->ak_ref = sa_ptr->ak_ref; ASSERT_EQ(test_association->sa_state, SA_OPERATIONAL); ASSERT_EQ(test_association->gvcid_blk.tfvn, 0); ASSERT_EQ(test_association->gvcid_blk.scid, (SCID & 0x3FF)); @@ -468,7 +467,7 @@ UTEST(SA_SAVE, VERIFY_SAVE_PASS_2_SAVE) ASSERT_EQ(test_association->stmacf_len, 16); ASSERT_EQ(test_association->ecs, 0x01); ASSERT_EQ(test_association->ecs_len, 1); - + ASSERT_EQ(test_association->iv[0], 0x00); ASSERT_EQ(test_association->iv[1], 0x00); ASSERT_EQ(test_association->iv[2], 0x00); @@ -481,22 +480,22 @@ UTEST(SA_SAVE, VERIFY_SAVE_PASS_2_SAVE) ASSERT_EQ(test_association->iv[9], 0x00); ASSERT_EQ(test_association->iv[10], 0x00); ASSERT_EQ(test_association->iv[11], 0x01); - + ASSERT_EQ(test_association->iv_len, 12); ASSERT_EQ(test_association->acs_len, 0); ASSERT_EQ(test_association->acs, 0x00); ASSERT_EQ(test_association->abm_len, 1786); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0x00); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 0); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 1); ASSERT_EQ(test_association->arsnw, 5); } @@ -505,16 +504,16 @@ UTEST(SA_SAVE, VERIFY_SAVE_ADJACENT) { Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* test_association; + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *test_association; -// VERIFY SA 4 + // VERIFY SA 4 sa_if->sa_get_from_spi(4, &test_association); ASSERT_EQ(test_association->spi, 4); ASSERT_EQ(test_association->ekid, 4); ASSERT_EQ(test_association->akid, 4); - //test_association->ek_ref = sa_ptr->ek_ref; - //test_association->ak_ref = sa_ptr->ak_ref; + // test_association->ek_ref = sa_ptr->ek_ref; + // test_association->ak_ref = sa_ptr->ak_ref; ASSERT_EQ(test_association->sa_state, SA_OPERATIONAL); ASSERT_EQ(test_association->gvcid_blk.tfvn, 0); ASSERT_EQ(test_association->gvcid_blk.scid, (SCID & 0x3FF)); @@ -528,7 +527,7 @@ UTEST(SA_SAVE, VERIFY_SAVE_ADJACENT) ASSERT_EQ(test_association->stmacf_len, 16); ASSERT_EQ(test_association->ecs, 0x01); ASSERT_EQ(test_association->ecs_len, 1); - + ASSERT_EQ(test_association->iv[0], 0x00); ASSERT_EQ(test_association->iv[1], 0x00); ASSERT_EQ(test_association->iv[2], 0x00); @@ -541,32 +540,32 @@ UTEST(SA_SAVE, VERIFY_SAVE_ADJACENT) ASSERT_EQ(test_association->iv[9], 0x00); ASSERT_EQ(test_association->iv[10], 0x00); ASSERT_EQ(test_association->iv[11], 0x01); - + ASSERT_EQ(test_association->iv_len, 12); ASSERT_EQ(test_association->acs_len, 0); ASSERT_EQ(test_association->acs, 0x00); ASSERT_EQ(test_association->abm_len, 1786); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0x00); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 0); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 1); ASSERT_EQ(test_association->arsnw, 5); -// VERIFY SA 3 + // VERIFY SA 3 sa_if->sa_get_from_spi(3, &test_association); ASSERT_EQ(test_association->spi, 3); ASSERT_EQ(test_association->ekid, 3); ASSERT_EQ(test_association->akid, 3); - //test_association->ek_ref = sa_ptr->ek_ref; - //test_association->ak_ref = sa_ptr->ak_ref; + // test_association->ek_ref = sa_ptr->ek_ref; + // test_association->ak_ref = sa_ptr->ak_ref; ASSERT_EQ(test_association->sa_state, SA_KEYED); ASSERT_EQ(test_association->gvcid_blk.tfvn, 0); ASSERT_EQ(test_association->gvcid_blk.scid, 3); @@ -580,7 +579,7 @@ UTEST(SA_SAVE, VERIFY_SAVE_ADJACENT) ASSERT_EQ(test_association->stmacf_len, 16); ASSERT_EQ(test_association->ecs, 0); ASSERT_EQ(test_association->ecs_len, 0); - + ASSERT_EQ(test_association->iv[0], 0x00); ASSERT_EQ(test_association->iv[1], 0x00); ASSERT_EQ(test_association->iv[2], 0x00); @@ -593,32 +592,32 @@ UTEST(SA_SAVE, VERIFY_SAVE_ADJACENT) ASSERT_EQ(test_association->iv[9], 0x00); ASSERT_EQ(test_association->iv[10], 0x00); ASSERT_EQ(test_association->iv[11], 0x00); - + ASSERT_EQ(test_association->iv_len, 12); ASSERT_EQ(test_association->acs_len, 1); ASSERT_EQ(test_association->acs, 3); ASSERT_EQ(test_association->abm_len, 0); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0x00); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 2); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 1); ASSERT_EQ(test_association->arsnw, 5); -// VERIFY SA 5 + // VERIFY SA 5 sa_if->sa_get_from_spi(5, &test_association); ASSERT_EQ(test_association->spi, 5); ASSERT_EQ(test_association->ekid, 5); ASSERT_EQ(test_association->akid, 5); - //test_association->ek_ref = sa_ptr->ek_ref; - //test_association->ak_ref = sa_ptr->ak_ref; + // test_association->ek_ref = sa_ptr->ek_ref; + // test_association->ak_ref = sa_ptr->ak_ref; ASSERT_EQ(test_association->sa_state, SA_KEYED); ASSERT_EQ(test_association->gvcid_blk.tfvn, 0); ASSERT_EQ(test_association->gvcid_blk.scid, 3); @@ -632,7 +631,7 @@ UTEST(SA_SAVE, VERIFY_SAVE_ADJACENT) ASSERT_EQ(test_association->stmacf_len, 0); ASSERT_EQ(test_association->ecs, 0); ASSERT_EQ(test_association->ecs_len, 0); - + ASSERT_EQ(test_association->iv[0], 0x00); ASSERT_EQ(test_association->iv[1], 0x00); ASSERT_EQ(test_association->iv[2], 0x00); @@ -645,40 +644,40 @@ UTEST(SA_SAVE, VERIFY_SAVE_ADJACENT) ASSERT_EQ(test_association->iv[9], 0x00); ASSERT_EQ(test_association->iv[10], 0x00); ASSERT_EQ(test_association->iv[11], 0x00); - + ASSERT_EQ(test_association->iv_len, 12); ASSERT_EQ(test_association->acs_len, 0); ASSERT_EQ(test_association->acs, 0x00); ASSERT_EQ(test_association->abm_len, 0); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0x00); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 2); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 1); - ASSERT_EQ(test_association->arsnw, 5); + ASSERT_EQ(test_association->arsnw, 5); } UTEST(SA_SAVE, VERIFY_SAVE_EDGES) { Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - SecurityAssociation_t* test_association; + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *test_association; -// VERIFY SA 1 + // VERIFY SA 1 sa_if->sa_get_from_spi(1, &test_association); ASSERT_EQ(test_association->spi, 1); ASSERT_EQ(test_association->ekid, 1); ASSERT_EQ(test_association->akid, 1); - //test_association->ek_ref = sa_ptr->ek_ref; - //test_association->ak_ref = sa_ptr->ak_ref; + // test_association->ek_ref = sa_ptr->ek_ref; + // test_association->ak_ref = sa_ptr->ak_ref; ASSERT_EQ(test_association->sa_state, SA_NONE); ASSERT_EQ(test_association->gvcid_blk.tfvn, 0); ASSERT_EQ(test_association->gvcid_blk.scid, (SCID & 0x3FF)); @@ -692,7 +691,7 @@ UTEST(SA_SAVE, VERIFY_SAVE_EDGES) ASSERT_EQ(test_association->stmacf_len, 0); ASSERT_EQ(test_association->ecs, 0x00); ASSERT_EQ(test_association->ecs_len, 0); - + ASSERT_EQ(test_association->iv[0], 0x00); ASSERT_EQ(test_association->iv[1], 0x00); ASSERT_EQ(test_association->iv[2], 0x00); @@ -705,32 +704,32 @@ UTEST(SA_SAVE, VERIFY_SAVE_EDGES) ASSERT_EQ(test_association->iv[9], 0x00); ASSERT_EQ(test_association->iv[10], 0x00); ASSERT_EQ(test_association->iv[11], 0x00); - + ASSERT_EQ(test_association->iv_len, 12); ASSERT_EQ(test_association->acs_len, 0); ASSERT_EQ(test_association->acs, 0x00); ASSERT_EQ(test_association->abm_len, 0); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0x00); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 2); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 1); - ASSERT_EQ(test_association->arsnw, 5); + ASSERT_EQ(test_association->arsnw, 5); -// VERIFY SA 17 + // VERIFY SA 17 sa_if->sa_get_from_spi(17, &test_association); ASSERT_EQ(test_association->spi, 17); ASSERT_EQ(test_association->ekid, 17); ASSERT_EQ(test_association->akid, 17); - //test_association->ek_ref = sa_ptr->ek_ref; - //test_association->ak_ref = sa_ptr->ak_ref; + // test_association->ek_ref = sa_ptr->ek_ref; + // test_association->ak_ref = sa_ptr->ak_ref; ASSERT_EQ(test_association->sa_state, SA_NONE); ASSERT_EQ(test_association->gvcid_blk.tfvn, 0); ASSERT_EQ(test_association->gvcid_blk.scid, 0); @@ -744,7 +743,7 @@ UTEST(SA_SAVE, VERIFY_SAVE_EDGES) ASSERT_EQ(test_association->stmacf_len, 0); ASSERT_EQ(test_association->ecs, 0); ASSERT_EQ(test_association->ecs_len, 0); - + ASSERT_EQ(test_association->iv[0], 0x00); ASSERT_EQ(test_association->iv[1], 0x00); ASSERT_EQ(test_association->iv[2], 0x00); @@ -757,26 +756,24 @@ UTEST(SA_SAVE, VERIFY_SAVE_EDGES) ASSERT_EQ(test_association->iv[9], 0x00); ASSERT_EQ(test_association->iv[10], 0x00); ASSERT_EQ(test_association->iv[11], 0x00); - + ASSERT_EQ(test_association->iv_len, 0); ASSERT_EQ(test_association->acs_len, 0); ASSERT_EQ(test_association->acs, 0x00); ASSERT_EQ(test_association->abm_len, 0); - for(int i = 0; iabm_len; i++) + for (int i = 0; i < test_association->abm_len; i++) { ASSERT_EQ(test_association->abm[i], 0xff); } - //sa[location].abm[0] = sa_ptr->abm; + // sa[location].abm[0] = sa_ptr->abm; ASSERT_EQ(test_association->arsn_len, 0); - for(int i = 0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], 0); } - //sa[location].arsn[0] = sa_ptr->arsn; + // sa[location].arsn[0] = sa_ptr->arsn; ASSERT_EQ(test_association->arsnw_len, 0); ASSERT_EQ(test_association->arsnw, 0); - } - UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_sadb_err_cases_kmc_crypto.c b/test/unit/ut_sadb_err_cases_kmc_crypto.c index a15edfbe..73c1e270 100644 --- a/test/unit/ut_sadb_err_cases_kmc_crypto.c +++ b/test/unit/ut_sadb_err_cases_kmc_crypto.c @@ -17,7 +17,8 @@ */ /** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. + * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB + *Functionality Enabled. **/ #include "crypto.h" #include "crypto_error.h" @@ -31,12 +32,12 @@ #include #ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +#define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" #else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +/* KMC_MDB_DB */ +#define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" #endif /** @@ -45,50 +46,55 @@ UTEST(KMC_CRYPTO, ONLY_KEYED_SA_AVAILABLE_FOR_GVCID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, IV_INTERNAL, + CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 33, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 33, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_MariaDB("db-itc-kmc.nasa.gov", "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", + NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 33, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 33, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + int32_t status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* raw_tc_jpl_mmt_scid44_vcid1= "202c8408000169e2df"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + char *raw_tc_jpl_mmt_scid44_vcid1 = "202c8408000169e2df"; + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; printf("Frame before encryption:\n"); - for (int i=0; isa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); - // Set the Key - test_association->ekid = 130; + // Set the Key + test_association->ekid = 130; test_association->gvcid_blk.vcid = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 0; + test_association->arsn_len = 0; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); Crypto_Shutdown(); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); @@ -163,33 +167,33 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(2, &test_association); printf("SPI: %d\n", test_association->spi); test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; + test_association->ast = 0; test_association->arsn_len = 0; - // Set the Key + // Set the Key test_association->ekid = 130; sa_if->sa_get_from_spi(2, &test_association); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_Shutdown(); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); @@ -203,38 +207,37 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_AUTH_ENC) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); test_association->gvcid_blk.vcid = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->arsn_len = 0; - // Set the Key + test_association->sa_state = SA_OPERATIONAL; + test_association->arsn_len = 0; + // Set the Key test_association->ekid = 130; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); Crypto_Shutdown(); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); } - /** * @brief Unit Test: Nominal Authorized Encryption With Partial IV Rollover, increment static IV **/ @@ -243,63 +246,63 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVE remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; - char* new_iv_h = "FFFFFFFFFFFC"; - char* new_iv_b = NULL; + char *new_iv_h = "FFFFFFFFFFFC"; + char *new_iv_b = NULL; - char* expected_iv_h = "000000000001000000000001"; - char* expected_iv_b = NULL; + char *expected_iv_h = "000000000001000000000001"; + char *expected_iv_b = NULL; int raw_tc_sdls_ping_len = 0; - int new_iv_len = 0; - int expected_iv_len = 0; + int new_iv_len = 0; + int expected_iv_len = 0; SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); test_association->gvcid_blk.vcid = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ekid = 130; - test_association->shivf_len = 6; - test_association->iv_len = 12; - test_association->arsn_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ekid = 130; + test_association->shivf_len = 6; + test_association->iv_len = 12; + test_association->arsn_len = 0; memcpy(test_association->iv + (test_association->iv_len - test_association->shivf_len), new_iv_b, new_iv_len); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); for (int i = 0; i < test_association->iv_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); } @@ -318,82 +321,84 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; - char* new_iv_h = "FFFFFFFFFFFC"; - char* new_iv_b = NULL; + char *new_iv_h = "FFFFFFFFFFFC"; + char *new_iv_b = NULL; - char* expected_iv_h = "000000000000000000000001"; - char* expected_iv_b = NULL; + char *expected_iv_h = "000000000000000000000001"; + char *expected_iv_b = NULL; int raw_tc_sdls_ping_len = 0; - int new_iv_len = 0; - int expected_iv_len = 0; + int new_iv_len = 0; + int expected_iv_len = 0; SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); test_association->gvcid_blk.vcid = 0; - test_association->ekid = 130; - test_association->sa_state = SA_OPERATIONAL; - test_association->shivf_len = 6; - test_association->iv_len = 12; - test_association->arsn_len = 0; + test_association->ekid = 130; + test_association->sa_state = SA_OPERATIONAL; + test_association->shivf_len = 6; + test_association->iv_len = 12; + test_association->arsn_len = 0; printf("TEST ASSOCIATION IV_LEN: %d\n", test_association->iv_len); sa_if->sa_get_from_spi(4, &test_association); memcpy(test_association->iv + (test_association->iv_len - test_association->shivf_len), new_iv_b, new_iv_len); printf("IV:\n"); - for(int i = 0; iiv_len; i++) + for (int i = 0; i < test_association->iv_len; i++) { printf("%02x ", *(test_association->iv + i)); } printf("\n"); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + free(ptr_enc_frame); + ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); for (int i = 0; i < test_association->iv_len; i++) { - printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); + printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); } @@ -413,85 +418,85 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLO remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; - char* new_arsn_h = "05FFFC"; - char* new_arsn_b = NULL; + char *new_arsn_h = "05FFFC"; + char *new_arsn_b = NULL; - char* expected_arsn_h = "060001"; - char* expected_arsn_b = NULL; + char *expected_arsn_h = "060001"; + char *expected_arsn_b = NULL; int raw_tc_sdls_ping_len = 0; - int new_arsn_len = 0; - int expected_arsn_len = 0; + int new_arsn_len = 0; + int expected_arsn_len = 0; SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_arsn_h, &new_arsn_b, &new_arsn_len); hex_conversion(expected_arsn_h, &expected_arsn_b, &expected_arsn_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); test_association->gvcid_blk.vcid = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->est=0; - test_association->ast=1; - test_association->ecs_len=1; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs_len=1; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->arsn_len = 3; - test_association->shsnf_len = 2; + test_association->sa_state = SA_OPERATIONAL; + test_association->shivf_len = 0; + test_association->iv_len = 0; + test_association->est = 0; + test_association->ast = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->arsn_len = 3; + test_association->shsnf_len = 2; memcpy(test_association->arsn, (uint8_t *)new_arsn_b, new_arsn_len); // This TA was originally setup for AESGCM, need to specify an akid so we can use it for a MAC test_association->akid = 130; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); free(ptr_enc_frame); ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); free(ptr_enc_frame); ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); free(ptr_enc_frame); ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); free(ptr_enc_frame); ptr_enc_frame = NULL; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); printf("Expected ARSN:\n"); - Crypto_hexprint(expected_arsn_b,expected_arsn_len); + Crypto_hexprint(expected_arsn_b, expected_arsn_len); printf("Actual SA ARSN:\n"); - Crypto_hexprint(test_association->arsn,test_association->arsn_len); + Crypto_hexprint(test_association->arsn, test_association->arsn_len); for (int i = 0; i < test_association->arsn_len; i++) { printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_arsn_b[i], *(test_association->arsn + i)); ASSERT_EQ(expected_arsn_b[i], *(test_association->arsn + i)); } - //Must shutdown after checking test_association ARSN since that will get freed! + // Must shutdown after checking test_association ARSN since that will get freed! Crypto_Shutdown(); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); @@ -510,16 +515,16 @@ UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_bad_scid_h = "20010015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_bad_scid_b = NULL; - int raw_tc_sdls_ping_bad_scid_len = 0; + char *raw_tc_sdls_ping_bad_scid_h = "20010015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_bad_scid_b = NULL; + int raw_tc_sdls_ping_bad_scid_len = 0; hex_conversion(raw_tc_sdls_ping_bad_scid_h, &raw_tc_sdls_ping_bad_scid_b, &raw_tc_sdls_ping_bad_scid_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - int32_t return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_bad_scid_b, raw_tc_sdls_ping_bad_scid_len, + int32_t return_val = Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_bad_scid_b, raw_tc_sdls_ping_bad_scid_len, &ptr_enc_frame, &enc_frame_len); free(raw_tc_sdls_ping_bad_scid_b); free(ptr_enc_frame); @@ -537,17 +542,17 @@ UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - char* raw_tc_sdls_ping_bad_vcid_h = "20032015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_bad_vcid_b = NULL; - int raw_tc_sdls_ping_bad_vcid_len = 0; + char *raw_tc_sdls_ping_bad_vcid_h = "20032015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_bad_vcid_b = NULL; + int raw_tc_sdls_ping_bad_vcid_len = 0; hex_conversion(raw_tc_sdls_ping_bad_vcid_h, &raw_tc_sdls_ping_bad_vcid_b, &raw_tc_sdls_ping_bad_vcid_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - int32_t return_val = CRYPTO_LIB_ERROR; + int32_t return_val = CRYPTO_LIB_ERROR; - return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_bad_vcid_b, raw_tc_sdls_ping_bad_vcid_len, + return_val = Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_bad_vcid_b, raw_tc_sdls_ping_bad_vcid_len, &ptr_enc_frame, &enc_frame_len); free(raw_tc_sdls_ping_bad_vcid_b); free(ptr_enc_frame); @@ -565,13 +570,13 @@ UTEST(TC_APPLY_SECURITY, NULL_BUFFER) remove("sa_save_file.bin"); // Setup & Initialize CryptoLib Crypto_Init_TC_Unit_Test(); - long buffer_size = 0; - uint8_t* buffer = NULL; + long buffer_size = 0; + uint8_t *buffer = NULL; uint16_t buffer_size_i = (uint16_t)buffer_size; - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - int32_t return_val = -1; + int32_t return_val = -1; return_val = Crypto_TC_ApplySecurity(buffer, buffer_size_i, &ptr_enc_frame, &enc_frame_len); @@ -591,32 +596,53 @@ UTEST(TC_APPLY_SECURITY, NULL_BUFFER) UTEST(TC_APPLY_SECURITY, INVALID_FRAME_SIZE) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; - uint8_t* ptr_enc_frame = NULL; + int32_t status = CRYPTO_LIB_ERROR; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 0, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 0, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - char* test_frame_pt_h = "2003001c00ff000100001880d03e000a197f0b000300020093d4ba21c4"; - char* long_frame_pt_h = "200307FF00ff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000021c4"; - uint8_t *test_frame_pt_b, *long_frame_pt_b = NULL; - int test_frame_pt_len, long_frame_pt_len = 0; + char *test_frame_pt_h = "2003001c00ff000100001880d03e000a197f0b000300020093d4ba21c4"; + char *long_frame_pt_h = + "200307FF00ff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "000000000000000000000000000000000000000000000000000000000000000021c4"; + uint8_t *test_frame_pt_b, *long_frame_pt_b = NULL; + int test_frame_pt_len, long_frame_pt_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(1, &test_association); - test_association->arsn_len = 0; + test_association->arsn_len = 0; test_association->shsnf_len = 0; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); // Should fail, as frame length violates the managed parameter status = Crypto_TC_ApplySecurity(test_frame_pt_b, test_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_MANAGED_PARAM_MAX_LIMIT, status); @@ -624,17 +650,19 @@ UTEST(TC_APPLY_SECURITY, INVALID_FRAME_SIZE) // Expose/setup SAs for testing test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ekid = 130; + test_association->arsn_len = 0; + test_association->shsnf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ekid = 130; test_association->gvcid_blk.vcid = 1; // Reset Managed Parameters for this channel to an invalid maximum - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 2047, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters_Reset = {0, 0x0003, 1, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 2047, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 2047, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters_Reset = { + 0, 0x0003, 1, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 2047, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters_Reset); // Convert input test frame - hex_conversion(long_frame_pt_h, (char**) &long_frame_pt_b, &long_frame_pt_len); + hex_conversion(long_frame_pt_h, (char **)&long_frame_pt_b, &long_frame_pt_len); // Should fail, as frame length violates the spec max status = Crypto_TC_ApplySecurity(long_frame_pt_b, long_frame_pt_len, &ptr_enc_frame, &enc_frame_len); free(test_frame_pt_b); @@ -646,33 +674,34 @@ UTEST(TC_APPLY_SECURITY, INVALID_FRAME_SIZE) UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_enc_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 4, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 4, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - char* test_frame_pt_h = "2003001c"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + char *test_frame_pt_h = "2003001c"; + uint8_t *test_frame_pt_b = NULL; + int test_frame_pt_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(1, &test_association); - test_association->arsn_len = 0; + test_association->arsn_len = 0; test_association->shsnf_len = 0; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); // Should fail, as frame length violates the managed parameter status = Crypto_TC_ApplySecurity(test_frame_pt_b, test_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TC_STANDARD, status); @@ -683,33 +712,34 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEADER) { remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_enc_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 4, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 4, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - char* test_frame_pt_h = "2003001c00000002ff"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + char *test_frame_pt_h = "2003001c00000002ff"; + uint8_t *test_frame_pt_b = NULL; + int test_frame_pt_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(1, &test_association); - test_association->arsn_len = 0; + test_association->arsn_len = 0; test_association->shsnf_len = 0; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); // Should fail, as frame length violates the managed parameter status = Crypto_TC_ApplySecurity(test_frame_pt_b, test_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_INPUT_FRAME_LENGTH_SHORTER_THAN_FRAME_HEADERS_LENGTH, status); @@ -724,68 +754,71 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 2; + TC_UT_Managed_Parameters.vcid = 2; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ekid = 1; - test_association->shivf_len = 16; - test_association->iv_len = 16; - test_association->arsn_len = 0; - test_association->ast = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ekid = 1; + test_association->shivf_len = 16; + test_association->iv_len = 16; + test_association->arsn_len = 0; + test_association->ast = 0; test_association->stmacf_len = 0; - test_association->shplf_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_CBC; + test_association->shplf_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_CBC; sa_if->sa_get_from_spi(4, &test_association); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - char* truth_data_h = "2003002a000000040000000000000000000000000000000001956b3e423390b3c3756c626f8b30812b6c0e"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = "2003002a000000040000000000000000000000000000000001956b3e423390b3c3756c626f8b30812b6c0e"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) + // printf("Encrypted Frame:\n"); + for (int i = 0; i < enc_frame_len; i++) { printf("%02x", ptr_enc_frame[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } - //printf("\n"); + // printf("\n"); Crypto_Shutdown(); free(truth_data_b); @@ -801,61 +834,65 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 2; + TC_UT_Managed_Parameters.vcid = 2; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "20030017000080d2c70008197f0b003100000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = "20030017000080d2c70008197f0b003100000000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->iv_len = 16; - test_association->shplf_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_CBC; - test_association->ekid = 130; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 0; + test_association->iv_len = 16; + test_association->shplf_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_CBC; + test_association->ekid = 130; test_association->stmacf_len = 0; - test_association->arsn_len = 0; + test_association->arsn_len = 0; sa_if->sa_get_from_spi(4, &test_association); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - char* truth_data_h = "2003003600000004000000000000000000000000103970eae4c05acd1b0c348fda174df73ef0e2d603996c4b78b992cd60918729d3b8c0"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = "2003003600000004000000000000000000000000103970eae4c05acd1b0c348fda174df73ef0e2d603996c4b78b99" + "2cd60918729d3b8c0"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - for(int i = 0; i < enc_frame_len; i++) + for (int i = 0; i < enc_frame_len; i++) { ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } @@ -870,61 +907,83 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) /** * @brief Unit Test: Nominal Encryption CBC - * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, + * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, * will cause frame length exception. **/ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 2; + TC_UT_Managed_Parameters.vcid = 2; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - + int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "200303E3000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = + "200303E3000080d2c70008197f0b0031000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "0000b1fed255"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); - test_association->ekid = 130; - test_association->shivf_len = 16; - test_association->iv_len = 16; - test_association->shplf_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_CBC; - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; + test_association->ekid = 130; + test_association->shivf_len = 16; + test_association->iv_len = 16; + test_association->shplf_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_CBC; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 0; + test_association->arsn_len = 0; test_association->stmacf_len = 0; sa_if->sa_get_from_spi(4, &test_association); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); Crypto_Shutdown(); free(raw_tc_sdls_ping_b); @@ -934,60 +993,82 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) /** * @brief Unit Test: Encryption CBC - * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 bytes, + * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 bytes, * will cause frame length exception. **/ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 2; + TC_UT_Managed_Parameters.vcid = 2; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "200303F7000080d2c70008197f0b0031000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + char *raw_tc_sdls_ping_h = + "200303F7000080d2c70008197f0b0031000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000b1fed255"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); - test_association->ekid = 130; - test_association->shivf_len = 16; - test_association->iv_len = 16; - test_association->shplf_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_CBC; - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; + test_association->ekid = 130; + test_association->shivf_len = 16; + test_association->iv_len = 16; + test_association->shplf_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_CBC; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 0; + test_association->arsn_len = 0; test_association->stmacf_len = 0; sa_if->sa_get_from_spi(4, &test_association); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); Crypto_Shutdown(); free(raw_tc_sdls_ping_b); @@ -1000,32 +1081,35 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 2; + TC_UT_Managed_Parameters.vcid = 2; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + char *raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; - char* new_iv_h = "FFEEDDCCBBAA"; - char* new_iv_b = NULL; + char *new_iv_h = "FFEEDDCCBBAA"; + char *new_iv_b = NULL; // char* expected_iv_h = "000000000001000000000001"; // char* expected_iv_b = NULL; @@ -1037,37 +1121,37 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ekid = 130; - test_association->ecs = CRYPTO_CIPHER_AES256_CBC; - test_association->ast = 0; - test_association->arsn_len = 0; - test_association->iv_len = 12; + test_association->sa_state = SA_OPERATIONAL; + test_association->ekid = 130; + test_association->ecs = CRYPTO_CIPHER_AES256_CBC; + test_association->ast = 0; + test_association->arsn_len = 0; + test_association->iv_len = 12; test_association->shivf_len = 12; memcpy(test_association->iv + (test_association->iv_len - test_association->shivf_len), new_iv_b, new_iv_len); sa_if->sa_get_from_spi(4, &test_association); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - char* truth_data_h = "200300260000000BFFEEDDCCBBAA00000000000001BD8722C9D22E0CB109AC402748F672067D37"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = "200300260000000BFFEEDDCCBBAA00000000000001BD8722C9D22E0CB109AC402748F672067D37"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) + // printf("Encrypted Frame:\n"); + for (int i = 0; i < enc_frame_len; i++) { printf("%02x", ptr_enc_frame[i]); - //ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); + // ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } printf("\n"); @@ -1084,33 +1168,35 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, - TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, - TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, - SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 2; + TC_UT_Managed_Parameters.vcid = 2; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + char *raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; - char* new_iv_h = "FFEEDDCCBBAA"; - char* new_iv_b = NULL; + char *new_iv_h = "FFEEDDCCBBAA"; + char *new_iv_b = NULL; // char* expected_iv_h = "000000000001000000000001"; // char* expected_iv_b = NULL; @@ -1122,37 +1208,37 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; - test_association->iv_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 0; + test_association->arsn_len = 0; + test_association->iv_len = 0; test_association->shivf_len = 0; - test_association->ecs = CRYPTO_CIPHER_AES256_CBC; + test_association->ecs = CRYPTO_CIPHER_AES256_CBC; test_association->shplf_len = 1; return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - char* truth_data_h = "200300260000000BFFEEDDCCBBAA00000000000001BD8722C9D22E0CB109AC402748F672067D37"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = "200300260000000BFFEEDDCCBBAA00000000000001BD8722C9D22E0CB109AC402748F672067D37"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) + // printf("Encrypted Frame:\n"); + for (int i = 0; i < enc_frame_len; i++) { printf("%02x -> %02x \n", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } - //printf("\n"); + // printf("\n"); Crypto_Shutdown(); free(truth_data_b); @@ -1166,33 +1252,35 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, - TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, - TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, - SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 2; + TC_UT_Managed_Parameters.vcid = 2; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + char *raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; - char* new_iv_h = "FFEEDDCCBBAA"; - char* new_iv_b = NULL; + char *new_iv_h = "FFEEDDCCBBAA"; + char *new_iv_b = NULL; // char* expected_iv_h = "000000000001000000000001"; // char* expected_iv_b = NULL; @@ -1205,36 +1293,36 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); uint8_t enc_frame[2048]; - uint8_t* ptr_enc_frame = &enc_frame[0]; + uint8_t *ptr_enc_frame = &enc_frame[0]; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(4, &test_association); printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->ekid = 130; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 0; + test_association->ekid = 130; test_association->shplf_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_CBC; - test_association->arsn_len = 0; - test_association->iv_len = 16; + test_association->ecs = CRYPTO_CIPHER_AES256_CBC; + test_association->arsn_len = 0; + test_association->iv_len = 16; test_association->shivf_len = 16; - return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, - &ptr_enc_frame, &enc_frame_len); + return_val = + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, return_val); - char* truth_data_h = "200300260000000BFFEEDDCCBBAA00000000000001BD8722C9D22E0CB109AC402748F672067D37"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = "200300260000000BFFEEDDCCBBAA00000000000001BD8722C9D22E0CB109AC402748F672067D37"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); printf("Received Encrypted Frame of length %d bytes:\n\t", enc_frame_len); - for(int i = 0; i < enc_frame_len; i++) + for (int i = 0; i < enc_frame_len; i++) { printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); @@ -1247,43 +1335,47 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) } /* -* @brief: Unit Test: Verify plaintext with an ARSN places bytes appropriately. -* Use a full length verification of all bytes. Exists due to found bug. -*/ + * @brief: Unit Test: Verify plaintext with an ARSN places bytes appropriately. + * Use a full length verification of all bytes. Exists due to found bug. + */ UTEST(TC_APPLY_SECURITY, PLAINTEXT_W_ARSN) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); // Test string - char* raw_tc_sdls_ping_h = "2003001F00000100011880D2C9000E197F0B001B0004000400003040D95E0000"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + char *raw_tc_sdls_ping_h = "2003001F00000100011880D2C9000E197F0B001B0004000400003040D95E0000"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - int32_t return_val = CRYPTO_LIB_ERROR; + int32_t return_val = CRYPTO_LIB_ERROR; - return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - //200300230000010000000100011880D2C9000E197F0B001B0004000400003040D95E85F3 - char* truth_data_h = "2003002f0000010000000000000000000000000000000100011880d2c9000e197f0b001b0004000400003040d95e5ba0"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + return_val = + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + // 200300230000010000000100011880D2C9000E197F0B001B0004000400003040D95E85F3 + char *truth_data_h = + "2003002f0000010000000000000000000000000000000100011880d2c9000e197f0b001b0004000400003040d95e5ba0"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) + // printf("Encrypted Frame:\n"); + for (int i = 0; i < enc_frame_len; i++) { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); + // printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index 037595bc..3eea2d37 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -33,73 +33,84 @@ UTEST(TC_PROCESS, EXERCISE_IV) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - int status = 0; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = 0; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_replay_h = "2003002500FF0009B6AC8E4963F49207FFD6374B1224DFEFB72A20D49E09256908874979DFC1"; // IV is one less than library expects - char* buffer_outside_window_h = "2003002500FF0009B6AC8E4963F49207FFD6375C1224DFEFB72A20D49E09256908874979B36E"; // IV is outside the positive window - char* buffer_good_iv_h = "2003002500FF0009B6AC8E4963F49207FFD6374C1224DFEFB72A20D49E09256908874979AD6F"; // IV is the next one expected - char* buffer_good_iv_with_gap_h = "2003002500FF0009B6AC8E4963F49207FFD6374F1224DFEFB72A20D49E092569088749799C49"; // IV is valid, but not next one expected - uint8_t *buffer_replay_b, *buffer_outside_window_b, *buffer_good_iv_b, *buffer_good_iv_with_gap_b, *buffer_nist_iv_b, *buffer_nist_key_b = NULL; - int buffer_replay_len, buffer_outside_window_len, buffer_good_iv_len, buffer_good_iv_with_gap_len, buffer_nist_iv_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_replay_h = + "2003002500FF0009B6AC8E4963F49207FFD6374B1224DFEFB72A20D49E09256908874979DFC1"; // IV is one less than library + // expects + char *buffer_outside_window_h = + "2003002500FF0009B6AC8E4963F49207FFD6375C1224DFEFB72A20D49E09256908874979B36E"; // IV is outside the positive + // window + char *buffer_good_iv_h = + "2003002500FF0009B6AC8E4963F49207FFD6374C1224DFEFB72A20D49E09256908874979AD6F"; // IV is the next one expected + char *buffer_good_iv_with_gap_h = + "2003002500FF0009B6AC8E4963F49207FFD6374F1224DFEFB72A20D49E092569088749799C49"; // IV is valid, but not next one + // expected + uint8_t *buffer_replay_b, *buffer_outside_window_b, *buffer_good_iv_b, *buffer_good_iv_with_gap_b, + *buffer_nist_iv_b, *buffer_nist_key_b = NULL; + int buffer_replay_len, buffer_outside_window_len, buffer_good_iv_len, buffer_good_iv_with_gap_len, + buffer_nist_iv_len, buffer_nist_key_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ekid = 136; + test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; + test_association->ast = 0; + test_association->ekid = 136; test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->ecs_len = 1; + test_association->iv_len = 12; + test_association->ecs_len = 1; test_association->shplf_len = 1; test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 0; + test_association->arsnw = 5; + test_association->arsn_len = 0; test_association->shsnf_len = 0; - test_association->abm_len = ABM_SIZE; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->abm_len = ABM_SIZE; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - hex_conversion(buffer_replay_h, (char**) &buffer_replay_b, &buffer_replay_len); - hex_conversion(buffer_outside_window_h, (char**) &buffer_outside_window_b, &buffer_outside_window_len); - hex_conversion(buffer_good_iv_h, (char**) &buffer_good_iv_b, &buffer_good_iv_len); - hex_conversion(buffer_good_iv_with_gap_h, (char**) &buffer_good_iv_with_gap_b, &buffer_good_iv_with_gap_len); + hex_conversion(buffer_replay_h, (char **)&buffer_replay_b, &buffer_replay_len); + hex_conversion(buffer_outside_window_h, (char **)&buffer_outside_window_b, &buffer_outside_window_len); + hex_conversion(buffer_good_iv_h, (char **)&buffer_good_iv_b, &buffer_good_iv_len); + hex_conversion(buffer_good_iv_with_gap_h, (char **)&buffer_good_iv_with_gap_b, &buffer_good_iv_with_gap_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect to fail on replay @@ -119,7 +130,8 @@ UTEST(TC_PROCESS, EXERCISE_IV) // Expect success on valid IV within window, but has a gap printf(KGRN "Checking valid IV within window... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_good_iv_with_gap_b, &buffer_good_iv_with_gap_len, tc_nist_processed_frame); + status = + Crypto_TC_ProcessSecurity(buffer_good_iv_with_gap_b, &buffer_good_iv_with_gap_len, tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Validate that the SA IV is updated to the most recently received IV @@ -127,10 +139,10 @@ UTEST(TC_PROCESS, EXERCISE_IV) printf(KGRN "Verifying IV updated correctly...\n" RESET); printf("SA IV is now:\t"); for (int i = 0; i < test_association->shivf_len; i++) - { - ASSERT_EQ(*(test_association->iv + i), *(buffer_good_iv_with_gap_b +8 + i)); // 8 is IV offset into packet - printf("%02X", *(test_association->iv + i)); - } + { + ASSERT_EQ(*(test_association->iv + i), *(buffer_good_iv_with_gap_b + 8 + i)); // 8 is IV offset into packet + printf("%02X", *(test_association->iv + i)); + } printf("\n"); Crypto_Shutdown(); free(buffer_replay_b); @@ -150,41 +162,56 @@ UTEST(TC_PROCESS, EXERCISE_IV) UTEST(TC_PROCESS, EXERCISE_ARSN) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - int status = 0; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; + int status = 0; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; - char* buffer_arsn_h = "0123"; // The last valid ARSN that was seen by the SA - // For reference: | Header |SH SPI SN| Payload | MAC |FECF - char* buffer_replay_h = "2003002B00FF000901231224DFEFB72A20D49E09256908874979fd56ca1ffc2697a700dbe6292c10e9ef1B49"; // ARSN is one less than library expects - char* buffer_outside_window_h = "2003002B00FF000904441224DFEFB72A20D49E09256908874979fd56ca1ffc2697a700dbe6292c10e9ef9C5C"; // ARSN is outside the positive window - char* buffer_good_arsn_h = "2003002B00FF000901241224DFEFB72A20D49E09256908874979fd56ca1ffc2697a700dbe6292c10e9ef8A3E"; // ARSN is the next one expected - char* buffer_good_arsn_with_gap_h = "2003002B00FF000901291224DFEFB72A20D49E09256908874979fd56ca1ffc2697a700dbe6292c10e9ef3EB4"; // ARSN is valid, but not next one expected - uint8_t *buffer_replay_b, *buffer_outside_window_b, *buffer_good_arsn_b, *buffer_good_arsn_with_gap_b, *buffer_arsn_b, *buffer_nist_key_b = NULL; - int buffer_replay_len, buffer_outside_window_len, buffer_good_arsn_len, buffer_good_arsn_with_gap_len, buffer_arsn_len, buffer_nist_key_len = 0; + char *buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; + char *buffer_arsn_h = "0123"; // The last valid ARSN that was seen by the SA + // For reference: | Header |SH SPI SN| Payload | MAC |FECF + char *buffer_replay_h = + "2003002B00FF000901231224DFEFB72A20D49E09256908874979fd56ca1ffc2697a700dbe6292c10e9ef1B49"; // ARSN is one less + // than library + // expects + char *buffer_outside_window_h = + "2003002B00FF000904441224DFEFB72A20D49E09256908874979fd56ca1ffc2697a700dbe6292c10e9ef9C5C"; // ARSN is outside + // the positive + // window + char *buffer_good_arsn_h = + "2003002B00FF000901241224DFEFB72A20D49E09256908874979fd56ca1ffc2697a700dbe6292c10e9ef8A3E"; // ARSN is the next + // one expected + char *buffer_good_arsn_with_gap_h = + "2003002B00FF000901291224DFEFB72A20D49E09256908874979fd56ca1ffc2697a700dbe6292c10e9ef3EB4"; // ARSN is valid, + // but not next one + // expected + uint8_t *buffer_replay_b, *buffer_outside_window_b, *buffer_good_arsn_b, *buffer_good_arsn_with_gap_b, + *buffer_arsn_b, *buffer_nist_key_b = NULL; + int buffer_replay_len, buffer_outside_window_len, buffer_good_arsn_len, buffer_good_arsn_with_gap_len, + buffer_arsn_len, buffer_nist_key_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; @@ -192,33 +219,33 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) sa_if->sa_get_from_spi(9, &test_association); test_association->sa_state = SA_OPERATIONAL; sa_if->sa_get_from_spi(9, &test_association); - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs_len = 1; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->est = 0; - test_association->ast = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->est = 0; + test_association->ast = 1; test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->iv_len = 0; test_association->shsnf_len = 2; - test_association->arsn_len = 2; - test_association->arsnw = 5; - test_association->abm_len = 1024; - test_association->akid = 136; - test_association->ekid = 0; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->abm_len = 1024; + test_association->akid = 136; + test_association->ekid = 0; // memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); test_association->stmacf_len = 16; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - hex_conversion(buffer_replay_h, (char**) &buffer_replay_b, &buffer_replay_len); - hex_conversion(buffer_outside_window_h, (char**) &buffer_outside_window_b, &buffer_outside_window_len); - hex_conversion(buffer_good_arsn_h, (char**) &buffer_good_arsn_b, &buffer_good_arsn_len); - hex_conversion(buffer_good_arsn_with_gap_h, (char**) &buffer_good_arsn_with_gap_b, &buffer_good_arsn_with_gap_len); + hex_conversion(buffer_replay_h, (char **)&buffer_replay_b, &buffer_replay_len); + hex_conversion(buffer_outside_window_h, (char **)&buffer_outside_window_b, &buffer_outside_window_len); + hex_conversion(buffer_good_arsn_h, (char **)&buffer_good_arsn_b, &buffer_good_arsn_len); + hex_conversion(buffer_good_arsn_with_gap_h, (char **)&buffer_good_arsn_with_gap_b, &buffer_good_arsn_with_gap_len); // Convert/Set input ARSN - hex_conversion(buffer_arsn_h, (char**) &buffer_arsn_b, &buffer_arsn_len); + hex_conversion(buffer_arsn_h, (char **)&buffer_arsn_b, &buffer_arsn_len); memcpy(test_association->arsn, buffer_arsn_b, buffer_arsn_len); // Expect to fail on replay printf(KGRN "Checking replay - using previous received ARSN...\n" RESET); @@ -236,7 +263,8 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) // Expect success on valid ARSN within window, but has a gap printf(KGRN "Checking valid ARSN within window... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_good_arsn_with_gap_b, &buffer_good_arsn_with_gap_len, tc_nist_processed_frame); + status = + Crypto_TC_ProcessSecurity(buffer_good_arsn_with_gap_b, &buffer_good_arsn_with_gap_len, tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Validate that the SA ARSN is updated to the most recently received ARSN @@ -244,10 +272,11 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) printf(KGRN "Verifying ARSN updated correctly...\n" RESET); printf("SA ARSN is now:\t"); for (int i = 0; i < test_association->shsnf_len; i++) - { - printf("%02X", *(test_association->arsn + i)); - ASSERT_EQ(*(test_association->arsn + i), *(buffer_good_arsn_with_gap_b + 8 + i)); // 8 is ARSN offset into packet - } + { + printf("%02X", *(test_association->arsn + i)); + ASSERT_EQ(*(test_association->arsn + i), + *(buffer_good_arsn_with_gap_b + 8 + i)); // 8 is ARSN offset into packet + } printf("\n"); Crypto_Shutdown(); free(tc_nist_processed_frame); @@ -264,34 +293,36 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - char* dec_test_fe_h = - "2003002D00000004FFFFFFFFFFFE610B082EA91C8AA93F08EAA642EA3189128D87159B2354AA753248F050022FD9"; - char* dec_test_ff_h = - "2003002D00000004FFFFFFFFFFFFCECBA30A6E0B54ACE0D5F92D1360084822CFA46240C0CD7D6830A6A7771ECFEC"; - char* dec_test_00_h = - "2003002D0000000400000000000064DB31BBC4656F072A8E4A706F9508C440A003496E8A71FD47621297DDCC393C"; + char *dec_test_fe_h = + "2003002D00000004FFFFFFFFFFFE610B082EA91C8AA93F08EAA642EA3189128D87159B2354AA753248F050022FD9"; + char *dec_test_ff_h = + "2003002D00000004FFFFFFFFFFFFCECBA30A6E0B54ACE0D5F92D1360084822CFA46240C0CD7D6830A6A7771ECFEC"; + char *dec_test_00_h = + "2003002D0000000400000000000064DB31BBC4656F072A8E4A706F9508C440A003496E8A71FD47621297DDCC393C"; - uint8_t *dec_test_fe_b, *dec_test_ff_b, *dec_test_00_b = NULL; - int dec_test_fe_len, dec_test_ff_len, dec_test_00_len = 0; + uint8_t *dec_test_fe_b, *dec_test_ff_b, *dec_test_00_b = NULL; + int dec_test_fe_len, dec_test_ff_len, dec_test_00_len = 0; - hex_conversion(dec_test_fe_h, (char**) &dec_test_fe_b, &dec_test_fe_len); - hex_conversion(dec_test_ff_h, (char**) &dec_test_ff_b, &dec_test_ff_len); - hex_conversion(dec_test_00_h, (char**) &dec_test_00_b, &dec_test_00_len); + hex_conversion(dec_test_fe_h, (char **)&dec_test_fe_b, &dec_test_fe_len); + hex_conversion(dec_test_ff_h, (char **)&dec_test_ff_b, &dec_test_ff_len); + hex_conversion(dec_test_00_h, (char **)&dec_test_00_b, &dec_test_00_len); - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; int32_t return_val = -1; @@ -302,95 +333,97 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) // Expose SA 1 for testing sa_if->sa_get_from_spi(1, &test_association); test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; // Expose SA 4 for testing sa_if->sa_get_from_spi(4, &test_association); - test_association->arsn_len = 0; + test_association->arsn_len = 0; test_association->gvcid_blk.vcid = 0; - test_association->shivf_len = 6; - test_association->iv_len = 12; - test_association->ekid = 130; + test_association->shivf_len = 6; + test_association->iv_len = 12; + test_association->ekid = 130; // IV = "000000000000FFFFFFFFFFFE" - test_association->iv[0] = 0x00; - test_association->iv[1] = 0x00; - test_association->iv[2] = 0x00; - test_association->iv[3] = 0x00; - test_association->iv[4] = 0x00; - test_association->iv[5] = 0x00; - test_association->iv[6] = 0xFF; - test_association->iv[7] = 0xFF; - test_association->iv[8] = 0xFF; - test_association->iv[9] = 0xFF; - test_association->iv[10] = 0xFF; - test_association->iv[11] = 0xFD; - test_association->ast = 1; - test_association->est = 1; + test_association->iv[0] = 0x00; + test_association->iv[1] = 0x00; + test_association->iv[2] = 0x00; + test_association->iv[3] = 0x00; + test_association->iv[4] = 0x00; + test_association->iv[5] = 0x00; + test_association->iv[6] = 0xFF; + test_association->iv[7] = 0xFF; + test_association->iv[8] = 0xFF; + test_association->iv[9] = 0xFF; + test_association->iv[10] = 0xFF; + test_association->iv[11] = 0xFD; + test_association->ast = 1; + test_association->est = 1; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; Crypto_saPrint(test_association); return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - ASSERT_EQ(test_association->iv[11],0xFE); + ASSERT_EQ(test_association->iv[11], 0xFE); return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - ASSERT_EQ(test_association->iv[11],0xFF); + ASSERT_EQ(test_association->iv[11], 0xFF); return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - for(int i=0; i < test_association->iv_len; i++) + for (int i = 0; i < test_association->iv_len; i++) { - ASSERT_EQ(test_association->iv[i],0x00); + ASSERT_EQ(test_association->iv[i], 0x00); } Crypto_saPrint(test_association); Crypto_Shutdown(); free(dec_test_fe_b); free(dec_test_ff_b); - free(dec_test_00_b); + free(dec_test_00_b); } UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - char* dec_test_fe_h = - "2003002D00000004FFFFFFFFFFFE610B082EA91C8AA93F08EAA642EA3189128D87159B2354AA753248F050022FD9"; - char* dec_test_ff_h = - "2003002D00000004FFFFFFFFFFFFCECBA30A6E0B54ACE0D5F92D1360084822CFA46240C0CD7D6830A6A7771ECFEC"; - char* dec_test_00_h = - "2003002D00000004000000000000CEB2378F0F335664496406AC4F3A2ABFFD8678CB76DD009D7FE5B425BB96F567"; + char *dec_test_fe_h = + "2003002D00000004FFFFFFFFFFFE610B082EA91C8AA93F08EAA642EA3189128D87159B2354AA753248F050022FD9"; + char *dec_test_ff_h = + "2003002D00000004FFFFFFFFFFFFCECBA30A6E0B54ACE0D5F92D1360084822CFA46240C0CD7D6830A6A7771ECFEC"; + char *dec_test_00_h = + "2003002D00000004000000000000CEB2378F0F335664496406AC4F3A2ABFFD8678CB76DD009D7FE5B425BB96F567"; - uint8_t *dec_test_fe_b, *dec_test_ff_b, *dec_test_00_b = NULL; - int dec_test_fe_len, dec_test_ff_len, dec_test_00_len = 0; + uint8_t *dec_test_fe_b, *dec_test_ff_b, *dec_test_00_b = NULL; + int dec_test_fe_len, dec_test_ff_len, dec_test_00_len = 0; - hex_conversion(dec_test_fe_h, (char**) &dec_test_fe_b, &dec_test_fe_len); - hex_conversion(dec_test_ff_h, (char**) &dec_test_ff_b, &dec_test_ff_len); - hex_conversion(dec_test_00_h, (char**) &dec_test_00_b, &dec_test_00_len); + hex_conversion(dec_test_fe_h, (char **)&dec_test_fe_b, &dec_test_fe_len); + hex_conversion(dec_test_ff_h, (char **)&dec_test_ff_b, &dec_test_ff_len); + hex_conversion(dec_test_00_h, (char **)&dec_test_00_b, &dec_test_00_len); - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; int32_t return_val = -1; - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); @@ -398,58 +431,58 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) // Expose SA 1 for testing sa_if->sa_get_from_spi(1, &test_association); test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; // Expose SA 4 for testing sa_if->sa_get_from_spi(4, &test_association); - test_association->arsn_len = 0; + test_association->arsn_len = 0; test_association->gvcid_blk.vcid = 0; - test_association->shivf_len = 6; - test_association->iv_len = 12; - test_association->ekid = 130; + test_association->shivf_len = 6; + test_association->iv_len = 12; + test_association->ekid = 130; // IV = "000000000000FFFFFFFFFFFE" - test_association->iv[0] = 0x00; - test_association->iv[1] = 0x00; - test_association->iv[2] = 0x00; - test_association->iv[3] = 0x00; - test_association->iv[4] = 0x00; - test_association->iv[5] = 0x00; - test_association->iv[6] = 0xFF; - test_association->iv[7] = 0xFF; - test_association->iv[8] = 0xFF; - test_association->iv[9] = 0xFF; - test_association->iv[10] = 0xFF; - test_association->iv[11] = 0xFD; - test_association->ast = 1; - test_association->est = 1; + test_association->iv[0] = 0x00; + test_association->iv[1] = 0x00; + test_association->iv[2] = 0x00; + test_association->iv[3] = 0x00; + test_association->iv[4] = 0x00; + test_association->iv[5] = 0x00; + test_association->iv[6] = 0xFF; + test_association->iv[7] = 0xFF; + test_association->iv[8] = 0xFF; + test_association->iv[9] = 0xFF; + test_association->iv[10] = 0xFF; + test_association->iv[11] = 0xFD; + test_association->ast = 1; + test_association->est = 1; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; Crypto_saPrint(test_association); return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - ASSERT_EQ(test_association->iv[11],0xFE); + ASSERT_EQ(test_association->iv[11], 0xFE); return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - ASSERT_EQ(test_association->iv[11],0xFF); + ASSERT_EQ(test_association->iv[11], 0xFF); // test_association->iv[5] = 0x01; return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - ASSERT_EQ(test_association->iv[0] ,0x00); - ASSERT_EQ(test_association->iv[1] ,0x00); - ASSERT_EQ(test_association->iv[2] ,0x00); - ASSERT_EQ(test_association->iv[3] ,0x00); - ASSERT_EQ(test_association->iv[4] ,0x00); - ASSERT_EQ(test_association->iv[5] ,0x01); - ASSERT_EQ(test_association->iv[6] ,0x00); - ASSERT_EQ(test_association->iv[7] ,0x00); - ASSERT_EQ(test_association->iv[8] ,0x00); - ASSERT_EQ(test_association->iv[9] ,0x00); - ASSERT_EQ(test_association->iv[10],0x00); - ASSERT_EQ(test_association->iv[11],0x00); + ASSERT_EQ(test_association->iv[0], 0x00); + ASSERT_EQ(test_association->iv[1], 0x00); + ASSERT_EQ(test_association->iv[2], 0x00); + ASSERT_EQ(test_association->iv[3], 0x00); + ASSERT_EQ(test_association->iv[4], 0x00); + ASSERT_EQ(test_association->iv[5], 0x01); + ASSERT_EQ(test_association->iv[6], 0x00); + ASSERT_EQ(test_association->iv[7], 0x00); + ASSERT_EQ(test_association->iv[8], 0x00); + ASSERT_EQ(test_association->iv[9], 0x00); + ASSERT_EQ(test_association->iv[10], 0x00); + ASSERT_EQ(test_association->iv[11], 0x00); Crypto_saPrint(test_association); @@ -465,35 +498,34 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - - char* dec_test_fe_h = - "2003002900000004FFFE80D2C70008197F0B00310000B1FE7F97816F523951BAF0445DB078B502760741"; - char* dec_test_ff_h = - "2003002900000004FFFF80D2C70008197F0B00310000B1FE7F97816F523951BAF0445DB078B502768968"; - char* dec_test_00_h = - "2003002900000004000080D2C70008197F0B00310000B1FE7F97816F523951BAF0445DB078B50276E797"; - uint8_t *dec_test_fe_b, *dec_test_ff_b, *dec_test_00_b = NULL; - int dec_test_fe_len, dec_test_ff_len, dec_test_00_len = 0; + char *dec_test_fe_h = "2003002900000004FFFE80D2C70008197F0B00310000B1FE7F97816F523951BAF0445DB078B502760741"; + char *dec_test_ff_h = "2003002900000004FFFF80D2C70008197F0B00310000B1FE7F97816F523951BAF0445DB078B502768968"; + char *dec_test_00_h = "2003002900000004000080D2C70008197F0B00310000B1FE7F97816F523951BAF0445DB078B50276E797"; + + uint8_t *dec_test_fe_b, *dec_test_ff_b, *dec_test_00_b = NULL; + int dec_test_fe_len, dec_test_ff_len, dec_test_00_len = 0; - hex_conversion(dec_test_fe_h, (char**) &dec_test_fe_b, &dec_test_fe_len); - hex_conversion(dec_test_ff_h, (char**) &dec_test_ff_b, &dec_test_ff_len); - hex_conversion(dec_test_00_h, (char**) &dec_test_00_b, &dec_test_00_len); + hex_conversion(dec_test_fe_h, (char **)&dec_test_fe_b, &dec_test_fe_len); + hex_conversion(dec_test_ff_h, (char **)&dec_test_ff_b, &dec_test_ff_len); + hex_conversion(dec_test_00_h, (char **)&dec_test_00_b, &dec_test_00_len); - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; int32_t return_val = -1; @@ -504,23 +536,23 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) // Expose SA 1 for testing sa_if->sa_get_from_spi(1, &test_association); test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; // Expose SA 4 for testing sa_if->sa_get_from_spi(4, &test_association); - test_association->sa_state = SA_OPERATIONAL; + test_association->sa_state = SA_OPERATIONAL; test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->est=0; - test_association->ast=1; - test_association->ecs_len=1; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs_len=1; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->arsn_len = 3; + test_association->iv_len = 0; + test_association->est = 0; + test_association->ast = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->arsn_len = 3; test_association->shsnf_len = 2; // ARSN = "05FFFD" test_association->arsn[0] = 0x05; @@ -533,18 +565,18 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) Crypto_saPrint(test_association); return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - ASSERT_EQ(test_association->arsn[2],0xFE); + ASSERT_EQ(test_association->arsn[2], 0xFE); return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - ASSERT_EQ(test_association->arsn[2],0xFF); + ASSERT_EQ(test_association->arsn[2], 0xFF); // test_association->iv[5] = 0x01; return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - ASSERT_EQ(test_association->arsn[0] ,0x06); - ASSERT_EQ(test_association->arsn[1] ,0x00); - ASSERT_EQ(test_association->arsn[2] ,0x00); + ASSERT_EQ(test_association->arsn[0], 0x06); + ASSERT_EQ(test_association->arsn[1], 0x00); + ASSERT_EQ(test_association->arsn[2], 0x00); Crypto_saPrint(test_association); @@ -560,33 +592,34 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) remove("sa_save_file.bin"); int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - char* test_frame_pt_h = "2003001c"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + char *test_frame_pt_h = "2003001c"; + uint8_t *test_frame_pt_b = NULL; + int test_frame_pt_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(1, &test_association); - test_association->arsn_len = 0; + test_association->arsn_len = 0; test_association->shsnf_len = 0; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); // Should fail, as frame length violates the managed parameter status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TC_STANDARD, status); @@ -600,32 +633,34 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 4, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - char* test_frame_pt_h = "200304260000020000000000000000000000309e09deeaa375487983a89f3ed7519a230baf22"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + char *test_frame_pt_h = "200304260000020000000000000000000000309e09deeaa375487983a89f3ed7519a230baf22"; + uint8_t *test_frame_pt_b = NULL; + int test_frame_pt_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(1, &test_association); - test_association->arsn_len = 0; + test_association->arsn_len = 0; test_association->shsnf_len = 0; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); // Should fail, as frame length violates the managed parameter status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_ERR_INPUT_FRAME_LENGTH_SHORTER_THAN_FRAME_HEADERS_LENGTH, status); @@ -639,59 +674,60 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) { remove("sa_save_file.bin"); int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - char* test_frame_pt_h = "2003002A0000000B00000000000000000000000000000000025364F9BC3344AF359DA06CA886746F59A0AB"; + char *test_frame_pt_h = "2003002A0000000B00000000000000000000000000000000025364F9BC3344AF359DA06CA886746F59A0AB"; uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + int test_frame_pt_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(11, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->ast = 0; + test_association->arsn_len = 0; + test_association->shsnf_len = 0; + test_association->ast = 0; test_association->stmacf_len = 0; - test_association->ekid = 130; - test_association->sa_state = SA_OPERATIONAL; + test_association->ekid = 130; + test_association->sa_state = SA_OPERATIONAL; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); + status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - char* truth_data_h = "80d2c70008197f0b00310000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = "80d2c70008197f0b00310000b1fe"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) + hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); + // printf("Decrypted Frame:\n"); + for (int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) { - //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); + // printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); } - //printf("\n"); + // printf("\n"); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); free(tc_sdls_processed_frame); free(test_frame_pt_b); free(truth_data_b); - Crypto_Shutdown(); - + Crypto_Shutdown(); } /** @@ -700,17 +736,20 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) UTEST(TC_PROCESS, DECRYPT_CBC_1B) { remove("sa_save_file.bin"); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); @@ -722,47 +761,47 @@ UTEST(TC_PROCESS, DECRYPT_CBC_1B) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - char* test_frame_pt_h = "2003002A0000000B00000000000000000000000000000000011C1741A95DE7EF6FCF2B20B6F09E9FD29988"; + char *test_frame_pt_h = "2003002A0000000B00000000000000000000000000000000011C1741A95DE7EF6FCF2B20B6F09E9FD29988"; uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + int test_frame_pt_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(11, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->ast = 0; + test_association->arsn_len = 0; + test_association->shsnf_len = 0; + test_association->ast = 0; test_association->stmacf_len = 0; - test_association->ekid = 130; - test_association->sa_state = SA_OPERATIONAL; + test_association->ekid = 130; + test_association->sa_state = SA_OPERATIONAL; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); + status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - - char* truth_data_h = "80d2c70008197f0b0031000000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) + + char *truth_data_h = "80d2c70008197f0b0031000000b1fe"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; + + hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); + // printf("Decrypted Frame:\n"); + for (int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) { - //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); + // printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); } - //printf("\n"); + // printf("\n"); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); free(test_frame_pt_b); free(tc_sdls_processed_frame); free(truth_data_b); - Crypto_Shutdown(); + Crypto_Shutdown(); } /** @@ -771,16 +810,19 @@ UTEST(TC_PROCESS, DECRYPT_CBC_1B) UTEST(TC_PROCESS, DECRYPT_CBC_16B) { remove("sa_save_file.bin"); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, + // 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); @@ -792,47 +834,48 @@ UTEST(TC_PROCESS, DECRYPT_CBC_16B) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - char* test_frame_pt_h = "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + char *test_frame_pt_h = "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603" + "996C4B78B992CD60918729D3A47A"; + uint8_t *test_frame_pt_b = NULL; + int test_frame_pt_len = 0; // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(11, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->ast = 0; + test_association->arsn_len = 0; + test_association->shsnf_len = 0; + test_association->ast = 0; test_association->stmacf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ekid = 130; + test_association->sa_state = SA_OPERATIONAL; + test_association->ekid = 130; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); + status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - - char* truth_data_h = "80d2c70008197f0b003100000000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) + + char *truth_data_h = "80d2c70008197f0b003100000000b1fe"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; + + hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); + // printf("Decrypted Frame:\n"); + for (int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) { printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); } - //printf("\n"); + // printf("\n"); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); free(test_frame_pt_b); free(tc_sdls_processed_frame); free(truth_data_b); - Crypto_Shutdown(); + Crypto_Shutdown(); } /** @@ -842,16 +885,18 @@ UTEST(TC_PROCESS, DECRYPT_CBC_16B) UTEST(TC_PROCESS, GCM_IV_AND_ARSN) { remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, + // TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); TC_UT_Managed_Parameters.vcid = 1; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); @@ -860,84 +905,106 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - int status = 0; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = 0; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext - char* buffer_arsn_h = "0123"; // The last valid ARSN that was seen by the SA - char* buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char* buffer_replay_h = "2003002500FF0009B6AC8E4963F49207FFD6374B1224DFEFB72A20D49E09256908874979DFC1"; // IV is one less than library expects - char* buffer_outside_window_h = "2003002500FF0009B6AC8E4963F49207FFD6375C1224DFEFB72A20D49E09256908874979B36E"; // IV is outside the positive window - char* buffer_bad_iv_bad_arsn_h = "2003002500FF0009B6AC8E4963F49207FFD6374C01231224DFEFB72A20D49E09256908874979"; // IV isa replay, ARSN is a replay - char* buffer_good_iv_bad_arsn_h = "2003002500FF0009B6AC8E4963F49207FFD6374C01231224DFEFB72A20D49E09256908874979"; // IV is the next one expected, ARSN is a replay - char* buffer_bad_iv_good_arsn_h = "2003002500FF0009B6AC8E4963F49207FFD6374B01241224DFEFB72A20D49E09256908874979"; // IV is a replay, ARSN is next expected - char* buffer_good_iv_with_gap_h = "2003002500FF0009B6AC8E4963F49207FFD6374F1224DFEFB72A20D49E092569088749799C49"; // IV is valid, but not next one expected - char* buffer_high_iv_good_arsn_h = "2003002500FF0009B6AC8E4963F49207FFD6374B01241224DFEFB72A20D49E09256908874979"; // IV is outside upper bounds, ARSN is next expected - char* buffer_good_iv_high_arsn_h = "2003002500FF0009B6AC8E4963F49207FFD6374BFFFE1224DFEFB72A20D49E09256908874979"; // IV is next expected, ARSN is outside upper bounds - char* buffer_good_iv_good_arsn_h = "2003002500FF0009B6AC8E4963F49207FFD6374C01241224DFEFB72A20D49E09256908874979"; // IV is next expected, ARSN is next expected - char* buffer_good_iv_gap_good_arsn_gap_h = "2003002500FF0009B6AC8E4963F49207FFD6375101291224DFEFB72A20D49E09256908874979"; // IV is next expected, ARSN is next expected - - uint8_t *buffer_replay_b, *buffer_outside_window_b, *buffer_bad_iv_bad_arsn_b, *buffer_good_iv_bad_arsn_b, *buffer_bad_iv_good_arsn_b, - *buffer_good_iv_with_gap_b, *buffer_high_iv_good_arsn_b, *buffer_good_iv_high_arsn_b, *buffer_nist_iv_b, *buffer_nist_key_b, - *buffer_good_iv_good_arsn_b, *buffer_good_iv_gap_good_arsn_gap_b, *buffer_arsn_b = NULL; - int buffer_replay_len, buffer_outside_window_len, buffer_bad_iv_bad_arsn_len, buffer_good_iv_bad_arsn_len, buffer_bad_iv_good_arsn_len, - buffer_good_iv_with_gap_len, buffer_high_iv_good_arsn_len, buffer_good_iv_high_arsn_len, buffer_nist_iv_len, buffer_nist_key_len, - buffer_good_iv_good_arsn_len, buffer_good_iv_gap_good_arsn_gap_len, buffer_arsn_len = 0; + char *buffer_arsn_h = "0123"; // The last valid ARSN that was seen by the SA + char *buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_replay_h = + "2003002500FF0009B6AC8E4963F49207FFD6374B1224DFEFB72A20D49E09256908874979DFC1"; // IV is one less than library + // expects + char *buffer_outside_window_h = + "2003002500FF0009B6AC8E4963F49207FFD6375C1224DFEFB72A20D49E09256908874979B36E"; // IV is outside the positive + // window + char *buffer_bad_iv_bad_arsn_h = + "2003002500FF0009B6AC8E4963F49207FFD6374C01231224DFEFB72A20D49E09256908874979"; // IV isa replay, ARSN is a + // replay + char *buffer_good_iv_bad_arsn_h = + "2003002500FF0009B6AC8E4963F49207FFD6374C01231224DFEFB72A20D49E09256908874979"; // IV is the next one expected, + // ARSN is a replay + char *buffer_bad_iv_good_arsn_h = + "2003002500FF0009B6AC8E4963F49207FFD6374B01241224DFEFB72A20D49E09256908874979"; // IV is a replay, ARSN is next + // expected + char *buffer_good_iv_with_gap_h = + "2003002500FF0009B6AC8E4963F49207FFD6374F1224DFEFB72A20D49E092569088749799C49"; // IV is valid, but not next one + // expected + char *buffer_high_iv_good_arsn_h = + "2003002500FF0009B6AC8E4963F49207FFD6374B01241224DFEFB72A20D49E09256908874979"; // IV is outside upper bounds, + // ARSN is next expected + char *buffer_good_iv_high_arsn_h = + "2003002500FF0009B6AC8E4963F49207FFD6374BFFFE1224DFEFB72A20D49E09256908874979"; // IV is next expected, ARSN is + // outside upper bounds + char *buffer_good_iv_good_arsn_h = + "2003002500FF0009B6AC8E4963F49207FFD6374C01241224DFEFB72A20D49E09256908874979"; // IV is next expected, ARSN is + // next expected + char *buffer_good_iv_gap_good_arsn_gap_h = + "2003002500FF0009B6AC8E4963F49207FFD6375101291224DFEFB72A20D49E09256908874979"; // IV is next expected, ARSN is + // next expected + + uint8_t *buffer_replay_b, *buffer_outside_window_b, *buffer_bad_iv_bad_arsn_b, *buffer_good_iv_bad_arsn_b, + *buffer_bad_iv_good_arsn_b, *buffer_good_iv_with_gap_b, *buffer_high_iv_good_arsn_b, + *buffer_good_iv_high_arsn_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_good_iv_good_arsn_b, + *buffer_good_iv_gap_good_arsn_gap_b, *buffer_arsn_b = NULL; + int buffer_replay_len, buffer_outside_window_len, buffer_bad_iv_bad_arsn_len, buffer_good_iv_bad_arsn_len, + buffer_bad_iv_good_arsn_len, buffer_good_iv_with_gap_len, buffer_high_iv_good_arsn_len, + buffer_good_iv_high_arsn_len, buffer_nist_iv_len, buffer_nist_key_len, buffer_good_iv_good_arsn_len, + buffer_good_iv_gap_good_arsn_gap_len, buffer_arsn_len = 0; // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; + TC_t *tc_nist_processed_frame; tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); // Expose/setup SAs for testing - SecurityAssociation_t* test_association; + SecurityAssociation_t *test_association; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 9 sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->acs = 0; - test_association->shsnf_len = 2; - test_association->arsn_len = 2; - test_association->arsnw = 5; - test_association->est = 1; - test_association->ast = 0; - test_association->ekid = 136; - test_association->akid = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->shplf_len = 1; - test_association->arsnw_len = 1; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->acs = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->est = 1; + test_association->ast = 0; + test_association->ekid = 136; + test_association->akid = 0; + test_association->shivf_len = 12; + test_association->iv_len = 12; + test_association->shplf_len = 1; + test_association->arsnw_len = 1; test_association->stmacf_len = 0; - test_association->abm_len = 1024; - + test_association->abm_len = 1024; // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed - hex_conversion(buffer_replay_h, (char**) &buffer_replay_b, &buffer_replay_len); - hex_conversion(buffer_outside_window_h, (char**) &buffer_outside_window_b, &buffer_outside_window_len); - hex_conversion(buffer_bad_iv_bad_arsn_h, (char**) &buffer_bad_iv_bad_arsn_b, &buffer_bad_iv_bad_arsn_len); - hex_conversion(buffer_good_iv_bad_arsn_h, (char**) &buffer_good_iv_bad_arsn_b, &buffer_good_iv_bad_arsn_len); - hex_conversion(buffer_bad_iv_good_arsn_h, (char**) &buffer_bad_iv_good_arsn_b, &buffer_bad_iv_good_arsn_len); - hex_conversion(buffer_good_iv_with_gap_h, (char**) &buffer_good_iv_with_gap_b, &buffer_good_iv_with_gap_len); - hex_conversion(buffer_high_iv_good_arsn_h, (char**) &buffer_high_iv_good_arsn_b, &buffer_high_iv_good_arsn_len); - hex_conversion(buffer_good_iv_high_arsn_h, (char**) &buffer_good_iv_high_arsn_b, &buffer_good_iv_high_arsn_len); - hex_conversion(buffer_good_iv_good_arsn_h, (char**) &buffer_good_iv_good_arsn_b, &buffer_good_iv_good_arsn_len); - hex_conversion(buffer_good_iv_gap_good_arsn_gap_h, (char**) &buffer_good_iv_gap_good_arsn_gap_b, &buffer_good_iv_gap_good_arsn_gap_len); + hex_conversion(buffer_replay_h, (char **)&buffer_replay_b, &buffer_replay_len); + hex_conversion(buffer_outside_window_h, (char **)&buffer_outside_window_b, &buffer_outside_window_len); + hex_conversion(buffer_bad_iv_bad_arsn_h, (char **)&buffer_bad_iv_bad_arsn_b, &buffer_bad_iv_bad_arsn_len); + hex_conversion(buffer_good_iv_bad_arsn_h, (char **)&buffer_good_iv_bad_arsn_b, &buffer_good_iv_bad_arsn_len); + hex_conversion(buffer_bad_iv_good_arsn_h, (char **)&buffer_bad_iv_good_arsn_b, &buffer_bad_iv_good_arsn_len); + hex_conversion(buffer_good_iv_with_gap_h, (char **)&buffer_good_iv_with_gap_b, &buffer_good_iv_with_gap_len); + hex_conversion(buffer_high_iv_good_arsn_h, (char **)&buffer_high_iv_good_arsn_b, &buffer_high_iv_good_arsn_len); + hex_conversion(buffer_good_iv_high_arsn_h, (char **)&buffer_good_iv_high_arsn_b, &buffer_good_iv_high_arsn_len); + hex_conversion(buffer_good_iv_good_arsn_h, (char **)&buffer_good_iv_good_arsn_b, &buffer_good_iv_good_arsn_len); + hex_conversion(buffer_good_iv_gap_good_arsn_gap_h, (char **)&buffer_good_iv_gap_good_arsn_gap_b, + &buffer_good_iv_gap_good_arsn_gap_len); // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert/Set input ARSN - hex_conversion(buffer_arsn_h, (char**) &buffer_arsn_b, &buffer_arsn_len); + hex_conversion(buffer_arsn_h, (char **)&buffer_arsn_b, &buffer_arsn_len); memcpy(test_association->arsn, buffer_arsn_b, buffer_arsn_len); // Expect to fail on ARSN (Bad IV, bad ARSN) @@ -947,20 +1014,22 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) // Expect to fail on ARSN (Good IV, bad ARSN) printf(KGRN "Checking replay - using previous received ARSN...\n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_good_iv_bad_arsn_b, &buffer_good_iv_bad_arsn_len, tc_nist_processed_frame); + status = + Crypto_TC_ProcessSecurity(buffer_good_iv_bad_arsn_b, &buffer_good_iv_bad_arsn_len, tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW, status); // Verify IV did not increment since ARSN was bad - for( int i=0; iiv_len; i++) + for (int i = 0; i < test_association->iv_len; i++) { ASSERT_EQ(test_association->iv[i], buffer_nist_iv_b[i]); } // Expect to fail on IV (Bad IV, Good ARSN) printf(KGRN "Checking replay - using previous received IV...\n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_bad_iv_good_arsn_b, &buffer_bad_iv_good_arsn_len, tc_nist_processed_frame); + status = + Crypto_TC_ProcessSecurity(buffer_bad_iv_good_arsn_b, &buffer_bad_iv_good_arsn_len, tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW, status); // Verify ARSN did not increment since IV was bad - for( int i=0; iarsn_len; i++) + for (int i = 0; i < test_association->arsn_len; i++) { ASSERT_EQ(test_association->arsn[i], buffer_arsn_b[i]); } @@ -968,48 +1037,55 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) // Expect to fail on IV counter being too high // Check w/ Mike printf(KGRN "Checking replay - using IV outside (above) the window...\n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_high_iv_good_arsn_b, &buffer_high_iv_good_arsn_len, tc_nist_processed_frame); + status = + Crypto_TC_ProcessSecurity(buffer_high_iv_good_arsn_b, &buffer_high_iv_good_arsn_len, tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_ERR_IV_OUTSIDE_WINDOW, status); // Expect to fail on ARSN counter being too high // Check w/ Mike printf(KGRN "Checking replay - using ARSN outside (above) the window...\n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_good_iv_high_arsn_b, &buffer_good_iv_high_arsn_len, tc_nist_processed_frame); + status = + Crypto_TC_ProcessSecurity(buffer_good_iv_high_arsn_b, &buffer_good_iv_high_arsn_len, tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_ERR_ARSN_OUTSIDE_WINDOW, status); // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_good_iv_good_arsn_b, &buffer_good_iv_good_arsn_len, tc_nist_processed_frame); + status = + Crypto_TC_ProcessSecurity(buffer_good_iv_good_arsn_b, &buffer_good_iv_good_arsn_len, tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Verify IV LSB incremented - ASSERT_EQ(test_association->iv[test_association->iv_len-1], 0x4C); + ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 0x4C); // Verify ARSN LSB incremented - ASSERT_EQ(test_association->arsn[test_association->arsn_len-1], 0x24); + ASSERT_EQ(test_association->arsn[test_association->arsn_len - 1], 0x24); // Expect success on valid IV and ARSNs within window, but have a gap printf(KGRN "Checking valid IV and ARSN within window... should be able to receive it... \n" RESET); - status = Crypto_TC_ProcessSecurity(buffer_good_iv_gap_good_arsn_gap_b, &buffer_good_iv_gap_good_arsn_gap_len, tc_nist_processed_frame); + status = Crypto_TC_ProcessSecurity(buffer_good_iv_gap_good_arsn_gap_b, &buffer_good_iv_gap_good_arsn_gap_len, + tc_nist_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Validate that the SA IV is updated to the most recently received IV // IV length in this testing is 12 bytes printf(KGRN "Verifying IV updated correctly...\n" RESET); printf("SA IV is now:\t"); - for (int i = 0; i < test_association->shivf_len; i++) - { - ASSERT_EQ(*(test_association->iv + i), *(buffer_good_iv_gap_good_arsn_gap_b +8 + i)); // 8 is IV offset into packet - printf("%02X", *(test_association->iv + i)); - } + for (int i = 0; i < test_association->shivf_len; i++) + { + ASSERT_EQ(*(test_association->iv + i), + *(buffer_good_iv_gap_good_arsn_gap_b + 8 + i)); // 8 is IV offset into packet + printf("%02X", *(test_association->iv + i)); + } printf("\n"); // Validate that the SA ARSN is updated to the most recently received IV // ARSN length in this testing is 2 bytes printf(KGRN "Verifying ARSN updated correctly...\n" RESET); printf("SA ARSN is now:\t"); - for (int i = 0; i < test_association->arsn_len; i++) - { - ASSERT_EQ(*(test_association->arsn + i), *(buffer_good_iv_gap_good_arsn_gap_b + 8 + test_association->shivf_len + i)); // 8 + shivf is IV offset into packet - printf("%02X", *(test_association->arsn + i)); - } + for (int i = 0; i < test_association->arsn_len; i++) + { + ASSERT_EQ(*(test_association->arsn + i), + *(buffer_good_iv_gap_good_arsn_gap_b + 8 + test_association->shivf_len + + i)); // 8 + shivf is IV offset into packet + printf("%02X", *(test_association->arsn + i)); + } printf("\n"); Crypto_Shutdown(); free(buffer_replay_b); @@ -1028,28 +1104,30 @@ UTEST(TC_PROCESS, TC_SA_SEGFAULT_TEST) int32_t status = CRYPTO_LIB_SUCCESS; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_Managed_Parameters); status = Crypto_Init(); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); // Test frame setup - char* test_frame_pt_h = "2003002A000000FF00000000000000000000000000000000025364F9BC3344AF359DA06CA886748F59A0AB"; + char *test_frame_pt_h = "2003002A000000FF00000000000000000000000000000000025364F9BC3344AF359DA06CA886748F59A0AB"; uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + int test_frame_pt_len = 0; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); @@ -1065,28 +1143,30 @@ UTEST(TC_PROCESS, TC_SA_NOT_OPERATIONAL) int32_t status = CRYPTO_LIB_SUCCESS; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t AOS_Managed_Parameters = {0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_Managed_Parameters); status = Crypto_Init(); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); // Test frame setup - char* test_frame_pt_h = "2003000C00002C414243444546"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; + char *test_frame_pt_h = "2003000C00002C414243444546"; + uint8_t *test_frame_pt_b = NULL; + int test_frame_pt_len = 0; // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index c37415f0..b39ce0eb 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -37,17 +37,50 @@ UTEST(TM_APPLY_SECURITY, NO_CRYPTO_INIT) int32_t status = CRYPTO_LIB_ERROR; // No Crypto_Init(), but we still Configure It; - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_tm_b); Crypto_Shutdown(); } @@ -64,13 +97,13 @@ UTEST(TM_APPLY_SECURITY, NULL_BUFFER) int32_t status = CRYPTO_LIB_ERROR; // No Crypto_Init(), but we still Configure It; - char* framed_tm_b = NULL; + char *framed_tm_b = NULL; - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_BUFFER, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NULL_BUFFER",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NULL_BUFFER", error_enum); free(framed_tm_b); Crypto_Shutdown(); } @@ -85,15 +118,47 @@ UTEST(TM_APPLY_SECURITY, NO_CONFIG) int32_t status = CRYPTO_LIB_ERROR; // No Crypto_Init(), but we still Configure It: - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Bit math to give concise access to values already set in the static transfer frame @@ -101,11 +166,11 @@ UTEST(TM_APPLY_SECURITY, NO_CONFIG) tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_tm_b); Crypto_Shutdown(); @@ -124,18 +189,84 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF) Crypto_Init_TM_Unit_Test(); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - //SecurityAssociation_t* sa_ptr = NULL; + // SecurityAssociation_t* sa_ptr = NULL; // Test frame setup - char* framed_tm_h = "003000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFF"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "003000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFF"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "003000001800000100000000000000000000000000008899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB8ECE"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "003000001800000100000000000000000000000000008899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB8ECE"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Bit math to give concise access to values already set in the static transfer frame @@ -144,17 +275,18 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -173,30 +305,98 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - SecurityAssociation_t* sa_ptr = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_FALSE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x0003, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x0003, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup - char* framed_tm_h = "003000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFF"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "003000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFF"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "003000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "003000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SA for testing @@ -204,12 +404,12 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->sa_state = SA_KEYED; sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->arsnw_len = 0; - sa_ptr->arsnw = 5; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->shivf_len = 0; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; + sa_ptr->arsnw_len = 0; + sa_ptr->arsnw = 5; sa_ptr->gvcid_blk.vcid = 0; // Bit math to give concise access to values already set in the static transfer frame @@ -218,17 +418,18 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -238,7 +439,7 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) /** * @brief Unit Test: Presence of Secondary Header - * This should call apply_security, account for the secondary header, + * This should call apply_security, account for the secondary header, * finally returning CRYPTO_LIB_SUCCESS * The TM inputshould be unchanged except for filling in the SPI * This is configured to also keep the original FECF @@ -247,30 +448,84 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - SecurityAssociation_t* sa_ptr = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_FALSE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1024, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1024, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - + status = Crypto_Init(); // Test frame setup - char* framed_tm_h = "02C00000980006AABBCCDDEEFF000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA6e76"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C00000980006AABBCCDDEEFF000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA6e76"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C00000980006AABBCCDDEEFF000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C00000980006AABBCCDDEEFF000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SA for testing @@ -278,12 +533,12 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->sa_state = SA_KEYED; sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->arsnw_len = 0; - sa_ptr->arsnw = 5; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->shivf_len = 0; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; + sa_ptr->arsnw_len = 0; + sa_ptr->arsnw = 5; sa_ptr->gvcid_blk.vcid = 0; sa_ptr->gvcid_blk.scid = 44; @@ -293,17 +548,18 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -324,19 +580,85 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) // Setup & Initialize CryptoLib Crypto_Init_TM_Unit_Test(); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; // Test frame setup - char* framed_tm_h = "02C00000980006AABBCCDDEEFF000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA00000000000000000000000000000000"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C00000980006AABBCCDDEEFF000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAA00000000000000000000000000000000"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - // Truth frame setup - char* truth_tm_h = "02C00000980006AABBCCDDEEFF000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA1FCD8AA6DA19DA72549079ACD9AA8B97"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + // Truth frame setup + char *truth_tm_h = + "02C00000980006AABBCCDDEEFF000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAA1FCD8AA6DA19DA72549079ACD9AA8B97"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Bit math to give concise access to values already set in the static transfer frame @@ -350,39 +672,40 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->sa_state = SA_KEYED; sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; + sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; + sa_ptr->arsn_len = 0; sa_ptr->arsnw_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask - sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->ecs_len = 0; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->stmacf_len = 16; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->ecs_len = 0; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -397,31 +720,99 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup - char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB00000000000000000000000000000000415B"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup // Mac from python based CMAC: e34e7c942ddf2738f17f77ec15309445 - char* truth_tm_h = "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBE34E7C942DDF2738F17F77EC153094452A4A"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBE34E7C942DDF2738F17F77EC153094452A4A"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SA for testing @@ -431,25 +822,25 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) // Configure SA 5 sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; - sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -457,10 +848,11 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -470,8 +862,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) // 4) FECF is re-calculated and updated for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { - printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -486,38 +878,107 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; // uint8_t map_id = TYPE_TM; // Not used in TM, but simplifies getting SA // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup - char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB00000000000000000000000000000000415B"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup // Mac from python based CMAC: 8eae5e9d174659fc8edf9bf0505d6625 /** - * NOTE: CyberChef needs a from_hex in the recipe before CMAC! - * CyberChef: https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')CMAC(%7B'option':'Hex','string':'ff9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f9'%7D,'AES')&input=MDJDMDAwMDAxODAwMDAwQzA4MDEwMDAwMDAwRjAwMTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI - **/ - char* truth_tm_h = "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBA8B942B0B98CF1D8FCCEC19DD67E77BE3E44"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + * NOTE: CyberChef needs a from_hex in the recipe before CMAC! + * CyberChef: + *https://gchq.github.io/CyberChef/#recipe=From_Hex('Auto')CMAC(%7B'option':'Hex','string':'ff9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f9'%7D,'AES')&input=MDJDMDAwMDAxODAwMDAwQzA4MDEwMDAwMDAwRjAwMTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI + **/ + char *truth_tm_h = + "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBA8B942B0B98CF1D8FCCEC19DD67E77BE3E44"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SA for testing @@ -527,25 +988,25 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) // Configure SA 5 sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; - sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -553,12 +1014,14 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -569,11 +1032,11 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); - free(framed_tm_b); + free(framed_tm_b); free(truth_tm_b); } @@ -584,31 +1047,99 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup - char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB00000000000000000000000000000000415B"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFD069AE4E9E97EB05BFE2F0A6EC6C56294DF"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBFD069AE4E9E97EB05BFE2F0A6EC6C56294DF"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SA for testing @@ -618,25 +1149,25 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Configure SA 5 sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; - sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -644,10 +1175,11 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -658,11 +1190,11 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); - free(framed_tm_b); + free(framed_tm_b); free(truth_tm_b); } @@ -673,31 +1205,99 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup - char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB00000000000000000000000000000000415B"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBF39404F2A384C6677E405D49782E3537107E"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBF39404F2A384C6677E405D49782E3537107E"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SA for testing @@ -707,26 +1307,26 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Configure SA 5 sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; - sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -734,10 +1334,11 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -748,7 +1349,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -763,32 +1364,100 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // Test frame setup - char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB00000000000000000000000000000000415B"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB554BAC80D1FDCFF21FD6996BF1D9132733E4"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB554BAC80D1FDCFF21FD6996BF1D9132733E4"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SA for testing @@ -798,29 +1467,29 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Configure SA 5 sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; - sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Update key length for SHA512 - akp = key_if->get_key(sa_ptr->akid); + akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame @@ -829,12 +1498,14 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -846,9 +1517,10 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) { if (framed_tm_b[i] != truth_tm_b[i]) { - printf("Error at index %d: checking frame %02x against truth %02X\n", i, (uint8_t) framed_tm_b[i], (uint8_t) truth_tm_b[i]); + printf("Error at index %d: checking frame %02x against truth %02X\n", i, (uint8_t)framed_tm_b[i], + (uint8_t)truth_tm_b[i]); } - ASSERT_EQ((uint8_t) framed_tm_b[i], (uint8_t) truth_tm_b[i]); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)truth_tm_b[i]); } Crypto_Shutdown(); @@ -863,32 +1535,100 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); status = Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // Test frame setup - char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB00000000000000000000000000000000415B"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB86845CB946B6132F9F026B6AFE1085F0A48F"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB86845CB946B6132F9F026B6AFE1085F0A48F"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SA for testing @@ -898,29 +1638,29 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Configure SA 5 sa_if->sa_get_from_spi(5, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; - sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; - sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; + sa_ptr->shivf_len = 0; + sa_ptr->iv_len = 0; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Update key length for SHA512 - akp = key_if->get_key(sa_ptr->akid); + akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame @@ -929,10 +1669,11 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - status = Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -943,11 +1684,11 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); - free(framed_tm_b); + free(framed_tm_b); free(truth_tm_b); } @@ -959,31 +1700,99 @@ UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup Header |SPI| IV | Data - char* framed_tm_h = "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFF"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFF"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C0000018000005DEADBEEFDEADBEEFDEADBEEFDEADBEEFFF00AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBD254"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C0000018000005DEADBEEFDEADBEEFDEADBEEFDEADBEEFFF00AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBD254"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SAs for testing - SecurityAssociation_t ta; - SecurityAssociation_t* sa_ptr = &ta; + SecurityAssociation_t ta; + SecurityAssociation_t *sa_ptr = &ta; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->sa_state = SA_NONE; @@ -992,25 +1801,25 @@ UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) sa_if->sa_get_from_spi(5, &sa_ptr); sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs_len = 1; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - sa_ptr->acs_len = 1; - sa_ptr->acs = CRYPTO_MAC_NONE; - sa_ptr->iv_len = 16; - sa_ptr->shivf_len = 16; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs_len = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->acs_len = 1; + sa_ptr->acs = CRYPTO_MAC_NONE; + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; // Set a more obvious IV for test purposes - char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; - char* iv_b = NULL; - int iv_len = 0; + char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; + char *iv_b = NULL; + int iv_len = 0; hex_conversion(iv_h, &iv_b, &iv_len); memcpy(sa_ptr->iv, iv_b, iv_len); - Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); printf("Static frame contents:\n\t"); for (int i = 0; i < 1786; i++) @@ -1025,7 +1834,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) for (int i = 0; i < 1786; i++) { // printf("[%d]: %02x -> %02x \n", i, (uint8_t)framed_tm_b[i], truth_tm_b[i]); - printf("%02x", (uint8_t)*(truth_tm_b+i)); + printf("%02x", (uint8_t) * (truth_tm_b + i)); // ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); // enc_data_idx++; } @@ -1037,7 +1846,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) // printf("%02x", (uint8_t)*(truth_tm_b+i)); if (framed_tm_b[i] != truth_tm_b[i]) { - printf("Error at index %d: checking frame %02x against truth %02X\n", i, (uint8_t) framed_tm_b[i], (uint8_t) truth_tm_b[i]); + printf("Error at index %d: checking frame %02x against truth %02X\n", i, (uint8_t)framed_tm_b[i], + (uint8_t)truth_tm_b[i]); } ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)truth_tm_b[i]); } @@ -1057,31 +1867,99 @@ UTEST(TM_APPLY_ENC_VAL, AEAD_AES_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup Header |SPI| IV | Data - char* framed_tm_h = "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBCCDDCCDDCCDDCCDDCCDDCCDDCCDDCCDDFFFF"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBCCDDCCDDCCDDCCDDCCDDCCDDCCDDCCDDFFFF"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C0000018000005DEADBEEFDEADBEEFDEADBEEFDEADBEEFFF00AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBCCDDCCDDCCDDCCDDCCDDCCDDCCDDCCDD2261"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C0000018000005DEADBEEFDEADBEEFDEADBEEFDEADBEEFFF00AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBCCDDCCDDCCDDCCDDCCDDCCDDCCDDCCDD2261"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Expose/setup SAs for testing - SecurityAssociation_t ta; - SecurityAssociation_t* sa_ptr = &ta; + SecurityAssociation_t ta; + SecurityAssociation_t *sa_ptr = &ta; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->sa_state = SA_NONE; @@ -1089,34 +1967,34 @@ UTEST(TM_APPLY_ENC_VAL, AEAD_AES_GCM_BITMASK_1) sa_if->sa_get_from_spi(5, &sa_ptr); sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ast =1; - sa_ptr->ecs_len = 1; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - sa_ptr->acs_len = 1; - sa_ptr->acs = CRYPTO_MAC_NONE; - sa_ptr->iv_len = 16; - sa_ptr->shivf_len = 16; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ast = 1; + sa_ptr->ecs_len = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->acs_len = 1; + sa_ptr->acs = CRYPTO_MAC_NONE; + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 16; // Set a more obvious IV for test purposes - char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; - char* iv_b = NULL; - int iv_len = 0; + char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; + char *iv_b = NULL; + int iv_len = 0; hex_conversion(iv_h, &iv_b, &iv_len); memcpy(sa_ptr->iv, iv_b, iv_len); // Expected IV after increment - char* next_iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEF0"; - char* next_iv_b = NULL; - int next_iv_len = 0; + char *next_iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEF0"; + char *next_iv_b = NULL; + int next_iv_len = 0; hex_conversion(next_iv_h, &next_iv_b, &next_iv_len); ASSERT_EQ(next_iv_len, iv_len); - Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); + Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); printf("Static frame contents:\n\t"); for (int i = 0; i < 1786; i++) @@ -1143,7 +2021,8 @@ UTEST(TM_APPLY_ENC_VAL, AEAD_AES_GCM_BITMASK_1) // printf("%02x", (uint8_t)*(truth_tm_b+i)); if (framed_tm_b[i] != truth_tm_b[i]) { - printf("Error at index %d: checking frame %02x against truth %02X\n", i, (uint8_t) framed_tm_b[i], (uint8_t) truth_tm_b[i]); + printf("Error at index %d: checking frame %02x against truth %02X\n", i, (uint8_t)framed_tm_b[i], + (uint8_t)truth_tm_b[i]); } ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t)truth_tm_b[i]); } diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index c5051bd7..26c60fd4 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -25,7 +25,6 @@ #include "sa_interface.h" #include "utest.h" - /** * @brief Unit Test: No Crypto_Init() * @@ -35,40 +34,78 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_ERROR; - int framed_tm_len = 0; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_ERROR; + int framed_tm_len = 0; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; - char* framed_tm_b = NULL; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; + char *framed_tm_b = NULL; hex_conversion(framed_tm_h, &framed_tm_b, (int *)&framed_tm_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF}; - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, + // TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); // Determine managed parameters by GVCID, which nominally happens in TO - // status = Crypto_Get_Managed_Parameters_For_Gvcid(((uint8_t)framed_tm_b[0] & 0xC0) >> 6, - // (((uint8_t)framed_tm_b[0] & 0x03) << 8) | (uint8_t)framed_tm_b[1], - // (((uint8_t)framed_tm_b[2] & 0xFC) >> 2), + // status = Crypto_Get_Managed_Parameters_For_Gvcid(((uint8_t)framed_tm_b[0] & 0xC0) >> 6, + // (((uint8_t)framed_tm_b[0] & 0x03) << 8) | + // (uint8_t)framed_tm_b[1], + // (((uint8_t)framed_tm_b[2] & 0xFC) >> 2), // gvcid_managed_parameters, ¤t_managed_parameters); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(((uint8_t)framed_tm_b[0] & 0xC0) >> 6, - // (((uint8_t)framed_tm_b[0] & 0x03) << 8) | (uint8_t)framed_tm_b[1], + // status = sa_if->sa_get_operational_sa_from_gvcid(((uint8_t)framed_tm_b[0] & 0xC0) >> 6, + // (((uint8_t)framed_tm_b[0] & 0x03) << 8) | + // (uint8_t)framed_tm_b[1], // (((uint8_t)framed_tm_b[2] & 0xFC) >> 2), map_id, &sa); - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_h, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_tm_b); Crypto_Shutdown(); } @@ -80,13 +117,46 @@ UTEST(TM_PROCESS_SECURITY, NO_CONFIG) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_ERROR; - int framed_tm_len = 0; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_ERROR; + int framed_tm_len = 0; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; - char* framed_tm_b = NULL; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB415B"; + char *framed_tm_b = NULL; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Bit math to give concise access to values already set in the static transfer frame @@ -95,17 +165,17 @@ UTEST(TM_PROCESS_SECURITY, NO_CONFIG) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - // status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - // gvcid_managed_parameters, ¤t_managed_parameters); + // status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, gvcid_managed_parameters, ¤t_managed_parameters); // printf("STATUS is %d\n", status); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); - // printf("STATUS is %d\n", status); - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_h, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); printf("STATUS is %d\n", status); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); - char* error_enum = Crypto_Get_Error_Code_Enum_String(status); - ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG",error_enum); + char *error_enum = Crypto_Get_Error_Code_Enum_String(status); + ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_tm_b); Crypto_Shutdown(); @@ -121,35 +191,103 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); // Test frame setup // Note: SPI 5 (0x05) - char* framed_tm_h = "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBCD4E"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBCD4E"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C000001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - SecurityAssociation_t* sa_ptr; + SecurityAssociation_t *sa_ptr; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->sa_state = SA_NONE; @@ -157,16 +295,17 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) sa_if->sa_get_from_spi(5, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -184,37 +323,105 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) { remove("sa_save_file.bin"); - // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); // Test frame setup - char* framed_tm_h = "02C00000980006AABBCCDDEEFF000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA9DC8"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C00000980006AABBCCDDEEFF000508010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA9DC8"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C00000980006AABBCCDDEEFF000000000000000000000000000000008899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C00000980006AABBCCDDEEFF000000000000000000000000000000008899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - SecurityAssociation_t* sa_ptr; + SecurityAssociation_t *sa_ptr; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->sa_state = SA_NONE; @@ -222,31 +429,30 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) sa_if->sa_get_from_spi(5, &sa_ptr); sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ast =0; - sa_ptr->ecs_len = 1; - sa_ptr->ecs = 0; - sa_ptr->acs_len = 0; - sa_ptr->acs = 0; - sa_ptr->iv_len = 16; - sa_ptr->shivf_len = 16; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ast = 0; + sa_ptr->ecs_len = 1; + sa_ptr->ecs = 0; + sa_ptr->acs_len = 0; + sa_ptr->acs = 0; + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 0; - - - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", tm_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -266,34 +472,102 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_tm_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); // Test frame setup - char* framed_tm_h = "02C00000980006AABBCCDDEEFF000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA4d602e708cd244d1c3f6c4a333d1d22f808f"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C00000980006AABBCCDDEEFF000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAA4d602e708cd244d1c3f6c4a333d1d22f808f"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C00000980006AABBCCDDEEFF000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA000000000000000000000000000000000000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C00000980006AABBCCDDEEFF000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAA000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max @@ -308,33 +582,34 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; + sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Determine managed parameters by GVCID, which nominally happens in TO - //status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + // status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, // gvcid_managed_parameters, ¤t_managed_parameters); - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for(int i=0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -350,35 +625,103 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_tm_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBe34e7c942ddf2738f17f77ec15309445a65f"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBe34e7c942ddf2738f17f77ec15309445a65f"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup // Mac from python based CMAC: e34e7c942ddf2738f17f77ec15309445 - char* truth_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max @@ -388,22 +731,22 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; + sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -411,15 +754,17 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -430,7 +775,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -446,37 +791,105 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_tm_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // uint8_t map_id = TYPE_TM; // Not used in TM, but simplifies getting SA // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB8eae5e9d174659fc8edf9bf0505d66255ab5"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB8eae5e9d174659fc8edf9bf0505d66255ab5"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup // Mac from python based CMAC: 68d3ae99a68603a261304815b95ffe74 - char* truth_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max @@ -486,23 +899,23 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; + sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -510,15 +923,17 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -529,7 +944,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -545,35 +960,103 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_tm_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFD069AE4E9E97EB05BFE2F0A6EC6C56218ca"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBFD069AE4E9E97EB05BFE2F0A6EC6C56218ca"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup // Mac from python based SHA256: fd069ae4e9e97eb05bfe2f0a6ec6c562ab8352a51d797b85d02ae9762cbad3ef - char* truth_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max @@ -583,23 +1066,23 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; + sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -607,15 +1090,17 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -626,11 +1111,11 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); - free(framed_tm_b); + free(framed_tm_b); free(truth_tm_b); free(ptr_processed_frame); } @@ -642,35 +1127,103 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_tm_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBb304db34a34610486e88a0bdba4aa6cef3b2"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBb304db34a34610486e88a0bdba4aa6cef3b2"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup // Mac from python based SHA256: b304db34a34610486e88a0bdba4aa6ce1bf1eaabd1018fc8b9e30d63043fd1e6 - char* truth_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max @@ -680,23 +1233,23 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; + sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -704,15 +1257,17 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -723,7 +1278,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -739,37 +1294,105 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_tm_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // Test frame setup - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB554bac80d1fdcff21fd6996bf1d91327bff1"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB554bac80d1fdcff21fd6996bf1d91327bff1"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - // Mac from python based SHA512: 554bac80d1fdcff21fd6996bf1d913270b7baee3f06f4946016ad8d2f872dabfe88dd77ac8472c8ab6b9d6c85f0b7e35d88024f26599ae97001b926735a73dd3 - char* truth_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + // Mac from python based SHA512: + // 554bac80d1fdcff21fd6996bf1d913270b7baee3f06f4946016ad8d2f872dabfe88dd77ac8472c8ab6b9d6c85f0b7e35d88024f26599ae97001b926735a73dd3 + char *truth_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max @@ -779,26 +1402,26 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; + sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Update key length for SHA512 - akp = key_if->get_key(sa_ptr->akid); + akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame @@ -807,15 +1430,17 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -826,7 +1451,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); @@ -842,37 +1467,105 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; - uint16_t processed_tm_len; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF,1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); status = Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *akp = NULL; // Test frame setup - char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB9933b46131d0ff5f4b0ab4295ca3ae9df6c2"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB9933b46131d0ff5f4b0ab4295ca3ae9df6c2"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - // Mac from python based SHA512: 9933b46131d0ff5f4b0ab4295ca3ae9d2d04fe2c5e302f3645c2f72d961d0628e43a8a6a2609dde923f622be54210fa92c857950b341c12408dc999ef5b1da8a - char* truth_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + // Mac from python based SHA512: + // 9933b46131d0ff5f4b0ab4295ca3ae9d2d04fe2c5e302f3645c2f72d961d0628e43a8a6a2609dde923f622be54210fa92c857950b341c12408dc999ef5b1da8a + char *truth_tm_h = + "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max @@ -882,26 +1575,26 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); - sa_ptr->ast = 1; - sa_ptr->est = 0; - sa_ptr->arsn_len = 0; + sa_ptr->ast = 1; + sa_ptr->est = 0; + sa_ptr->arsn_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->iv_len = 0; + sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; - sa_ptr->abm_len = 1786; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; - sa_ptr->ecs_len = 1; - sa_ptr->acs_len = 1; - sa_ptr->ekid = 0; - sa_ptr->akid = 136; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; + sa_ptr->ekid = 0; + sa_ptr->akid = 136; // Update key length for SHA512 - akp = key_if->get_key(sa_ptr->akid); + akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame @@ -910,15 +1603,17 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO - // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -929,11 +1624,11 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } Crypto_Shutdown(); - free(framed_tm_b); + free(framed_tm_b); free(truth_tm_b); free(ptr_processed_frame); } @@ -946,72 +1641,140 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; // SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); // Test frame setup Header |SPI| IV | Data - char* framed_tm_h = "02c0000018000005deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a125d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf07764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ede3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7eb50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e55434740731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411af43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25eedff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed328a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce097e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f9195b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf25f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955eee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd25761de798dc894009f391fd96d2471558a2c9656251af547a43"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = + "02c0000018000005deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4" + "b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a1" + "25d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10" + "e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6" + "bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4" + "a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867" + "ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf0" + "7764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ed" + "e3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c" + "1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3" + "d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2" + "ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7e" + "b50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784" + "aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e554347" + "40731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4" + "531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47" + "d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b" + "9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411a" + "f43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c" + "236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25ee" + "dff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed32" + "8a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce09" + "7e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff" + "2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693" + "bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f919" + "5b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf2" + "5f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e" + "8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512" + "798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84" + "560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955e" + "ee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1" + "346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd" + "25761de798dc894009f391fd96d2471558a2c9656251af547a43"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02c00000180000000000000000000000000000000000beef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a125d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf07764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ede3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7eb50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e55434740731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411af43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25eedff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed328a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce097e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f9195b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf25f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955eee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd25761de798dc894009f391fd96d2471558a2c9656251af540000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02c00000180000000000000000000000000000000000beef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4" + "b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a1" + "25d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10" + "e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6" + "bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4" + "a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867" + "ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf0" + "7764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ed" + "e3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c" + "1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3" + "d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2" + "ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7e" + "b50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784" + "aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e554347" + "40731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4" + "531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47" + "d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b" + "9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411a" + "f43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c" + "236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25ee" + "dff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed32" + "8a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce09" + "7e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff" + "2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693" + "bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f919" + "5b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf2" + "5f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e" + "8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512" + "798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84" + "560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955e" + "ee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1" + "346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd" + "25761de798dc894009f391fd96d2471558a2c9656251af540000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Expose/setup SAs for testing - SecurityAssociation_t ta; - SecurityAssociation_t* test_association = &ta; + SecurityAssociation_t ta; + SecurityAssociation_t *test_association = &ta; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 5 sa_if->sa_get_from_spi(5, &test_association); test_association->arsn_len = 0; - test_association->abm_len = 1786; + test_association->abm_len = 1786; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->acs_len = 1; - test_association->acs = CRYPTO_MAC_NONE; - test_association->iv_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_NONE; + test_association->iv_len = 16; test_association->shivf_len = 16; // Set a more obvious IV for test purposes - char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; - char* iv_b = NULL; - int iv_len = 0; + char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; + char *iv_b = NULL; + int iv_len = 0; hex_conversion(iv_h, &iv_b, &iv_len); memcpy(test_association->iv, iv_b, iv_len); - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("Decrypted frame contents:\n\t"); @@ -1035,7 +1798,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) for (int i = 0; i < 1786; i++) { printf("%02x", ptr_processed_frame[i]); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } printf("\n\n"); @@ -1053,75 +1816,143 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; // SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - - //Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); + + // Crypto_Config_Add_Gvcid_Managed_Parameters(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - // Test frame setup Header |SPI| IV | Data | MAC | FECF - char* framed_tm_h = "02c0000018000005deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a125d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf07764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ede3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7eb50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e55434740731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411af43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25eedff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed328a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce097e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f9195b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf25f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955eee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd25761de798dc8940E28F8D4AF98508C50E9FB1B11012DB279a92"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + // Test frame setup Header |SPI| IV | Data | MAC | FECF + char *framed_tm_h = + "02c0000018000005deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4" + "b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a1" + "25d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10" + "e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6" + "bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4" + "a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867" + "ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf0" + "7764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ed" + "e3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c" + "1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3" + "d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2" + "ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7e" + "b50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784" + "aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e554347" + "40731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4" + "531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47" + "d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b" + "9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411a" + "f43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c" + "236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25ee" + "dff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed32" + "8a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce09" + "7e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff" + "2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693" + "bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f919" + "5b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf2" + "5f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e" + "8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512" + "798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84" + "560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955e" + "ee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1" + "346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd" + "25761de798dc8940E28F8D4AF98508C50E9FB1B11012DB279a92"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); // Truth frame setup - char* truth_tm_h = "02C00000180000000000000000000000000000000000ABBE7D61948B49642780CBEDF9D81E93832EE23D00880A021621426E81EE87187AB2D74372744DD9834F5780E4DB4ACC2C83ABBDBD4A0664C18CF157FE112195E99157D0CD701B80359D1D4F771C99309CF3FD8FAB066F530AC8E9AB84B4981F2DB43FFA40C38567DAAA3A74A90B638BB37879E8F3D439AF851D0F0210916844549FE784F36BF57EB6865272B87A3A47C1B81CF6A9BE66E2FCD3A304617B8143E8010036BEECB5D232974A21035162A9A840404FA2C21C4BD6BB31D253B3D15CE28BB3613BAE5D5A1883D3AEE2D645BA9CFDFFED3FFB4F369C81529656BD834F896D4E0D0AE14FF7ED00FB04A2814F1D2C05790D81BAB41ADC9C28A48C301BDFFB740276F23DE5E7B01C17F7472A16F3DC0F36A2524ACFD4D6B985D19855C2D362E4F8BF08961B7C01B2AB6719363E22A88EB7C1CF45F77D2AC610696E8D9EBB2002142B31B78BD59B90726DD8E5CB66B0975244F58AB0CFAA12F7412C85C1D94411999F71D8F1374661549867F326B971CD54293288FCE32D31CAF0D36F8C34F6915D0AEFFA79E153F62AE1BC96729EA4CF38DD20A5C32CB6AFFBFC9406E023C0146AF952315B54E4FDFD1968DBBE903CBBE504EEC52EDFB0BB45A43257BD65C595800CC826FE0F51FDE021B2621C1C2C22CBC6CEF368707070DB7A51EF0B85EFF895726A15DE35127DFC296FF063A40AA560FEAC5DB5D88B6D945791BAFCC820D50F4D3EEB552E8B331A3274F862BEA7C4197569616BD1CF39830F2B839227629BBF061C86CAF602EFCF8B3FE6055A1FD7C984670A5FF9AE9C8F0F5AB296180B4005CA57CA772535BEC28D7F473C1E69697256AE32B67B9D17A90F9CF7D4A366ECEA5BEDFB75F4F6DC7EDD94D19E34D55F14B1C4707605F11B34B198669DD752950A1935545F29D6BF371CCEF29CE265E4AD76EB7762AD7A5C90569E0426A6141B27162A0A0F35515138A478C5802FAC92D974383B708F418BCC852F077A8200E546149195C0C491319EE8A9EF4ACBE678A80F3F257AE7B6130360209C4E2B8DCBD3B6BC405B83BD6CE21975441772769400F0668454B537B7FEA2461648A549AD676CD1CAE5E3465979D0A44CD9B99E99EB4EB1A979AF458A2DAC28E42B8602EBC96975FACABE518BFC52E37D5DDFA643E2E04432824EF697E03BF97E7B50406EF43F20942E9FDDD9DAD6EB4A2C36D02DC32504AF6E5F44691C9418A1035410E002AB10F9A59F4500F43CC565C7705E4AA024BED1A30998DE13202272548953DEE02601513601942713860A47710F5E87674C9EB7522F2D505EBD08F9A80E9BE839B778D8BE23AC4E1D43B03D9A5B096AC8DC0E0C50D20B9BCBCA8DBE92F987E7D32884ECD2B45ACDFF363ADD95747DDAE060EB9958CE341A1F4D241E654FC878107C2EC8497B0F186781B2CBD23B09AFA0A48055768B16804E784CC91A2A90F4652C311D80820D5B656FA5882629C02871C4EE664CF5F1B785DDD63E42443103409693A66848B83F061644D11E6FB7C4B33FA51415B1556070DED7494D3CE5FEF874E5D393710AFA75D9546F47AEF73F324505151E7FBAD3B990C2E6DBF75AC10E1B1A564DB3D9978171AA2AA25BD30348F5B3CE3EF42CC3D3693A73EE13D31529D1EFE0060802444FD6D5C30A38235039976265D99D2BEA11494C50B93E11772E53CDF2D32EB11BF8B10F175FA6041DEB89C2397F3C145E3D2864F289365C2C26F1FBA6FEA2A8F70B54C51B29A13CB7AEE712CE6386A02C6536455FC2159ACE09EB8DCEC97457DDF907315611DB226BD166B40DEAB83B958AADD08FF1188DBCE13B4629F6D3F28DF383D957E0AD01AB4AEB124827A6EF3CD4E5D1926AA1323B560650F082EFA8A4E39675DDD9988003988F50028508B6B384E7C45D5A943357F7A3287E8C3B7D6CD5E490B4234EB5E0CF3C6271A40A896A0475E08E700DC8E21F8EB95A8E07ED56664114107CC2901F5FA07F17955CE49F8A2F48E8E7865A0C0534BC1F65FA79C73CCCD1D91D92E6B055EB0A5C06E2C863431E104BDFCD28DA3708660DD7577F8F02C6B3579E4A2842BF8215A2F929957090490F65E98F6C2CA829942CFFA971AEC14078C371A5A4A6794B782664C99F3D55102BC8D9BA568F773153BB7F274D2C550CAD9D21C7BDE49916B01AB9503EECC7D51103F9FACABFE72905CF94BCC52B1AD026A0EF0F4374DD58F8B32EB3717C33224506D6834D1D37E18179E1859CF3E1A8D238B9950DBB61FCD881DA6AB0C08D2589621AE10A3999DAEB98F75741EC96076ECC1FD800D4E7178BEC7EFAF77A5E2C356DBE5D253228235B8E1BF218ED3FE9524A302192CF8C45AF5FFCC46740B536D521D9FF340E2BC3BA2E9115B45C8FD4825AF3EA559DEBD57C55E30172CF3E7D5C577BB8AAB26055EDE865C7FE5832126BC76516A5899DD166AD04E4E23532FB2CB4C1353B80A4EB8979EB91841899A60A9DC056FCA3000000000000000000000000000000000000"; - char* truth_tm_b = NULL; - int truth_tm_len = 0; + char *truth_tm_h = + "02C00000180000000000000000000000000000000000ABBE7D61948B49642780CBEDF9D81E93832EE23D00880A021621426E81EE87187A" + "B2D74372744DD9834F5780E4DB4ACC2C83ABBDBD4A0664C18CF157FE112195E99157D0CD701B80359D1D4F771C99309CF3FD8FAB066F53" + "0AC8E9AB84B4981F2DB43FFA40C38567DAAA3A74A90B638BB37879E8F3D439AF851D0F0210916844549FE784F36BF57EB6865272B87A3A" + "47C1B81CF6A9BE66E2FCD3A304617B8143E8010036BEECB5D232974A21035162A9A840404FA2C21C4BD6BB31D253B3D15CE28BB3613BAE" + "5D5A1883D3AEE2D645BA9CFDFFED3FFB4F369C81529656BD834F896D4E0D0AE14FF7ED00FB04A2814F1D2C05790D81BAB41ADC9C28A48C" + "301BDFFB740276F23DE5E7B01C17F7472A16F3DC0F36A2524ACFD4D6B985D19855C2D362E4F8BF08961B7C01B2AB6719363E22A88EB7C1" + "CF45F77D2AC610696E8D9EBB2002142B31B78BD59B90726DD8E5CB66B0975244F58AB0CFAA12F7412C85C1D94411999F71D8F137466154" + "9867F326B971CD54293288FCE32D31CAF0D36F8C34F6915D0AEFFA79E153F62AE1BC96729EA4CF38DD20A5C32CB6AFFBFC9406E023C014" + "6AF952315B54E4FDFD1968DBBE903CBBE504EEC52EDFB0BB45A43257BD65C595800CC826FE0F51FDE021B2621C1C2C22CBC6CEF3687070" + "70DB7A51EF0B85EFF895726A15DE35127DFC296FF063A40AA560FEAC5DB5D88B6D945791BAFCC820D50F4D3EEB552E8B331A3274F862BE" + "A7C4197569616BD1CF39830F2B839227629BBF061C86CAF602EFCF8B3FE6055A1FD7C984670A5FF9AE9C8F0F5AB296180B4005CA57CA77" + "2535BEC28D7F473C1E69697256AE32B67B9D17A90F9CF7D4A366ECEA5BEDFB75F4F6DC7EDD94D19E34D55F14B1C4707605F11B34B19866" + "9DD752950A1935545F29D6BF371CCEF29CE265E4AD76EB7762AD7A5C90569E0426A6141B27162A0A0F35515138A478C5802FAC92D97438" + "3B708F418BCC852F077A8200E546149195C0C491319EE8A9EF4ACBE678A80F3F257AE7B6130360209C4E2B8DCBD3B6BC405B83BD6CE219" + "75441772769400F0668454B537B7FEA2461648A549AD676CD1CAE5E3465979D0A44CD9B99E99EB4EB1A979AF458A2DAC28E42B8602EBC9" + "6975FACABE518BFC52E37D5DDFA643E2E04432824EF697E03BF97E7B50406EF43F20942E9FDDD9DAD6EB4A2C36D02DC32504AF6E5F4469" + "1C9418A1035410E002AB10F9A59F4500F43CC565C7705E4AA024BED1A30998DE13202272548953DEE02601513601942713860A47710F5E" + "87674C9EB7522F2D505EBD08F9A80E9BE839B778D8BE23AC4E1D43B03D9A5B096AC8DC0E0C50D20B9BCBCA8DBE92F987E7D32884ECD2B4" + "5ACDFF363ADD95747DDAE060EB9958CE341A1F4D241E654FC878107C2EC8497B0F186781B2CBD23B09AFA0A48055768B16804E784CC91A" + "2A90F4652C311D80820D5B656FA5882629C02871C4EE664CF5F1B785DDD63E42443103409693A66848B83F061644D11E6FB7C4B33FA514" + "15B1556070DED7494D3CE5FEF874E5D393710AFA75D9546F47AEF73F324505151E7FBAD3B990C2E6DBF75AC10E1B1A564DB3D9978171AA" + "2AA25BD30348F5B3CE3EF42CC3D3693A73EE13D31529D1EFE0060802444FD6D5C30A38235039976265D99D2BEA11494C50B93E11772E53" + "CDF2D32EB11BF8B10F175FA6041DEB89C2397F3C145E3D2864F289365C2C26F1FBA6FEA2A8F70B54C51B29A13CB7AEE712CE6386A02C65" + "36455FC2159ACE09EB8DCEC97457DDF907315611DB226BD166B40DEAB83B958AADD08FF1188DBCE13B4629F6D3F28DF383D957E0AD01AB" + "4AEB124827A6EF3CD4E5D1926AA1323B560650F082EFA8A4E39675DDD9988003988F50028508B6B384E7C45D5A943357F7A3287E8C3B7D" + "6CD5E490B4234EB5E0CF3C6271A40A896A0475E08E700DC8E21F8EB95A8E07ED56664114107CC2901F5FA07F17955CE49F8A2F48E8E786" + "5A0C0534BC1F65FA79C73CCCD1D91D92E6B055EB0A5C06E2C863431E104BDFCD28DA3708660DD7577F8F02C6B3579E4A2842BF8215A2F9" + "29957090490F65E98F6C2CA829942CFFA971AEC14078C371A5A4A6794B782664C99F3D55102BC8D9BA568F773153BB7F274D2C550CAD9D" + "21C7BDE49916B01AB9503EECC7D51103F9FACABFE72905CF94BCC52B1AD026A0EF0F4374DD58F8B32EB3717C33224506D6834D1D37E181" + "79E1859CF3E1A8D238B9950DBB61FCD881DA6AB0C08D2589621AE10A3999DAEB98F75741EC96076ECC1FD800D4E7178BEC7EFAF77A5E2C" + "356DBE5D253228235B8E1BF218ED3FE9524A302192CF8C45AF5FFCC46740B536D521D9FF340E2BC3BA2E9115B45C8FD4825AF3EA559DEB" + "D57C55E30172CF3E7D5C577BB8AAB26055EDE865C7FE5832126BC76516A5899DD166AD04E4E23532FB2CB4C1353B80A4EB8979EB918418" + "99A60A9DC056FCA3000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = + Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Expose/setup SAs for testing - SecurityAssociation_t ta; - SecurityAssociation_t* test_association = &ta; + SecurityAssociation_t ta; + SecurityAssociation_t *test_association = &ta; // Deactivate SA 1 sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; // Activate SA 5 sa_if->sa_get_from_spi(5, &test_association); test_association->arsn_len = 0; - test_association->abm_len = 1786; + test_association->abm_len = 1786; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 1; - test_association->est = 1; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->acs_len = 1; - test_association->acs = CRYPTO_MAC_NONE; - test_association->iv_len = 16; - test_association->shivf_len = 16; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 1; + test_association->est = 1; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->acs_len = 1; + test_association->acs = CRYPTO_MAC_NONE; + test_association->iv_len = 16; + test_association->shivf_len = 16; test_association->stmacf_len = 16; // Set a more obvious IV for test purposes - char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; - char* iv_b = NULL; - int iv_len = 0; + char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; + char *iv_b = NULL; + int iv_len = 0; hex_conversion(iv_h, &iv_b, &iv_len); memcpy(test_association->iv, iv_b, iv_len); - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("Decrypted frame contents:\n\t"); @@ -1134,7 +1965,7 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) for (int i = 0; i < 1786; i++) { // printf("%02x", ptr_processed_frame[i]); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); } printf("\n\n"); @@ -1148,29 +1979,31 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_HAS_IZ, 10); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); status = Crypto_Init(); // Test frame setup - char* framed_tm_h = "02c00000180000FFFFFF"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = "02c00000180000FFFFFF"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); Crypto_Shutdown(); @@ -1181,31 +2014,33 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); status = Crypto_Init(); - TC_t* tc_sdls_processed_frame; + TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - char* framed_tm_h = "02C000001800002C414243444546"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = "02C000001800002C414243444546"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); free(framed_tm_b); From cb5a3dc1b70bf32cf345b66f77c70095a133e8ac Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 21 Oct 2024 12:57:38 +0000 Subject: [PATCH 148/241] [nasa/cryptolib#299] Formatted --- src/core/crypto_aos.c | 10 +++++----- src/core/crypto_tm.c | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index 50af7e82..395844e6 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -464,11 +464,11 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer) { status = cryptography_if->cryptography_authenticate( // Stub out data in/out as this is done in place and // want to save cycles - (uint8_t *)(&pTfBuffer[0]), // ciphertext output - (size_t)0, // length of data - (uint8_t *)(&pTfBuffer[0]), // plaintext input - (size_t)0, // in data length - from start of frame to end of data - &(akp->value[0]), // Key + (uint8_t *)(&pTfBuffer[0]), // ciphertext output + (size_t)0, // length of data + (uint8_t *)(&pTfBuffer[0]), // plaintext input + (size_t)0, // in data length - from start of frame to end of data + &(akp->value[0]), // Key Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 7ef3ca98..3d162397 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -387,11 +387,11 @@ int32_t Crypto_TM_Do_Encrypt_NONPLAINTEXT_AEAD_Logic(uint8_t sa_service_type, ui { status = cryptography_if->cryptography_authenticate( // Stub out data in/out as this is done in place and // want to save cycles - (uint8_t *)(&pTfBuffer[0]), // ciphertext output - (size_t)0, // length of data - (uint8_t *)(&pTfBuffer[0]), // plaintext input - (size_t)0, // in data length - from start of frame to end of data - &(akp->value[0]), // Key + (uint8_t *)(&pTfBuffer[0]), // ciphertext output + (size_t)0, // length of data + (uint8_t *)(&pTfBuffer[0]), // plaintext input + (size_t)0, // in data length - from start of frame to end of data + &(akp->value[0]), // Key Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV From a3f2e7805a96023c43f1df3a1f96c2fd20c4d05b Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 21 Oct 2024 12:58:29 +0000 Subject: [PATCH 149/241] [nasa/cryptolib#299] Remove testing branch from push triggers --- .github/workflows/cpp-linter.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/cpp-linter.yml b/.github/workflows/cpp-linter.yml index 0dc00c2e..b0feee60 100644 --- a/.github/workflows/cpp-linter.yml +++ b/.github/workflows/cpp-linter.yml @@ -1,8 +1,6 @@ name: cpp-linter on: - push: - branches: [ 299-setup-code-formatter ] pull_request: branches: [ main, dev ] From 7582697980d8312797e60d9991423a576df27b7b Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 21 Oct 2024 19:43:19 +0000 Subject: [PATCH 150/241] [nasa/cryptolib#209] Formatted Code --- include/crypto_structs.h | 24 ++++----- src/core/crypto.c | 45 +++++++++-------- src/core/crypto_config.c | 28 +++++------ src/core/crypto_mc.c | 2 +- src/core/crypto_print.c | 4 +- src/core/crypto_tm.c | 100 +++++++++++++++++++------------------- test/unit/ut_tm_process.c | 20 ++++---- 7 files changed, 111 insertions(+), 112 deletions(-) diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 3649f900..2498002e 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -362,11 +362,11 @@ typedef struct uint8_t cie : 2; // COP In Effect uint8_t vci : 6; // Virtual Channel Identification uint8_t spare0 : 2; // Reserved Spare "00" - uint8_t nrfaf : 1; // No RF Avaliable Flag - uint8_t nblf : 1; // No Bit Lock Flag - uint8_t lof : 1; // Lock-Out Flag - uint8_t waitf : 1; // Wait Flag - uint8_t rtf : 1; // Retransmit Flag + uint8_t nrfaf : 1; // No RF Avaliable Flag + uint8_t nblf : 1; // No Bit Lock Flag + uint8_t lof : 1; // Lock-Out Flag + uint8_t waitf : 1; // Wait Flag + uint8_t rtf : 1; // Retransmit Flag uint8_t fbc : 2; // FARM-B Counter uint8_t spare1 : 1; // Reserved Spare "0" uint8_t rv : 8; // Report Value @@ -378,14 +378,14 @@ typedef struct // Ref: Version 100, CCSDS 355.1-B-1, Feb 2020 typedef struct { - uint8_t cwt : 1; // Control Word Type "1" - uint8_t fvn : 3; // FSR Version Number "100" - uint8_t af : 1; // Alarm Flag - uint8_t bsnf : 1; // Bad Sequence Number Flag - uint8_t bmacf : 1; // Bad Mac Flag - uint8_t bsaf : 1; // Bad Security Association Flag + uint8_t cwt : 1; // Control Word Type "1" + uint8_t fvn : 3; // FSR Version Number "100" + uint8_t af : 1; // Alarm Flag + uint8_t bsnf : 1; // Bad Sequence Number Flag + uint8_t bmacf : 1; // Bad Mac Flag + uint8_t bsaf : 1; // Bad Security Association Flag uint16_t lspi : 16; // Last SPI Used - uint8_t snval : 8; // Sequence Number Value (LSB) + uint8_t snval : 8; // Sequence Number Value (LSB) } Telemetry_Frame_Ocf_Fsr_t; #define TELEMETRY_FRAME_OCF_FSR_SIZE (sizeof(Telemetry_Frame_Ocf_Fsr_t)) diff --git a/src/core/crypto.c b/src/core/crypto.c index f0ba9cc1..4736cd12 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -1122,11 +1122,11 @@ int32_t Crypto_Get_ACS_Algo_Keylen(uint8_t algo) } /** -* @brief: Function: Crypto_Get_Security_Header_Length -* Return Security Header Length -* @param sa_ptr: SecurityAssociation_t* -**/ -int32_t Crypto_Get_Security_Header_Length(SecurityAssociation_t* sa_ptr) + * @brief: Function: Crypto_Get_Security_Header_Length + * Return Security Header Length + * @param sa_ptr: SecurityAssociation_t* + **/ +int32_t Crypto_Get_Security_Header_Length(SecurityAssociation_t *sa_ptr) { /* Narrator's Note: Leaving this here for future work ** eventually we need a way to reconcile cryptolib managed parameters with TO managed parameters @@ -1135,8 +1135,8 @@ int32_t Crypto_Get_Security_Header_Length(SecurityAssociation_t* sa_ptr) gvcid_managed_parameters, temp_current_managed_parameters); */ - if (!sa_ptr) - { + if (!sa_ptr) + { #ifdef DEBUG printf(KRED "Get_Security_Header_Length passed Null SA!\n" RESET); #endif @@ -1150,14 +1150,14 @@ int32_t Crypto_Get_Security_Header_Length(SecurityAssociation_t* sa_ptr) } /** -* @brief: Function: Crypto_Get_Security_Trailer_Length -* Return Security Trailer Length -* @param sa_ptr: SecurityAssociation_t* -**/ -int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t* sa_ptr) + * @brief: Function: Crypto_Get_Security_Trailer_Length + * Return Security Trailer Length + * @param sa_ptr: SecurityAssociation_t* + **/ +int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t *sa_ptr) { - if (!sa_ptr) - { + if (!sa_ptr) + { #ifdef DEBUG printf(KRED "Get_Trailer_Trailer_Length passed Null SA!\n" RESET); #endif @@ -1168,19 +1168,18 @@ int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t* sa_ptr) securityTrailerLength = sa_ptr->stmacf_len; return securityTrailerLength; - } uint32_t Crypto_Get_FSR() { uint32_t fsr; - fsr = (report.cwt << 31) | // bit(s) 1 - (report.fvn << 28) | // bit(s) 2-4 - (report.af << 27) | // bit(s) 5 - (report.bsnf << 26) | // bit(s) 6 - (report.bmacf << 25) | // bit(s) 7 - (report.bsaf << 24) | // bit(s) 8 - (report.lspi << 8) | // bit(s) 9-24 - (report.snval << 0); // bit(s) 25-32 + fsr = (report.cwt << 31) | // bit(s) 1 + (report.fvn << 28) | // bit(s) 2-4 + (report.af << 27) | // bit(s) 5 + (report.bsnf << 26) | // bit(s) 6 + (report.bmacf << 25) | // bit(s) 7 + (report.bsaf << 24) | // bit(s) 8 + (report.lspi << 8) | // bit(s) 9-24 + (report.snval << 0); // bit(s) 25-32 return fsr; } diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index a6e737c5..d4101e56 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -828,24 +828,24 @@ void Crypto_Local_Init(void) clcw.cie = 1; // COP In Effect clcw.vci = 0; // Virtual Channel Identification clcw.spare0 = 0; // Reserved Spare - clcw.nrfaf = 0; // No RF Avaliable Flag - clcw.nblf = 0; // No Bit Lock Flag - clcw.lof = 0; // Lock-Out Flag - clcw.waitf = 0; // Wait Flag - clcw.rtf = 0; // Retransmit Flag - clcw.fbc = 0; // FARM-B Counter + clcw.nrfaf = 0; // No RF Avaliable Flag + clcw.nblf = 0; // No Bit Lock Flag + clcw.lof = 0; // Lock-Out Flag + clcw.waitf = 0; // Wait Flag + clcw.rtf = 0; // Retransmit Flag + clcw.fbc = 0; // FARM-B Counter clcw.spare1 = 0; // Reserved Spare clcw.rv = 0; // Report Value // Initialize Frame Security Report - report.cwt = 1; // Control Word Type "0b1"" - report.fvn = 4; // FSR Version "0b100"" - report.af = 0; // Alarm Field - report.bsnf = 0; // Bad SN Flag - report.bmacf = 0;// Bad MAC Flag - report.bsaf = 0; // Invalid SPI Flag - report.lspi = 0; // Last SPI Used - report.snval = 0;// SN Value (LSB) + report.cwt = 1; // Control Word Type "0b1"" + report.fvn = 4; // FSR Version "0b100"" + report.af = 0; // Alarm Field + report.bsnf = 0; // Bad SN Flag + report.bmacf = 0; // Bad MAC Flag + report.bsaf = 0; // Invalid SPI Flag + report.lspi = 0; // Last SPI Used + report.snval = 0; // SN Value (LSB) } /** diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 0deffbfb..4f90bfcd 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -349,6 +349,6 @@ int32_t Crypto_MC_resetalarm(void) report.af = 0; report.bsnf = 0; report.bmacf = 0; - report.bsaf = 0; + report.bsaf = 0; return CRYPTO_LIB_SUCCESS; } diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index 1764b744..4fc5bb6e 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -128,7 +128,7 @@ void Crypto_Print_Sdls_Ep_Reply(void) * Prints the current CLCW in memory. * @param clcw: Telemetry_Frame_Ocf_Clcw_t* **/ -void Crypto_clcwPrint(Telemetry_Frame_Ocf_Clcw_t* clcw) +void Crypto_clcwPrint(Telemetry_Frame_Ocf_Clcw_t *clcw) { printf("Current CLCW in memory is: \n"); printf("\t cwt = 0x%01x \n", clcw->cwt); @@ -153,7 +153,7 @@ void Crypto_clcwPrint(Telemetry_Frame_Ocf_Clcw_t* clcw) * Prints the current FSR in memory. * @param report: Telemetry_Frame_Ocf_Fsr_t* **/ -void Crypto_fsrPrint(Telemetry_Frame_Ocf_Fsr_t* report) +void Crypto_fsrPrint(Telemetry_Frame_Ocf_Fsr_t *report) { printf("Current FSR in memory is: \n"); printf("\t cwt = 0x%01x \n", report->cwt); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index c923b6de..7cc0b625 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1836,57 +1836,57 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_ return status; } -void Crypto_TM_Print_CLCW(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) +void Crypto_TM_Print_CLCW(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) { - if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) - { - byte_idx += (pdu_len + sa_ptr->stmacf_len); - Telemetry_Frame_Ocf_Clcw_t clcw; - clcw.cwt = (p_ingest[byte_idx] >> 7) & 0x0001; - clcw.cvn = (p_ingest[byte_idx] >> 5) & 0x0003; - clcw.sf = (p_ingest[byte_idx] >> 2) & 0x0007; - clcw.cie = (p_ingest[byte_idx] >> 0) & 0x0003; - byte_idx += 1; - clcw.vci = (p_ingest[byte_idx] >> 2) & 0x003F; - clcw.spare0 = (p_ingest[byte_idx] >> 0) & 0x0003; - byte_idx += 1; - clcw.nrfaf = (p_ingest[byte_idx] >> 7) & 0x0001; - clcw.nblf = (p_ingest[byte_idx] >> 6) & 0x0001; - clcw.lof = (p_ingest[byte_idx] >> 5) & 0x0001; - clcw.waitf = (p_ingest[byte_idx] >> 4) & 0x0001; - clcw.rtf = (p_ingest[byte_idx] >> 3) & 0x0001; - clcw.fbc = (p_ingest[byte_idx] >> 1) & 0x0003; - clcw.spare1 = (p_ingest[byte_idx] >> 0) & 0x0001; - byte_idx += 1; - clcw.rv = (p_ingest[byte_idx]); - byte_idx += 1; - - Crypto_clcwPrint(&clcw); - } + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + { + byte_idx += (pdu_len + sa_ptr->stmacf_len); + Telemetry_Frame_Ocf_Clcw_t clcw; + clcw.cwt = (p_ingest[byte_idx] >> 7) & 0x0001; + clcw.cvn = (p_ingest[byte_idx] >> 5) & 0x0003; + clcw.sf = (p_ingest[byte_idx] >> 2) & 0x0007; + clcw.cie = (p_ingest[byte_idx] >> 0) & 0x0003; + byte_idx += 1; + clcw.vci = (p_ingest[byte_idx] >> 2) & 0x003F; + clcw.spare0 = (p_ingest[byte_idx] >> 0) & 0x0003; + byte_idx += 1; + clcw.nrfaf = (p_ingest[byte_idx] >> 7) & 0x0001; + clcw.nblf = (p_ingest[byte_idx] >> 6) & 0x0001; + clcw.lof = (p_ingest[byte_idx] >> 5) & 0x0001; + clcw.waitf = (p_ingest[byte_idx] >> 4) & 0x0001; + clcw.rtf = (p_ingest[byte_idx] >> 3) & 0x0001; + clcw.fbc = (p_ingest[byte_idx] >> 1) & 0x0003; + clcw.spare1 = (p_ingest[byte_idx] >> 0) & 0x0001; + byte_idx += 1; + clcw.rv = (p_ingest[byte_idx]); + byte_idx += 1; + + Crypto_clcwPrint(&clcw); + } } -void Crypto_TM_Set_FSR(uint8_t* p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t* sa_ptr) +void Crypto_TM_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) { - if(current_managed_parameters_struct.has_ocf == TM_HAS_OCF) - { - Telemetry_Frame_Ocf_Fsr_t temp_report; - byte_idx += (pdu_len + sa_ptr->stmacf_len); - temp_report.cwt = (p_ingest[byte_idx] >> 7) & 0x0001; - temp_report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; - temp_report.af = (p_ingest[byte_idx] >> 3) & 0x0001; - temp_report.bsnf = (p_ingest[byte_idx] >> 2) & 0x0001; - temp_report.bmacf = (p_ingest[byte_idx] >> 1) & 0x0001; - temp_report.bsaf = (p_ingest[byte_idx] & 0x0001); - byte_idx += 1; - temp_report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); - byte_idx += 2; - temp_report.snval = (p_ingest[byte_idx]); - byte_idx++; - report = temp_report; + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + { + Telemetry_Frame_Ocf_Fsr_t temp_report; + byte_idx += (pdu_len + sa_ptr->stmacf_len); + temp_report.cwt = (p_ingest[byte_idx] >> 7) & 0x0001; + temp_report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; + temp_report.af = (p_ingest[byte_idx] >> 3) & 0x0001; + temp_report.bsnf = (p_ingest[byte_idx] >> 2) & 0x0001; + temp_report.bmacf = (p_ingest[byte_idx] >> 1) & 0x0001; + temp_report.bsaf = (p_ingest[byte_idx] & 0x0001); + byte_idx += 1; + temp_report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); + byte_idx += 2; + temp_report.snval = (p_ingest[byte_idx]); + byte_idx++; + report = temp_report; #ifdef TM_DEBUG - Crypto_fsrPrint(&report); + Crypto_fsrPrint(&report); #endif - } + } } /** @@ -2059,25 +2059,23 @@ variables if (sa_if->sa_get_from_spi(tm_frame[0], &sa_ptr) != CRYPTO_LIB_SUCCESS /** * @brief Function: Crypto_TM_updateOCF * Update the TM OCF -**/ + **/ -void Crypto_TM_updateOCF(Telemetry_Frame_Ocf_Fsr_t* report, TM_t* tm_frame) +void Crypto_TM_updateOCF(Telemetry_Frame_Ocf_Fsr_t *report, TM_t *tm_frame) { // TODO tm_frame->tm_sec_trailer.ocf[0] = (report->cwt << 7) | (report->fvn << 4) | (report->af << 3) | - (report->bsnf << 2) | (report->bmacf << 1) | (report->bsaf); + (report->bsnf << 2) | (report->bmacf << 1) | (report->bsaf); tm_frame->tm_sec_trailer.ocf[1] = (report->lspi & 0xFF00) >> 8; tm_frame->tm_sec_trailer.ocf[2] = (report->lspi & 0x00FF); tm_frame->tm_sec_trailer.ocf[3] = (report->snval); // Alternate OCF - //ocf = 0; + // ocf = 0; #ifdef OCF_DEBUG Crypto_fsrPrint(report); #endif - } - /** * @brief Function: Crypto_Prepare_TM_AAD * Bitwise ANDs buffer with abm, placing results in aad buffer diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 005c6833..d5232efd 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -2015,18 +2015,20 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) UTEST(TM_PROCESS, TM_OCF_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t* ptr_processed_frame = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; // Configure Parameters - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); - GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 16, TM_HAS_OCF, 1}; + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_HAS_IZ, 10); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 16, TM_HAS_OCF, 1}; ======= UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) { @@ -2052,12 +2054,12 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) <<<<<<< HEAD // Test frame setup - char* framed_tm_h = "02C0000D180000000000C0000000FFFF"; - char* framed_tm_b = NULL; - int framed_tm_len = 0; + char *framed_tm_h = "02C0000D180000000000C0000000FFFF"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("FSR: %08X\n", Crypto_Get_FSR()); From b10220f21376ee242a70c3633c2a74a25d78ca38 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 21 Oct 2024 20:10:00 +0000 Subject: [PATCH 151/241] [nasa/cryptolib#209] Fixed Unresolved Merge Conflict --- include/crypto.h | 3 ++- src/core/crypto_tm.c | 12 +++++----- test/unit/ut_tm_process.c | 49 ++++++++++++++++++++++----------------- 3 files changed, 36 insertions(+), 28 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index a8349703..3d95e99f 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -219,12 +219,13 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ crypto_key_t *ekp, crypto_key_t *akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t *aad, uint8_t **pp_processed_frame, uint16_t *p_decrypted_length); void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); +void Crypto_TM_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); extern int32_t Crypto_increment(uint8_t *num, int length); int32_t Crypto_Get_tmLength(int len); uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id); void Crypto_TM_updatePDU(uint8_t *ingest, int len_ingest); -void Crypto_TM_updateOCF(void); +void Crypto_TM_updateOCF(Telemetry_Frame_Ocf_Fsr_t *report, TM_t *tm_frame); uint8_t *Crypto_Prepare_TC_AAD(uint8_t *buffer, uint16_t len_aad, uint8_t *abm_buffer); uint32_t Crypto_Prepare_TM_AAD(const uint8_t *buffer, uint16_t len_aad, const uint8_t *abm_buffer, uint8_t *aad); uint32_t Crypto_Prepare_AOS_AAD(const uint8_t *buffer, uint16_t len_aad, const uint8_t *abm_buffer, uint8_t *aad); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 7cc0b625..9a6af1ff 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1871,12 +1871,12 @@ void Crypto_TM_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, S { Telemetry_Frame_Ocf_Fsr_t temp_report; byte_idx += (pdu_len + sa_ptr->stmacf_len); - temp_report.cwt = (p_ingest[byte_idx] >> 7) & 0x0001; - temp_report.fvn = (p_ingest[byte_idx] >> 4) & 0x0007; - temp_report.af = (p_ingest[byte_idx] >> 3) & 0x0001; - temp_report.bsnf = (p_ingest[byte_idx] >> 2) & 0x0001; - temp_report.bmacf = (p_ingest[byte_idx] >> 1) & 0x0001; - temp_report.bsaf = (p_ingest[byte_idx] & 0x0001); + temp_report.cwt = (p_ingest[byte_idx] >> 7) & 0x01; + temp_report.fvn = (p_ingest[byte_idx] >> 4) & 0x07; + temp_report.af = (p_ingest[byte_idx] >> 3) & 0x01; + temp_report.bsnf = (p_ingest[byte_idx] >> 2) & 0x01; + temp_report.bmacf = (p_ingest[byte_idx] >> 1) & 0x01; + temp_report.bsaf = (p_ingest[byte_idx] & 0x01); byte_idx += 1; temp_report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); byte_idx += 2; diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index d5232efd..8f5b0c3c 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -1998,7 +1998,7 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) status = Crypto_Init(); // Test frame setup - char *framed_tm_h = "02c00000180000FFFFFF"; + char *framed_tm_h = "02C00000180000FFFFFF"; char *framed_tm_b = NULL; int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); @@ -2011,7 +2011,6 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) free(ptr_processed_frame); } -<<<<<<< HEAD UTEST(TM_PROCESS, TM_OCF_TEST) { // Local Variables @@ -2029,7 +2028,33 @@ UTEST(TM_PROCESS, TM_OCF_TEST) // AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t TM_UT_Managed_Parameters = { 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 16, TM_HAS_OCF, 1}; -======= + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); + Crypto_Init(); + + // Test frame setup + char *framed_tm_h = "02C0000D180000000000DEADBEEFFFFF"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + SecurityAssociation_t *test_association; + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + // Activate SA 5 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("FSR: %08X\n", Crypto_Get_FSR()); + + Crypto_Shutdown(); + free(framed_tm_b); + free(ptr_processed_frame); +} + UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) { // Local Variables @@ -2047,27 +2072,10 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TM_UT_Managed_Parameters = { 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; ->>>>>>> dev Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); status = Crypto_Init(); -<<<<<<< HEAD - // Test frame setup - char *framed_tm_h = "02C0000D180000000000C0000000FFFF"; - char *framed_tm_b = NULL; - int framed_tm_len = 0; - hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("FSR: %08X\n", Crypto_Get_FSR()); - - Crypto_Shutdown(); - free(framed_tm_b); - free(ptr_processed_frame); -======= TC_t *tc_sdls_processed_frame; tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); @@ -2082,7 +2090,6 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) free(framed_tm_b); free(tc_sdls_processed_frame); Crypto_Shutdown(); ->>>>>>> dev } UTEST_MAIN(); \ No newline at end of file From 32c2c120b300ba3145c02bac7a76c224253e88ae Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 24 Oct 2024 13:47:03 +0000 Subject: [PATCH 152/241] [nasa/cryptolib#209] AOS FSR/CLCW Support --- include/crypto.h | 2 +- src/core/crypto.c | 24 ++++++++++ src/core/crypto_aos.c | 1 + src/core/crypto_tm.c | 26 +--------- .../internal/sa_interface_inmemory.template.c | 11 +++-- test/unit/ut_aos_process.c | 48 ++++++++++++++++++- 6 files changed, 80 insertions(+), 32 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 3d95e99f..87e04d27 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -161,6 +161,7 @@ int32_t Crypto_TC_Set_IV(SecurityAssociation_t *sa_ptr, uint8_t *p_new_enc_frame // OCF uint32_t Crypto_Get_FSR(); +void Crypto_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); // Telemetry (TM) extern int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer); @@ -219,7 +220,6 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ crypto_key_t *ekp, crypto_key_t *akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, uint8_t *aad, uint8_t **pp_processed_frame, uint16_t *p_decrypted_length); void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); -void Crypto_TM_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); extern int32_t Crypto_increment(uint8_t *num, int length); int32_t Crypto_Get_tmLength(int len); diff --git a/src/core/crypto.c b/src/core/crypto.c index 4736cd12..1b9eaf81 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -1170,6 +1170,30 @@ int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t *sa_ptr) return securityTrailerLength; } +void Crypto_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) +{ + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF || current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + { + Telemetry_Frame_Ocf_Fsr_t temp_report; + byte_idx += (pdu_len + sa_ptr->stmacf_len); + temp_report.cwt = (p_ingest[byte_idx] >> 7) & 0x01; + temp_report.fvn = (p_ingest[byte_idx] >> 4) & 0x07; + temp_report.af = (p_ingest[byte_idx] >> 3) & 0x01; + temp_report.bsnf = (p_ingest[byte_idx] >> 2) & 0x01; + temp_report.bmacf = (p_ingest[byte_idx] >> 1) & 0x01; + temp_report.bsaf = (p_ingest[byte_idx] & 0x01); + byte_idx += 1; + temp_report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); + byte_idx += 2; + temp_report.snval = (p_ingest[byte_idx]); + byte_idx++; + report = temp_report; +#ifdef DEBUG + Crypto_fsrPrint(&report); +#endif + } +} + uint32_t Crypto_Get_FSR() { uint32_t fsr; diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index 395844e6..d5bf0485 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -1181,6 +1181,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 { mac_loc = byte_idx + pdu_len; } + Crypto_Set_FSR(p_ingest, byte_idx, pdu_len, sa_ptr); #ifdef AOS_DEBUG printf(KYEL "Index / data location starts at: %d\n" RESET, byte_idx); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 9a6af1ff..3547cf6c 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1797,7 +1797,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_ Crypto_TM_Process_Debug_Print(byte_idx, pdu_len, sa_ptr); - Crypto_TM_Set_FSR(p_ingest, byte_idx, pdu_len, sa_ptr); + Crypto_Set_FSR(p_ingest, byte_idx, pdu_len, sa_ptr); // Crypto_TM_Print_CLCW(p_ingest, byte_idx, pdu_len, sa_ptr); // Get Key @@ -1865,30 +1865,6 @@ void Crypto_TM_Print_CLCW(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len } } -void Crypto_TM_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) -{ - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) - { - Telemetry_Frame_Ocf_Fsr_t temp_report; - byte_idx += (pdu_len + sa_ptr->stmacf_len); - temp_report.cwt = (p_ingest[byte_idx] >> 7) & 0x01; - temp_report.fvn = (p_ingest[byte_idx] >> 4) & 0x07; - temp_report.af = (p_ingest[byte_idx] >> 3) & 0x01; - temp_report.bsnf = (p_ingest[byte_idx] >> 2) & 0x01; - temp_report.bmacf = (p_ingest[byte_idx] >> 1) & 0x01; - temp_report.bsaf = (p_ingest[byte_idx] & 0x01); - byte_idx += 1; - temp_report.lspi = (p_ingest[byte_idx] << 8) | (p_ingest[byte_idx + 1]); - byte_idx += 2; - temp_report.snval = (p_ingest[byte_idx]); - byte_idx++; - report = temp_report; -#ifdef TM_DEBUG - Crypto_fsrPrint(&report); -#endif - } -} - /** * @brief Function: Crypto_Get_tmLength * Returns the total length of the current tm_frame in BYTES! diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index df29c0cf..d981b0c2 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -686,11 +686,12 @@ int32_t sa_init(void) sa[x].ek_ref[y] = '\0'; sa[x].ak_ref[y] = '\0'; } - sa[x].abm_len = 0; - sa[x].acs_len = 0; - sa[x].acs = 0; - sa[x].shsnf_len = 0; - sa[x].arsn_len = 0; + sa[x].abm_len = 0; + sa[x].acs_len = 0; + sa[x].acs = 0; + sa[x].shsnf_len = 0; + sa[x].arsn_len = 0; + sa[x].stmacf_len = 0; for (int y = 0; y < ARSN_SIZE; y++) { sa[x].arsn[y] = 0; diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index 6facf1d2..342ef8ae 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -1571,7 +1571,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) } // printf("\n\n"); - + Crypto_Shutdown(); free(truth_aos_b); free(framed_aos_b); free(iv_b); @@ -1805,4 +1805,50 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) free(ptr_processed_frame); } +UTEST(AOS_PROCESS, AOS_OCF_TEST) +{ + remove("sa_save_file.bin"); + + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 0, AOS_SEGMENT_HDRS_NA, 22, AOS_HAS_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + status = Crypto_Init(); + + // Test frame setup + char *framed_aos_h = "42C00000001500090000000000000000DEADBEEFFFFF"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; + hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + + SecurityAssociation_t *sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 5 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->shivf_len = 0; + sa_ptr->gvcid_blk.tfvn = 1; + sa_ptr->gvcid_blk.vcid = 0; + sa_ptr->gvcid_blk.mapid = 0; + + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("FSR: %08X\n", Crypto_Get_FSR()); + + Crypto_Shutdown(); + free(framed_aos_b); + free(ptr_processed_frame); +} + UTEST_MAIN(); \ No newline at end of file From ce995e243fae4d49a6356ed8bc44742860b0f2ba Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 24 Oct 2024 15:29:07 +0000 Subject: [PATCH 153/241] [nasa/cryptolib#44] Removed magic numbers from OTAR --- include/crypto_config.h | 1 + src/core/crypto_key_mgmt.c | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 4f6ed4ef..7dc1d139 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -210,6 +210,7 @@ #define SDLS_IV_LEN 12 /* bytes */ #define SDLS_KEYV_KEY_ID_LEN 2 /* bytes */ #define SDLS_KEY_LEN 32 /* bytes */ +#define SDLS_KEYID_LEN 2 /* bytes */ // TC Behavior Defines #define TC_SDLS_EP_VCID \ diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 1b86be2e..28b55829 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -45,7 +45,7 @@ int32_t Crypto_Key_OTAR(void) int y; int32_t status = CRYPTO_LIB_SUCCESS; // uint16_t pdu_len = (uint16_t) sdls_frame.pdu.hdr.pdu_len[1] << 8 | sdls_frame.pdu.hdr.pdu_len[0]; - int pdu_keys = (sdls_frame.pdu.hdr.pdu_len - 30) / (2 + 32); + int pdu_keys = (sdls_frame.pdu.hdr.pdu_len - SDLS_KEYID_LEN - SDLS_IV_LEN - MAC_SIZE) / (SDLS_KEYID_LEN + SDLS_KEY_LEN); int w; crypto_key_t *ekp = NULL; @@ -76,7 +76,7 @@ int32_t Crypto_Key_OTAR(void) return status; } - for (count = 2; count < (2 + 12); count++) + for (count = 2; count < (2 + SDLS_IV_LEN); count++) { // Initialization Vector packet.iv[count - 2] = sdls_frame.pdu.data[count]; #ifdef DEBUG @@ -85,7 +85,7 @@ int32_t Crypto_Key_OTAR(void) } count = sdls_frame.pdu.hdr.pdu_len - MAC_SIZE; - for (w = 0; w < 16; w++) + for (w = 0; w < MAC_SIZE; w++) { // MAC packet.mac[w] = sdls_frame.pdu.data[count + w]; #ifdef DEBUG @@ -101,7 +101,7 @@ int32_t Crypto_Key_OTAR(void) uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output - (size_t)(pdu_keys * (2 + SDLS_KEY_LEN)), // length of data + (size_t)(pdu_keys * (SDLS_KEYID_LEN + SDLS_KEY_LEN)), // length of data NULL, // in place decryption 0, // in data length &(ekp->value[0]), // key From 3c63da1f919c48b913524a6bdeddf1eea77dfe65 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 24 Oct 2024 18:46:42 +0000 Subject: [PATCH 154/241] [nasa/cryptolib#156] Removed et_dt_validation and pycryptodome references --- CMakeLists.txt | 10 +- support/Dockerfile | 3 +- support/scripts/build_internal.sh | 2 +- support/scripts/build_kmc.sh | 2 +- support/scripts/build_rhel.sh | 2 +- support/scripts/build_support.sh | 2 +- support/scripts/build_wolf.sh | 2 +- support/scripts/update_env.sh | 1 - test/CMakeLists.txt | 52 +- test/unit/et_dt_validation.c | 3222 ----------------------------- 10 files changed, 37 insertions(+), 3261 deletions(-) delete mode 100644 test/unit/et_dt_validation.c diff --git a/CMakeLists.txt b/CMakeLists.txt index ca5cc58f..691d9bc1 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -56,7 +56,7 @@ option(SA_MARIADB "Security Association - MariaDB" OFF) option(SUPPORT "Support" OFF) option(SYSTEM_INSTALL "SystemInstall" OFF) option(TEST "Test" OFF) -option(TEST_ENC "Tests - Encryption" OFF) +# option(TEST_ENC "Tests - Encryption" OFF) option(SA_FILE "Save Security Association to File" OFF) option(KEY_VALIDATION "Validate existance of key duplication" OFF) @@ -150,10 +150,10 @@ elseif(NOT DEFINED CFE_SYSTEM_PSPNAME) set(CMAKE_INSTALL_PREFIX ${PROJECT_SOURCE_DIR}/install) endif() -if(TEST_ENC) - # Can't run an additional set of tests without `TEST` enabled - set(TEST ON) -endif() +# if(TEST_ENC) +# # Can't run an additional set of tests without `TEST` enabled +# set(TEST ON) +# endif() if(TEST) include(CTest) diff --git a/support/Dockerfile b/support/Dockerfile index 617d54a5..0d62587d 100644 --- a/support/Dockerfile +++ b/support/Dockerfile @@ -39,8 +39,7 @@ RUN apt-get update -y \ python3-dev \ python3-pip \ unzip \ - && rm -rf /var/lib/apt/lists/* \ - && pip3 install pycryptodome + && rm -rf /var/lib/apt/lists/* FROM cl0 AS cl1 ARG GPG_ERROR_VERSION=1.50 diff --git a/support/scripts/build_internal.sh b/support/scripts/build_internal.sh index c41dd2c3..9279b061 100755 --- a/support/scripts/build_internal.sh +++ b/support/scripts/build_internal.sh @@ -11,4 +11,4 @@ source $SCRIPT_DIR/env.sh rm $BASE_DIR/CMakeCache.txt -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DMC_INTERNAL=1 -DTEST=1 -DTEST_ENC=1 -DSA_FILE=1 -DKEY_VALIDATION=0 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DMC_INTERNAL=1 -DTEST=1 -DSA_FILE=1 -DKEY_VALIDATION=0 && make && make test diff --git a/support/scripts/build_kmc.sh b/support/scripts/build_kmc.sh index b76c7502..3dbd6b52 100755 --- a/support/scripts/build_kmc.sh +++ b/support/scripts/build_kmc.sh @@ -11,4 +11,4 @@ source $SCRIPT_DIR/env.sh rm $BASE_DIR/CMakeCache.txt -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_KMC=1 -DKEY_KMC=1 -DMC_DISABLED=1 -DSA_MARIADB=1 -DTEST=1 -DTEST_ENC=1 -DKMC_CFFI_EXCLUDE=1 -DSA_FILE=1 -DKMC_MDB_DB=1 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_KMC=1 -DKEY_KMC=1 -DMC_DISABLED=1 -DSA_MARIADB=1 -DTEST=1 -DKMC_CFFI_EXCLUDE=1 -DSA_FILE=1 -DKMC_MDB_DB=1 && make && make test diff --git a/support/scripts/build_rhel.sh b/support/scripts/build_rhel.sh index 644fa9b3..bcd05ff2 100755 --- a/support/scripts/build_rhel.sh +++ b/support/scripts/build_rhel.sh @@ -11,5 +11,5 @@ source $SCRIPT_DIR/env.sh rm $BASE_DIR/CMakeCache.txt -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DMC_INTERNAL=1 -DTEST=1 -DTEST_ENC=1 -DSA_FILE=1 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DMC_INTERNAL=1 -DTEST=1 -DSA_FILE=1 && make && make test diff --git a/support/scripts/build_support.sh b/support/scripts/build_support.sh index 0392bd8f..1355e16e 100755 --- a/support/scripts/build_support.sh +++ b/support/scripts/build_support.sh @@ -11,4 +11,4 @@ source $SCRIPT_DIR/env.sh rm $BASE_DIR/CMakeCache.txt -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DSUPPORT=1 -DTEST=1 -DTEST_ENC=1 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DSUPPORT=1 -DTEST=1 && make && make test diff --git a/support/scripts/build_wolf.sh b/support/scripts/build_wolf.sh index a646e932..7a9f32e5 100755 --- a/support/scripts/build_wolf.sh +++ b/support/scripts/build_wolf.sh @@ -11,4 +11,4 @@ source $SCRIPT_DIR/env.sh rm $BASE_DIR/CMakeCache.txt -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_LIBGCRYPT=0 -DCRYPTO_WOLFSSL=1 -DTEST=1 -DTEST_ENC=1 -DSA_FILE=1 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_LIBGCRYPT=0 -DCRYPTO_WOLFSSL=1 -DTEST=1 -DSA_FILE=1 && make && make test diff --git a/support/scripts/update_env.sh b/support/scripts/update_env.sh index ba0e2de5..14e1ef5e 100644 --- a/support/scripts/update_env.sh +++ b/support/scripts/update_env.sh @@ -5,7 +5,6 @@ # sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 -sudo pip install pycryptodome curl -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 -o /tmp/libgpg-error-1.50.tar.bz2 tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ && cd /tmp/libgpg-error-1.50 && sudo ./configure && sudo make install curl -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 -o /tmp/libgcrypt-1.11.0.tar.bz2 diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 64ff3aa0..a0476c50 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -113,41 +113,41 @@ endif() # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) #endif() -if(TEST_ENC) - add_test(NAME ET_DT_VALIDATION - COMMAND ${PROJECT_BINARY_DIR}/bin/et_dt_validation - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) -endif() +# if(TEST_ENC) +# add_test(NAME ET_DT_VALIDATION +# COMMAND ${PROJECT_BINARY_DIR}/bin/et_dt_validation +# WORKING_DIRECTORY ${PROJECT_TEST_DIR}) +# endif() include_directories(include) include_directories(../include) -if(TEST_ENC) - set(Python3_FIND_STRATEGY VERSION) - find_package (Python3 REQUIRED COMPONENTS Interpreter Development) - execute_process(COMMAND pip3 show pycryptodome RESULT_VARIABLE EXIT_CODE OUTPUT_QUIET) - if(NOT ${EXIT_CODE} EQUAL 0) - message(FATAL_ERROR "The \"pycryptodome\" Python3 package is not installed, and is required for TEST_ENC.") - endif() -endif() +# if(TEST_ENC) +# set(Python3_FIND_STRATEGY VERSION) +# find_package (Python3 REQUIRED COMPONENTS Interpreter Development) +# execute_process(COMMAND pip3 show pycryptodome RESULT_VARIABLE EXIT_CODE OUTPUT_QUIET) +# if(NOT ${EXIT_CODE} EQUAL 0) +# message(FATAL_ERROR "The \"pycryptodome\" Python3 package is not installed, and is required for TEST_ENC.") +# endif() +# endif() file( GLOB UNIT_FILES unit/*.c) foreach(SOURCE_PATH ${UNIT_FILES}) get_filename_component(EXECUTABLE_NAME ${SOURCE_PATH} NAME_WE) - if((NOT TEST_ENC) AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) - continue() - else() - add_executable(${EXECUTABLE_NAME} ${SOURCE_PATH}) - target_sources(${EXECUTABLE_NAME} PRIVATE core/shared_util.c) - target_link_libraries(${EXECUTABLE_NAME} LINK_PUBLIC crypto pthread) - endif() - - if(TEST_ENC AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) - target_link_libraries(${EXECUTABLE_NAME} PUBLIC ${Python3_LIBRARIES}) - target_include_directories(${EXECUTABLE_NAME} PUBLIC ${Python3_INCLUDE_DIRS}) - find_library(${Python3_LIBRARIES} pycryptodome) - endif() + # if((NOT TEST_ENC) AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) + # continue() + # else() + add_executable(${EXECUTABLE_NAME} ${SOURCE_PATH}) + target_sources(${EXECUTABLE_NAME} PRIVATE core/shared_util.c) + target_link_libraries(${EXECUTABLE_NAME} LINK_PUBLIC crypto pthread) + # endif() + + # if(TEST_ENC AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) + # target_link_libraries(${EXECUTABLE_NAME} PUBLIC ${Python3_LIBRARIES}) + # target_include_directories(${EXECUTABLE_NAME} PUBLIC ${Python3_INCLUDE_DIRS}) + # find_library(${Python3_LIBRARIES} pycryptodome) + # endif() add_custom_command(TARGET ${EXECUTABLE_NAME} POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy $ ${PROJECT_BINARY_DIR}/bin/${EXECUTABLE_NAME} diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c deleted file mode 100644 index 353b3df4..00000000 --- a/test/unit/et_dt_validation.c +++ /dev/null @@ -1,3222 +0,0 @@ -/* Copyright (C) 2009 - 2017 National Aeronautics and Space Administration. - All Foreign Rights are Reserved to the U.S. Government. - - This software is provided "as is" without any warranty of any, kind either express, implied, or statutory, including, - but not limited to, any warranty that the software will conform to, specifications any implied warranties of - merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the - documentation will conform to the program, or any warranty that the software will be error free. - - In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or - consequential damages, arising out of, resulting from, or in any way connected with the software or its - documentation. Whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was - sustained from, or arose out of the results of, or use of, the software, documentation or services provided hereunder - - ITC Team - NASA IV&V - ivv-itc@lists.nasa.gov -*/ - -/** - * Unit Tests that macke use of TC_ApplySecurity function on the data. - * These tests will require Python3, as well as the pycryptodome module to be installed. - */ - -#include "et_dt_validation.h" -#include "utest.h" -#include - -#include "crypto_error.h" -#include "sa_interface.h" - -// Setup for some Unit Tests using a Python Script to Verify validiy of frames -PyObject *pName, *pModule, *pDict, *pFunc, *pValue, *pArgs, *pClass, *pInstance; - -/** - * @brief Python Teardown - * Used to dereference variables and free memory used during the python truth baseline process. - * Must be called or tests could cause memory leaks, and erroneous data. - **/ -int EndPython() -{ - Py_XDECREF(pInstance); - Py_XDECREF(pValue); - Py_XDECREF(pModule); - Py_XDECREF(pName); - Py_Finalize(); - return CRYPTO_LIB_SUCCESS; -} - -/** - * @brief Python Setup - * Sets up the use of python encryption class within CTests - **/ -void setup_python() -{ - Py_Initialize(); - PyRun_SimpleString("import sys\nsys.path.append('../test')"); - PyRun_SimpleString("import sys\nsys.path.append('../../test')"); - pName = PyUnicode_FromString("encryption_test"); - pModule = PyImport_Import(pName); - if (pModule == NULL) - { - printf("ERROR, NO MODULE FOUND\n"); - EndPython(); - return; - } - - pDict = PyModule_GetDict(pModule); - pClass = PyDict_GetItemString(pDict, "Encryption"); - - if (PyCallable_Check(pClass)) - { - pInstance = PyObject_CallObject(pClass, NULL); - } - else - { - printf("ERROR, NO CLASS INSTANCE FOUND\n"); - EndPython(); - return; - } -} - -/** - * @brief Python Cryptodoem CMAC Truth Baseline - * @param data Hexstring of the plain text - * @param key Hexstring of the key to be used - * @param expected Output character array that will be allocated within this function. Memory must be freed upon completion of the test - * @param expected_length The length of the expected character array this is set within this function - * @note User must free memory themselves. - **/ -void python_cmac(char* data, char* key, uint8_t** expected, long *expected_length) -{ - setup_python(); - - pValue = PyObject_CallMethod(pInstance, "encrypt_cmac", "ss", data, key); - pValue = PyObject_CallMethod(pInstance, "get_len", NULL); - long temp_length = PyLong_AsLong(pValue); - *expected_length = temp_length; - pValue = PyObject_CallMethod(pInstance, "get_results", NULL); - char* temp_expected = PyBytes_AsString(pValue); - *expected = (uint8_t* )malloc(sizeof(uint8_t) * (int)*expected_length); - memcpy(*expected, temp_expected, (int)*expected_length); - return; -} - -/** - * @brief Python Cryptodome Truth Baseline - * Used to generate truth data for Authorized Encryption. Results are compared against TC_ApplySecurity Functionality, - * as well as in reverse using the TC_ProcessSecurity function. - * @param data Hexstring of the plain text to be encrypted - * @param key Hexstring of the key to be used during encryption - * @param iv Hextring of the IV to be used during encryption - * @param header Hextring of the header (AAD) that will be used during encryption - * @param bitmask Hexstring of the bitmask that will be used on the header - * @param expected Ouput character array that will be allocated within this function. Memory must be freed upon - *completion of test. - * @param expected_length The length of the expected character array that is set within this function - * @note The char** expected that is passsed to this function must be freed by the user upon completion of unit test or - *other call. - **/ -void python_auth_encryption(char* data, char* key, char* iv, char* header, char* bitmask, uint8_t** expected, - long *expected_length) -{ - setup_python(); - pValue = PyObject_CallMethod(pInstance, "encrypt", "sssss", data, key, iv, header, bitmask); - - pValue = PyObject_CallMethod(pInstance, "get_len", NULL); - long temp_length = PyLong_AsLong(pValue); - *expected_length = temp_length; - pValue = PyObject_CallMethod(pInstance, "get_results", NULL); - char* temp_expected = PyBytes_AsString(pValue); - *expected = (uint8_t* )malloc(sizeof(uint8_t) * (int)*expected_length); - memcpy(*expected, temp_expected, (int)*expected_length); - return; -} - -/** - * @brief Validation Test: Authorized Encryption using Python Truth Data - * Utilizes the python_auth_encryption(uint8_t* data, uint8_t* key, uint8_t* iv, uint8_t* header, uint8_t* bitmask, - *uint8_t** expected, long* expected_length) function to create baseline truth data. This data is then compared against - *the generated tag and cipher text that is generated by the Crypto_TC_ApplySecurity(const uint8_t* p_in_frame, const - *uint16_t in_frame_length, uint8_t** pp_in_frame, uint16_t* p_enc_frame_len) function, as well as the FECF. - **/ -/* -UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST) -{ - // Setup & Initialize CryptoLib - Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - - uint8_t* expected = NULL; - long expected_length = 0; - - char* activate_sa4_h = "2003002000ff000100011880d2c9000e197f0b001b0004000400003040d95ecbc2"; - char* enc_test_ping_h = "2003041600ff1880d2ca0008197f0b0031000039c5082d"; - - uint8_t* activate_sa4_b, *enc_test_ping_b = NULL; - int activate_sa4_len, enc_test_ping_len = 0; - - hex_conversion(activate_sa4_h, (char**) &activate_sa4_b, &activate_sa4_len); - hex_conversion(enc_test_ping_h, (char**) &enc_test_ping_b, &enc_test_ping_len); - - SecurityAssociation_t* test_association_1 = NULL; - SecurityAssociation_t* test_association_4 = NULL; - test_association_1 = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - test_association_4 = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - - int32_t return_val = -1; - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - // Default SA - // Expose SA 1 for testing - sa_if->sa_get_from_spi(1, &test_association_1); - test_association_1->ecs = CRYPTO_CIPHER_NONE; - - // Expose SA 4 for testing - sa_if->sa_get_from_spi(4, &test_association_4); - test_association_4->sa_state = SA_KEYED; - - // Ensure that Process Security can activate SA 4 - return_val = Crypto_TC_ProcessSecurity(activate_sa4_b, &activate_sa4_len, tc_sdls_processed_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - // Deactive SA 1 - test_association_1->sa_state = SA_NONE; - - // Expose SA 4 for testing - test_association_4->arsn_len = 0; - test_association_4->gvcid_blk.vcid = 1; - test_association_4->iv[11] = 1; - test_association_4->ast = 1; - test_association_4->est = 1; - test_association_4->sa_state = SA_OPERATIONAL; - test_association_4->ecs = CRYPTO_CIPHER_AES256_GCM; - - return_val = Crypto_TC_ApplySecurity(enc_test_ping_b, enc_test_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - Crypto_Shutdown(); - - // Get Truth Baseline - python_auth_encryption("1880d2ca0008197f0b0031000039c5", - "FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210", - "000000000000000000000001", "2003043400FF0004", "00", &expected, &expected_length); - for (int i = 0; i < expected_length; i++) - { - //printf("[%d]: %02x -> %02x \n", i, expected[i], ptr_enc_frame[i]); - ASSERT_EQ(expected[i], ptr_enc_frame[i]); - } - - // sa_if->sa_close(); - free(activate_sa4_b); - free(enc_test_ping_b); - free(ptr_enc_frame); - free(expected); - // free(test_association->ecs); - free(tc_sdls_processed_frame); - EndPython(); -} -*/ - -/** - * @brief Validation Test: Authorized Decryption - * Makes use of truth data created from the previous AUTH_ENCRYPTION_TEST, to validate that Crypto_TC_ProcessSecurity( - *uint8_t* ingest, int* len_ingest,TC_t* tc_sdls_processed_frame) properly decrypts data and returns it to the intial - *truth data created by the python_auth_encryption(uint8_t* data, uint8_t* key, uint8_t* iv, uint8_t* header, uint8_t* - *bitmask, uint8_t** expected, long* expected_length) function. - **/ -UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST) -{ - remove("sa_save_file.bin"); - // Setup & Initialize CryptoLib - Crypto_Init_TC_Unit_Test(); - SaInterface sa_if = get_sa_interface_inmemory(); - - char* activate_sa4_h = "2003002000ff000100011880d2c9000e197f0b001b0004000400003040d95ecbc2"; - char* dec_test_ping_h = - "2003043400FF00040000000000000000000000017E1D8EEA8D45CEBA17888E0CDCD747DC78E5F372F997F2A63AA5DFC168395DC987"; - char* enc_test_ping_h = "1880d2ca0008197f0b0031000039c5"; - - uint8_t* activate_sa4_b, *dec_test_ping_b, *enc_test_ping_b = NULL; - int activate_sa4_len, dec_test_ping_len, enc_test_ping_len = 0; - - hex_conversion(activate_sa4_h, (char**) &activate_sa4_b, &activate_sa4_len); - hex_conversion(dec_test_ping_h, (char**) &dec_test_ping_b, &dec_test_ping_len); - hex_conversion(enc_test_ping_h, (char**) &enc_test_ping_b, &enc_test_ping_len); - - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - - int32_t return_val = -1; - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - // Default SA - // Expose SA 1 for testing - sa_if->sa_get_from_spi(1, &test_association); - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 0; - test_association->arsn_len = 0; - - // Expose SA 7 for testing - sa_if->sa_get_from_spi(4, &test_association); - test_association->sa_state = SA_KEYED; - test_association->abm_len = ABM_SIZE; - - // Ensure that Process Security can activate SA 4 - return_val = Crypto_TC_ProcessSecurity(activate_sa4_b, &activate_sa4_len, tc_sdls_processed_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - // Deactive SA 1 - test_association->sa_state = SA_NONE; - - // Expose SA 4 for testing - sa_if->sa_get_from_spi(4, &test_association); - test_association->arsn_len = 0; - test_association->gvcid_blk.vcid = 1; - test_association->iv[11] = 0; - test_association->ast = 1; - test_association->est = 1; - test_association->ekid = 130; - test_association->ecs_len = 1; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->stmacf_len = 16; - test_association->arsnw_len = 1; - test_association->abm_len = ABM_SIZE; - test_association->arsnw = 5; - test_association->arsn_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->arsn_len = ((test_association->arsnw * 2) + 1); - - return_val = Crypto_TC_ProcessSecurity(dec_test_ping_b, &dec_test_ping_len, tc_sdls_processed_frame); - ASSERT_EQ(9, return_val); // 9 is the number of pings in that EP PDU. - - Crypto_Shutdown(); - - // printf("PDU:\n\t"); - // for (int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - // { - // printf("%02x", enc_test_ping_b[i]); - // } - // printf("\nPF PDU:\n\t"); - // for (int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - // { - // printf("%02x", tc_sdls_processed_frame->tc_pdu[i]); - // } - // printf("\n"); - for (int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - { - ASSERT_EQ(enc_test_ping_b[i], tc_sdls_processed_frame->tc_pdu[i]); - } - - free(activate_sa4_b); - free(dec_test_ping_b); - // free(test_association->ecs); - free(tc_sdls_processed_frame); - // sa_if->sa_close(); - EndPython(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - // Crypto_Init_TC_Unit_Test(); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; - char* buffer_nist_pt_h = "2003001600722ee47da4b77424733546c2d400c4e567a8"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374c"; - char* buffer_nist_ct_h = "1224dfefb72a20d49e09256908874979"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 1; - test_association->shivf_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 11; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); - - Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2; - Crypto_Shutdown(); - for (int i = 0; i < buffer_nist_pt_len - 7; i++) - { - //printf("[%d]: %02x -> %02x \n", i, *(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); - enc_data_idx++; - } - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_ct_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "ef9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f8"; - char* buffer_nist_pt_h = "2003001600722ee47da4b77424733546c2d400c4e567a8"; - char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; - char* buffer_nist_et_h = "2003002500FF0009B6AC8E4963F49207FFD6374C00001224DFEFB72A20D49E09256908874979AD6F"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; - - // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 1; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // for (int i = 0; i < buffer_nist_iv_len; i++) - // { - // printf("%02x\n", buffer_nist_iv_b[i]); - // ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); - // enc_data_idx++; - // } - - - // Convert input encryptedtext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); - - Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); - - for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - if (buffer_nist_pt_b[i + 5] != tc_nist_processed_frame->tc_pdu[i]) - { - printf("[%d]: %02x -> %02x \n", i, buffer_nist_pt_b[i + 5], tc_nist_processed_frame->tc_pdu[i]); - } - ASSERT_EQ(buffer_nist_pt_b[i + 5], tc_nist_processed_frame->tc_pdu[i]); - } - - Crypto_Shutdown(); - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_et_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; - char* buffer_nist_pt_h = "2003001600419635e6e12b257a8ecae411f94480ff56be"; - char* buffer_nist_iv_h = "1af2613c4184dbd101fcedce"; - char* buffer_nist_ct_h = "9cd21f414f1f54d5f6f58b1f2f77e5b6"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 11; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); - - sa_if->sa_get_from_spi(9, &test_association); - - - Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2; - Crypto_Shutdown(); - for (int i = 0; i < buffer_nist_pt_len - 7; i++) - { - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); - enc_data_idx++; - } - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_ct_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; - char* buffer_nist_pt_h = "2003001600419635e6e12b257a8ecae411f94480ff56be"; - char* buffer_nist_iv_h = "1af2613c4184dbd101fcedcd"; - //2003002500FF0009B6AC8E4963F49207FFD6374C00001224DFEFB72A20D49E09256908874979AD6F - char* buffer_nist_et_h = "2003002500FF00091AF2613C4184DBD101FCEDCE00009CD21F414F1F54D5F6F58B1F2F77E5B66987"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; - - // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); - - int32_t status; - - status = Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); - ASSERT_EQ(0,status); - - Crypto_Shutdown(); - for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - ASSERT_EQ(buffer_nist_pt_b[i + 5], tc_nist_processed_frame->tc_pdu[i]); - } - - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_et_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "7ecc9dcb3d5b413cadc3af7b7812758bd869295f8aaf611ba9935de76bd87013"; - char* buffer_nist_pt_h = "200300160073d4d7984ce422ac983797c0526ac6f9446b"; - char* buffer_nist_iv_h = "6805be41e983717bf6781052"; - char* buffer_nist_ct_h = "487211dd440f4d09d00bc5c3158a822c"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); - - Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2; - Crypto_Shutdown(); - for (int i = 0; i < buffer_nist_pt_len - 7; i++) - { - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); - enc_data_idx++; - } - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_ct_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "7ecc9dcb3d5b413cadc3af7b7812758bd869295f8aaf611ba9935de76bd87013"; - char* buffer_nist_pt_h = "200300160073d4d7984ce422ac983797c0526ac6f9446b"; - char* buffer_nist_iv_h = "6805be41e983717bf6781051"; - char* buffer_nist_et_h = "2003002500FF00096805BE41E983717BF67810520000487211DD440F4D09D00BC5C3158A822C46E3"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; - - // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); - - Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); - - Crypto_Shutdown(); - for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - ASSERT_EQ(buffer_nist_pt_b[i + 5], tc_nist_processed_frame->tc_pdu[i]); - } - - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_et_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "a881373e248615e3d6576f5a5fb68883515ae72d6a2938e3a6f0b8dcb639c9c0"; - char* buffer_nist_pt_h = "200300160007d1dc9930e710b1ebe533c81f671101e43c"; - char* buffer_nist_iv_h = "f0b744f157087df4e41818a9"; - char* buffer_nist_ct_h = "b65a2878b9dddbd4a0204dae6a6a6fc0"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); - - Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2; - Crypto_Shutdown(); - for (int i = 0; i < buffer_nist_pt_len - 7; i++) - { - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); - enc_data_idx++; - } - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_ct_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "a881373e248615e3d6576f5a5fb68883515ae72d6a2938e3a6f0b8dcb639c9c0"; - char* buffer_nist_pt_h = "200300160007d1dc9930e710b1ebe533c81f671101e43c"; - char* buffer_nist_iv_h = "f0b744f157087df4e41818a8"; - char* buffer_nist_et_h = "2003002500FF0009F0B744F157087DF4E41818A90000B65A2878B9DDDBD4A0204DAE6A6A6FC0C327"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; - - // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); - - Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); - - Crypto_Shutdown(); - for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - ASSERT_EQ(buffer_nist_pt_b[i + 5], tc_nist_processed_frame->tc_pdu[i]); - } - - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_et_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "84c90349539c2a7989cb24dfae5e4182382ae94ba717d385977017f74f0d87d6"; - char* buffer_nist_pt_h = "200300160031c4e1d0ccece6b7a999bfc31f38559af5dd"; - char* buffer_nist_iv_h = "eeddeaf4355c826dfd153393"; - char* buffer_nist_ct_h = "5c6cfbdd06c19445ecf500c21aeca173"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_ct_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_ct_len, buffer_nist_key_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); - - Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_nist_ct_len - 2; - Crypto_Shutdown(); - for (int i = 0; i < buffer_nist_pt_len - 7; i++) - { - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); - enc_data_idx++; - } - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_ct_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: AES-GCM 256 Test Vectors - * Reference: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - **/ -UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "84c90349539c2a7989cb24dfae5e4182382ae94ba717d385977017f74f0d87d6"; - char* buffer_nist_pt_h = "200300160031c4e1d0ccece6b7a999bfc31f38559af5dd"; - char* buffer_nist_iv_h = "eeddeaf4355c826dfd153392"; - char* buffer_nist_et_h = "2003002500FF0009EEDDEAF4355C826DFD15339300005C6CFBDD06C19445ECF500C21AECA1738A7D"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_et_b, *buffer_nist_key_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_et_len, buffer_nist_key_len = 0; - - // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; - test_association->ast = 0; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input ciphertext - hex_conversion(buffer_nist_et_h, (char**) &buffer_nist_et_b, &buffer_nist_et_len); - - Crypto_TC_ProcessSecurity(buffer_nist_et_b, &buffer_nist_et_len, tc_nist_processed_frame); - - Crypto_Shutdown(); - for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - ASSERT_EQ(buffer_nist_pt_b[i + 5], tc_nist_processed_frame->tc_pdu[i]); - } - - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_et_b); - free(buffer_nist_key_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: MAC - * Reference 1: - *https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':''%7D,%7B'option':'Hex','string':''%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':''%7D) - * Reference 2: - *https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - * Spot check of MAC tags assuming no plaintext payload - * Accomplished by a multi-step process: - * 1) Ensure a valid implementation - Utilize Cyberchef's AES Encrypt to re-create a NIST test vector with AAD - * 2) Generate Truth data - Use same CyberChef settings on a created TF - * 3) Validate Cryptolib output with CyberChef output - * Bit Mask of zeros - * Bit-mask of zeros in this test for a total length of: - * Header (5) + Segment Hdr (1) + SPI (2) + IV (12) - * This means zero input to the MAC, which precedes the TF FECF - **/ -UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_pt_h = "200300060028C2"; // Empty Transfer frame - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c8a"; - char* buffer_nist_aad_h = "b96baa8c1c75a671bfb2d08d06be5f36"; // Zeroed out by abm - char* buffer_cyber_chef_mac_h = "b04cb89841f1591793f6e1bca1479d92"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_nist_aad_b, - *buffer_cyber_chef_mac_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_key_len, buffer_nist_aad_len, buffer_cyber_chef_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; - test_association->ast = 1; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input aad - hex_conversion(buffer_nist_aad_h, (char**) &buffer_nist_aad_b, &buffer_nist_aad_len); - // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); - - Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_cyber_chef_mac_len - 2; - Crypto_Shutdown(); - for (int i = 0; i < buffer_cyber_chef_mac_len; i++) - { - // printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_cyber_chef_mac_b[i], - // *(ptr_enc_frame+enc_data_idx)); - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_cyber_chef_mac_b[i]); - enc_data_idx++; - } - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_key_b); - free(buffer_cyber_chef_mac_b); - free(buffer_nist_aad_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: MAC - * Bit Mask of ones - * Bit-mask of ones in this test on an empty frame for a total length of: - * Header (5) + Segment Hdr (1) + SPI (2) + IV (12) - * All bits are unmasked input to the MAC algorithm - **/ -UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_pt_h = "200300060028C2"; // Empty Transfer frame - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c8a"; - char* buffer_cyber_chef_mac_h = "b04cb89841f1591793f6e1bca1479d92"; - uint8_t* buffer_nist_pt_b, *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b = NULL; - int buffer_nist_pt_len, buffer_nist_iv_len, buffer_nist_key_len, buffer_cyber_chef_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->est = 0; - test_association->ast = 1; - test_association->ecs_len = 1; - test_association->acs_len = 0; - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->arsn_len = 2; - test_association->gvcid_blk.tfvn = 0; - test_association->gvcid_blk.mapid = TYPE_TC; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); - - Crypto_TC_ApplySecurity(buffer_nist_pt_b, buffer_nist_pt_len, &ptr_enc_frame, &enc_frame_len); - - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_cyber_chef_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_cyber_chef_mac_len; i++) - { - // printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_cyber_chef_mac_b[i], - // *(ptr_enc_frame + enc_data_idx)); - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_cyber_chef_mac_b[i]); - enc_data_idx++; - } - - free(ptr_enc_frame); - free(buffer_nist_pt_b); - free(buffer_nist_iv_b); - free(buffer_nist_key_b); - free(buffer_cyber_chef_mac_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Validation Test: MAC - * Bit-mask of ones - **/ -UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; - char* buffer_cyber_chef_mac_h = "E7BB31D506998FCBDA078E66D5680194"; - char* buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; - - // Create a MAC'd frame by adding our headers and a fecf - // | Header | SPI | iv | plaintext | mac |fecf| - char* buffer_nist_mac_frame_h = - "2003003700FF0009D79CF22D504CC793C3FB6C8A0000722ee47da4b77424733546c2d400c4e5E7BB31D506998FCBDA078E66D5680194B401"; - - uint8_t* buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, - *buffer_nist_mac_frame_b, *buffer_nist_cp_b = NULL; - int buffer_nist_iv_len, buffer_nist_pt_len, buffer_nist_key_len, buffer_cyber_chef_mac_len, - buffer_nist_mac_frame_len = 0; - - // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 2; - test_association->arsnw_len = 1; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->gvcid_blk.tfvn = 0; - - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); - // Convert mac frame - hex_conversion(buffer_nist_mac_frame_h, (char**) &buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); - - Crypto_TC_ProcessSecurity(buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len, tc_nist_processed_frame); - - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length -#ifdef DEBUG - printf("Expected MAC: "); - for (int i=0; istmacf_len; i++) - { - printf("%02x ", tc_nist_processed_frame->tc_sec_trailer.mac[i]); - } - printf("\n"); -#endif - -#ifdef DEBUG - printf("PDU Length: %d \n",tc_nist_processed_frame->tc_pdu_len); - printf("Expected PDU: "); - for (int i=0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - printf("%02x ", buffer_nist_pt_b[i]); - } - printf("\nReceived PDU: "); - for (int i=0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { - printf("%02x ", tc_nist_processed_frame->tc_pdu[i]); - } - printf("\n"); -#endif - - // Verify the MAC - for (int i = 0; i < test_association->stmacf_len; i++) - { - ASSERT_EQ(tc_nist_processed_frame->tc_sec_trailer.mac[i], buffer_cyber_chef_mac_b[i]); - } - for (int i = 0; i < tc_nist_processed_frame->tc_pdu_len; i++) - { // Verify the PDU Data is present and not stomped - ASSERT_EQ(tc_nist_processed_frame->tc_pdu[i], buffer_nist_pt_b[i]); - } - - Crypto_Shutdown(); - free(buffer_nist_iv_b); - free(buffer_nist_key_b); - free(buffer_cyber_chef_mac_b); - free(buffer_nist_mac_frame_b); - free(buffer_nist_cp_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Unit Test: Bad Data, Fail MAC validation - **/ -UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) -{ - remove("sa_save_file.bin"); - // Setup & Initialize CryptoLib - int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; - // char* buffer_cyber_chef_mac_h = "99eff39be8327e6950f03a329209d577"; - char* buffer_cyber_chef_mac_h = "34d0e323f5e4b80426401d4aa37930da"; - char* buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; - - // Create a MAC'd frame by adding our headers and a fecf - // | Header | SPI | iv | plaintext | mac |fecf| - char* buffer_nist_mac_frame_h = - "2003003700FF0009D79CF22D504CC793C3FB6C8A0000722ee47da4b77424733546c2d400c40034d0e323f5e4b80426401d4aa37930da123b"; - - uint8_t* buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, - *buffer_nist_mac_frame_b, *buffer_nist_cp_b = NULL; - int buffer_nist_iv_len, buffer_nist_pt_len, buffer_nist_key_len, buffer_cyber_chef_mac_len, - buffer_nist_mac_frame_len = 0; - - // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 2; - test_association->arsnw_len = 1; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); - // Convert mac frame - hex_conversion(buffer_nist_mac_frame_h, (char**) &buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); - - status = Crypto_TC_ProcessSecurity(buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len, tc_nist_processed_frame); - //printf("TC_Process returned status %d\n", status); - - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length - // #ifdef DEBUG - // printf("Expected MAC: "); - // for (int i=0; istmacf_len; i++) - // { - // printf("%02x ", tc_nist_processed_frame->tc_sec_trailer.mac[i]); - // } - // printf("\n"); - // #endif - - Crypto_Shutdown(); - ASSERT_EQ(CRYPTO_LIB_ERR_MAC_VALIDATION_ERROR, status); - free(buffer_nist_iv_b); - free(buffer_nist_key_b); - free(buffer_cyber_chef_mac_b); - free(buffer_nist_mac_frame_b); - free(buffer_nist_cp_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Unit Test: Bad MAC, Fail MAC validation - **/ -UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) -{ - remove("sa_save_file.bin"); - // Setup & Initialize CryptoLib - int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - - // NIST supplied vectors - char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; - char* buffer_nist_iv_h = "d79cf22d504cc793c3fb6c89"; - // char* buffer_cyber_chef_mac_h = "99eff39be8327e6950f03a329209d577"; - char* buffer_cyber_chef_mac_h = "34d0e323f5e4b80426401d4aa37930da"; - char* buffer_nist_pt_h = "722ee47da4b77424733546c2d400c4e5"; - - // Create a MAC'd frame by adding our headers and a fecf - // | Header | SPI | iv | plaintext | mac |fecf| - char* buffer_nist_mac_frame_h = - "2003003500FF0009D79CF22D504CC793C3FB6C8A722ee47da4b77424733546c2d400c4e534d0e323f5e4b80426401d4aa37930009f68"; - - uint8_t* buffer_nist_iv_b, *buffer_nist_pt_b, *buffer_nist_key_b, *buffer_cyber_chef_mac_b, - *buffer_nist_mac_frame_b, *buffer_nist_cp_b = NULL; - int buffer_nist_iv_len, buffer_nist_pt_len, buffer_nist_key_len, buffer_cyber_chef_mac_len, - buffer_nist_mac_frame_len = 0; - - // Setup Processed Frame For Decryption - TC_t* tc_nist_processed_frame; - tc_nist_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 2; - test_association->arsnw_len = 1; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); - test_association->shivf_len = 12; - test_association->iv_len = 12; - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); - memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - // TODO: Account for length of header and FECF (5+2) - hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); - // Convert/Set input IV - hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); - // Convert input mac - hex_conversion(buffer_cyber_chef_mac_h, (char**) &buffer_cyber_chef_mac_b, &buffer_cyber_chef_mac_len); - // Convert mac frame - hex_conversion(buffer_nist_mac_frame_h, (char**) &buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len); - - status = Crypto_TC_ProcessSecurity(buffer_nist_mac_frame_b, &buffer_nist_mac_frame_len, tc_nist_processed_frame); - //printf("TC_Process returned status %d\n", status); - - // Note: For comparison, interested in the TF payload (exclude headers and FECF if present) - // Calc payload index: total length - pt length - // #ifdef DEBUG - // printf("Expected MAC: "); - // for (int i=0; istmacf_len; i++) - // { - // printf("%02x ", tc_nist_processed_frame->tc_sec_trailer.mac[i]); - // } - // printf("\n"); - // #endif - - Crypto_Shutdown(); - ASSERT_EQ(CRYPTO_LIB_ERR_MAC_VALIDATION_ERROR, status); - free(buffer_nist_iv_b); - free(buffer_nist_key_b); - free(buffer_cyber_chef_mac_b); - free(buffer_nist_mac_frame_b); - free(buffer_nist_cp_b); - // free(test_association->ecs); - // sa_if->sa_close(); -} - -/** - * @brief Unit Test: Test CMAC, bitmask of 0s - **/ -UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char* buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC - char* buffer_python_mac_h = "7629961f6b92145290ad3e149940511a"; - uint8_t* buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs_len = 1; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - //sa_if->sa_get_from_spi(9, &test_association); - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char**) &buffer_python_mac_b, &buffer_python_mac_len); - - Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - if (ptr_enc_frame[enc_data_idx] != buffer_python_mac_b[i]) - { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], ptr_enc_frame[enc_data_idx]); - } - ASSERT_EQ(ptr_enc_frame[enc_data_idx], buffer_python_mac_b[i]); - enc_data_idx++; - } - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); - // free(test_association->arsn); - // sa_if->sa_close(); - // free(test_association); -} - -/** - * @brief Unit Test: Test CMAC, bitmask of 1s - **/ -UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA,1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char* buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatevr the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // 2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D - // Python output MAC - char* buffer_python_mac_h = "cf549cc15d63eab7ad25eb3089d94e6c"; - uint8_t* buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char**) &buffer_python_mac_b, &buffer_python_mac_len); - - int status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - // printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + enc_data_idx)); - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_python_mac_b[i]); - enc_data_idx++; - } - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); - // free(test_association); - // sa_if->sa_close(); -} - -/** - * @brief Unit Test: Test CMAC, bitmask of 0s - **/ -UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI| ARSN | NIST CMAC Test Vector | MAC |FECF| - char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F193942587629961f6b92145290ad3e149940511a46ce"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatevr the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // 2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D - // Zeroed out w. bitmask 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 - // Python output MAC - char* buffer_python_mac_h = "7629961f6b92145290ad3e149940511a"; - uint8_t* buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->ekid = 0; - test_association->akid = 136; - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char**) &buffer_python_mac_b, &buffer_python_mac_len); - - int32_t status = Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], (tc_sdls_processed_frame->tc_sec_trailer.mac[i])); - ASSERT_EQ(tc_sdls_processed_frame->tc_sec_trailer.mac[i], buffer_python_mac_b[i]); - enc_data_idx++; - } - - free(tc_sdls_processed_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); - // free(test_association->arsn); - // free(test_association); - // sa_if->sa_close(); -} - -/** - * @brief Unit Test: Test CMAC, bitmask of 1s - **/ -UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char* buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI| ARSN | NIST CMAC Test Vector | MAC |FECF| - char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatevr the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // char* buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // 2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258CF549CC15D63EAB7AD25EB3089D94E6C2D9D - // Python output MAC - char* buffer_python_mac_h = "cf549cc15d63eab7ad25eb3089d94e6c"; - uint8_t* buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->arsn_len = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_CMAC_AES256; - test_association->ekid = 0; - test_association->akid = 136; - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char**) &buffer_python_mac_b, &buffer_python_mac_len); - - Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); - - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], (tc_sdls_processed_frame->tc_sec_trailer.mac[i])); - ASSERT_EQ(tc_sdls_processed_frame->tc_sec_trailer.mac[i], buffer_python_mac_b[i]); - enc_data_idx++; - } - - free(tc_sdls_processed_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); - // free(test_association->arsn); - // free(test_association); -} - -/** - * @brief Unit Test: Test HMAC SHA-256, bitmask of 0s - **/ -UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - uint8_t *ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC - // 6b5953e41cffb4d15a62e25da5e092f98bd26b7487f0c98f440374d42e136f13 - // Trunc to first 16 bytes - // 6b5953e41cffb4d15a62e25da5e092f9 - char* buffer_python_mac_h = "6b5953e41cffb4d15a62e25da5e092f9"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA256; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - int status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - - for (int i = 0; i < buffer_python_mac_len; i++) - { - if (ptr_enc_frame[enc_data_idx] != buffer_python_mac_b[i]) - { - printf("[%d] Truth: %02x, Actual: %02x \n", enc_data_idx, buffer_python_mac_b[i], ptr_enc_frame[enc_data_idx]); - } - ASSERT_EQ(ptr_enc_frame[enc_data_idx], buffer_python_mac_b[i]); - enc_data_idx++; - } - - Crypto_Shutdown(); - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); -} - -/** - * @brief Unit Test: Test HMAC SHA-256, bitmask of 1s - **/ -UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - uint8_t *ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - int32_t status; - - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC - // 5d0ae5c3859d51d9c1e31681db475acba1f2cd1ade8e5ba7356ae9f2372e4444 - // Trunc to first 16 bytes - // 5d0ae5c3859d51d9c1e31681db475acb - char* buffer_python_mac_h = "5d0ae5c3859d51d9c1e31681db475acb"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA256; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - if (ptr_enc_frame[enc_data_idx] != buffer_python_mac_b[i]) - { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + enc_data_idx)); - } - ASSERT_EQ(ptr_enc_frame[enc_data_idx], buffer_python_mac_b[i]); - enc_data_idx++; - } - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); -} - -/** - * @brief Unit Test: Test HMAC SHA-512, key length 64 bytes, bitmask of 0s - **/ -UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - uint8_t *ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - int32_t status; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC - // 676e9ebdf306b7db7ad41892887342e892bcc59688caef44693c1659b6a683e844d584030b7c532105b8c2539e0aed51af6df77e87f1834e92c2085889d1c44b - // Trunc to first 16 bytes - // 676e9ebdf306b7db7ad41892887342e8 - char* buffer_python_mac_h = "676e9ebdf306b7db7ad41892887342e8"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - akp->key_len = 64; - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + enc_data_idx)); - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_python_mac_b[i]); - enc_data_idx++; - } - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); -} - -/** -* @brief Unit Test: Test HMAC SHA-512, key length 64 bytes, bitmask of 1s -**/ -UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - uint8_t *ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - int32_t status; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC - // 907bbd1d9f2fd37e541f0b1ee12f5db0b1e0cbc57cfe08aecfc74b001371db711abb39caf658ee692d418725dc92cabd8d0a93ce423ff7594adf3fd91e7a6435 - // Trunc to first 16 bytes - // 907bbd1d9f2fd37e541f0b1ee12f5db0 - char* buffer_python_mac_h = "907bbd1d9f2fd37e541f0b1ee12f5db0"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = calloc(1, sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - akp->key_len = 64; - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - // Note: For comparison, primarily interested in the MAC - // Calc payload index: total length - pt length - uint16_t enc_data_idx = enc_frame_len - buffer_python_mac_len - 2; - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", enc_data_idx, buffer_python_mac_b[i], *(ptr_enc_frame + enc_data_idx + i)); - ASSERT_EQ(*(ptr_enc_frame + enc_data_idx + i), buffer_python_mac_b[i]); - // enc_data_idx++; - } - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); -} - -/** - * @brief Unit Test: Test HMAC SHA-256, bitmask of 0s - **/ -UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - int32_t status = 0; - uint8_t *ptr_enc_frame = NULL; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | arsn | Payload | SHA 256 HMAC |FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F193942586B5953E41CFFB4D15A62E25DA5E092F969F2"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC - // 6b5953e41cffb4d15a62e25da5e092f98bd26b7487f0c98f440374d42e136f13 - // Trunc to first 16 bytes - // 6b5953e41cffb4d15a62e25da5e092f9 - char* buffer_python_mac_h = "6b5953e41cffb4d15a62e25da5e092f9"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA256; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - TC_t *tc_sdls_processed_frame; - tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - // Note: For comparison, primarily interested in the MAC - - for (int i = 0; i < buffer_python_mac_len; i++) - { - if (*(tc_sdls_processed_frame->tc_sec_trailer.mac + i) != buffer_python_mac_b[i]) - { - printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); - } - ASSERT_EQ(*(tc_sdls_processed_frame->tc_sec_trailer.mac + i), buffer_python_mac_b[i]); - } - - Crypto_Shutdown(); - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); - free(tc_sdls_processed_frame); -} - -/** - * @brief Unit Test: Test HMAC SHA-256, bitmask of 1s - **/ -UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - int32_t status = 0; - uint8_t *ptr_enc_frame = NULL; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | arsn | Payload | SHA 256 HMAC | FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F193942585d0ae5c3859d51d9c1e31681db475acb5b35"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header. - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC - // 5d0ae5c3859d51d9c1e31681db475acba1f2cd1ade8e5ba7356ae9f2372e4444 - // Trunc to first 16 bytes - // 5d0ae5c3859d51d9c1e31681db475acb - char* buffer_python_mac_h = "5d0ae5c3859d51d9c1e31681db475acb"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA256; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - TC_t *tc_sdls_processed_frame; - tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - // Note: For comparison, primarily interested in the MAC - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); - ASSERT_EQ(*(tc_sdls_processed_frame->tc_sec_trailer.mac + i), buffer_python_mac_b[i]); - } - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); - free(tc_sdls_processed_frame); -} - -/** - * @brief Unit Test: Test HMAC SHA-512, keylength of 64 bytes, bitmask of 0s - **/ -UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) -{ - remove("sa_save_file.bin"); - int32_t status = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | ARSN | Payload | SHA 512 HMAC |FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258676e9ebdf306b7db7ad41892887342e80DC5"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC - // 676e9ebdf306b7db7ad41892887342e892bcc59688caef44693c1659b6a683e844d584030b7c532105b8c2539e0aed51af6df77e87f1834e92c2085889d1c44b - // Trunc to first 16 bytes - // 676e9ebdf306b7db7ad41892887342e8 - char* buffer_python_mac_h = "676e9ebdf306b7db7ad41892887342e8"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - TC_t *tc_sdls_processed_frame; - tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - akp->key_len = 64; - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - // Note: For comparison, primarily interested in the MAC - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); - ASSERT_EQ(*(tc_sdls_processed_frame->tc_sec_trailer.mac + i), buffer_python_mac_b[i]); - } - - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); -} - -/** - * @brief Unit Test: Test HMAC SHA-512, keylength of 64 bytes, bitmask of 1s - **/ -UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) -{ - remove("sa_save_file.bin"); - int32_t status = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | ARSN | Payload | SHA 512 HMAC |FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258907bbd1d9f2fd37e541f0b1ee12f5db0679a"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" - // Python output MAC - // 907bbd1d9f2fd37e541f0b1ee12f5db0b1e0cbc57cfe08aecfc74b001371db711abb39caf658ee692d418725dc92cabd8d0a93ce423ff7594adf3fd91e7a6435 - // Trunc to first 16 bytes - // 907bbd1d9f2fd37e541f0b1ee12f5db0b1e0cbc57cfe08aecfc74b001371db711abb39caf658ee692d418725dc92cabd8d0a93ce423ff7594adf3fd91e7a6435 - char* buffer_python_mac_h = "907bbd1d9f2fd37e541f0b1ee12f5db0"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - TC_t *tc_sdls_processed_frame; - tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - akp->key_len = 64; - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - // Note: For comparison, primarily interested in the MAC - Crypto_Shutdown(); - - for (int i = 0; i < buffer_python_mac_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", i, buffer_python_mac_b[i], *(tc_sdls_processed_frame->tc_sec_trailer.mac + i)); - ASSERT_EQ(*(tc_sdls_processed_frame->tc_sec_trailer.mac + i), buffer_python_mac_b[i]); - } - - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); -} - -/** - * @brief Unit Test: Encrypts a frame, then decrypts the output to ensure the reverse doesn't error - **/ -UTEST(PLAINTEXT, ENCRYPT_DECRYPT) -{ - remove("sa_save_file.bin"); - int32_t status = CRYPTO_LIB_ERROR; - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - - char* jpl_frame_pt_h = "2003001c00ff000100001880d03e000a197f0b000300020093d4ba21c4555555555555"; - uint8_t* jpl_frame_pt_b = NULL; - int jpl_frame_pt_len = 0; - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); - - // Convert input jpl frame - hex_conversion(jpl_frame_pt_h, (char**) &jpl_frame_pt_b, &jpl_frame_pt_len); - - // Apply, save the generated frame - status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - // Process the generated frame - int len = (int)enc_frame_len; - status = Crypto_TC_ProcessSecurity(ptr_enc_frame, &len, tc_sdls_processed_frame); - Crypto_Shutdown(); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); -} - -/** - * @brief Unit Test: Test HMAC SHA-512, encryption key length too short - * Supply a 32-byte key when SHA512 requires a 64-byte key - **/ -UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) -{ - remove("sa_save_file.bin"); - int32_t status = 0; - uint8_t *ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header | NIST CMAC Test Vector |FECF| - char *buffer_frame_pt_h = "2003004600C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258C925"; - // Python truth string passed below is ZEROed out, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC - // 75c570016a9458a71cea6aaca6ff46971ea007ed0a84e97fd2df79f6634c3efbb62edef3d1fb6549d0c9319e2d1dea866f634f67a2006c435b5bd2a3dd314fef - // Trunc to first 16 bytes - // 75c570016a9458a71cea6aaca6ff4697 - char* buffer_python_mac_h = "75c570016a9458a71cea6aaca6ff4697"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - akp->key_len = 32; - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ApplySecurity(buffer_frame_pt_b, buffer_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(status, CRYPTO_LIB_ERR_KEY_LENGTH_ERROR); - - Crypto_Shutdown(); - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); -} - -/** - * @brief Unit Test: Test HMAC SHA-512, decryption key too short for algorithm - **/ -UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) -{ - remove("sa_save_file.bin"); - int32_t status = 0; - uint8_t *ptr_enc_frame = NULL; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - GvcidManagedParameters_t TC_UT_Managed_Parameters = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - TC_UT_Managed_Parameters.vcid = 1; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* akp = NULL; - - // NIST supplied vectors - // NOTE: Added Transfer Frame header to the plaintext - char *buffer_nist_key_h = "b228c753292acd5df351000a591bf960d8555c3f6284afe7c6846cbb6c6f5445"; - // | Header |SPI | arsn | Payload | SHA 512 HMAC |FECF| - char *buffer_frame_pt_h = "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F1939425875c570016a9458a71cea6aaca6ff46970f67"; - // Python truth string passed below, not including a MAC or FECF which isn't hashed against, but the LENGTH (including fecf) needs to be updated in the Tf Header - // Length is dependent on whatever the variable mac length to be updated in the header - // | Header |SPI| ARSN | NIST CMAC Frame Data | - // "2003005C00000900000000C66D322247EBF272E6A353F9940B00847CF78E27F2BC0C81A696DB411E47C0E9630137D3FA860A71158E23D80B699E8006E52345FB7273B2E084407F19394258"; - // Python output MAC - // 75c570016a9458a71cea6aaca6ff46971ea007ed0a84e97fd2df79f6634c3efbb62edef3d1fb6549d0c9319e2d1dea866f634f67a2006c435b5bd2a3dd314fef - // Trunc to first 16 bytes - // 75c570016a9458a71cea6aaca6ff4697 - char* buffer_python_mac_h = "75c570016a9458a71cea6aaca6ff4697"; - uint8_t *buffer_frame_pt_b, *buffer_nist_key_b, *buffer_python_mac_b = NULL; - int buffer_frame_pt_len, buffer_nist_key_len, buffer_python_mac_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t *test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Deactivate SA 1 - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - // Activate SA 9 - sa_if->sa_get_from_spi(9, &test_association); - test_association->ast = 1; - test_association->est = 0; - test_association->shivf_len = 0; - test_association->iv_len = 0; - test_association->shsnf_len = 4; - test_association->arsn_len = 4; - test_association->abm_len = 1024; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask - test_association->stmacf_len = 16; - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = CRYPTO_MAC_HMAC_SHA512; - test_association->ekid = 0; - test_association->akid = 136; - test_association->gvcid_blk.tfvn = 0; - - TC_t *tc_sdls_processed_frame; - tc_sdls_processed_frame = calloc(1, sizeof(uint8_t) * TC_SIZE); - - // Insert key into keyring of SA 9 - hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - akp = key_if->get_key(test_association->akid); - memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); - akp->key_len = 32; - - // Convert input plaintext - hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); - // Convert input mac - hex_conversion(buffer_python_mac_h, (char **)&buffer_python_mac_b, &buffer_python_mac_len); - - status = Crypto_TC_ProcessSecurity(buffer_frame_pt_b, &buffer_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(CRYPTO_LIB_ERR_KEY_LENGTH_ERROR, status); - - free(ptr_enc_frame); - free(buffer_frame_pt_b); - free(buffer_nist_key_b); - free(buffer_python_mac_b); - free(tc_sdls_processed_frame); -} - -UTEST_MAIN(); From 9e97406a7237b2983a14e515846552013288fc2a Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 29 Oct 2024 20:42:25 +0000 Subject: [PATCH 155/241] [nasa/cryptolib#332] Added struct size UT and fixed PDU_SWITCH - many of these now return errors with a null ingest --- include/crypto_structs.h | 26 ++++---- test/unit/ut_crypto.c | 125 ++++++++++++++++++++++++++++++--------- 2 files changed, 111 insertions(+), 40 deletions(-) diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 2498002e..5de7a321 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -46,7 +46,7 @@ typedef struct uint16_t scid : 16; // Spacecraft ID uint16_t vcid : 6; // Virtual Channel ID uint8_t mapid : 6; // Multiplexer Access Point ID -} crypto_gvcid_t; +} __attribute__((packed)) crypto_gvcid_t; #define CRYPTO_GVCID_SIZE (sizeof(crypto_gvcid_t)) /* @@ -88,7 +88,7 @@ typedef struct uint8_t arsnw_len : 8; // Anti-Replay Seq Num Window Length uint16_t arsnw; // Anti-Replay Seq Num Window -} SecurityAssociation_t; +} __attribute__((packed)) SecurityAssociation_t; #define SA_SIZE (sizeof(SecurityAssociation_t)) /* @@ -104,7 +104,7 @@ typedef struct uint8_t ispif : 1; // Invalid SPI Flag uint16_t lspiu : 16; // Last SPI Used uint8_t snval : 8; // SN Value (LSB) -} SDLS_FSR_t; +} __attribute__((packed)) SDLS_FSR_t; #define SDLS_FSR_SIZE (sizeof(SDLS_FSR_t)) typedef struct @@ -275,7 +275,7 @@ typedef struct uint8_t vcid : 6; // Virtual Channel ID uint16_t fl : 10; // The whole transfer frame length (max 1024) uint8_t fsn : 8; // Frame sequence number, also N(S), zeroed on Type-B frames -} TC_FramePrimaryHeader_t; +} __attribute__((packed)) TC_FramePrimaryHeader_t; #define TC_FRAME_PRIMARYHEADER_STRUCT_SIZE (sizeof(TC_FramePrimaryHeader_t)) #define TC_FRAME_HEADER_SIZE 5 @@ -289,7 +289,7 @@ typedef struct uint8_t sn_field_len; uint8_t pad[PAD_SIZE]; // Count of the used fill Bytes uint8_t pad_field_len; -} TC_FrameSecurityHeader_t; +} __attribute__((packed)) TC_FrameSecurityHeader_t; #define TC_FRAME_SECHEADER_SIZE (sizeof(TC_FrameSecurityHeader_t)) typedef struct @@ -297,7 +297,7 @@ typedef struct uint8_t mac[MAC_SIZE]; // Message Authentication Code uint8_t mac_field_len; uint16_t fecf; // Frame Error Control Field -} TC_FrameSecurityTrailer_t; +} __attribute__((packed)) TC_FrameSecurityTrailer_t; #define TC_FRAME_SECTRAILER_SIZE (sizeof(TC_FrameSecurityTrailer_t)) typedef struct @@ -307,7 +307,7 @@ typedef struct uint8_t tc_pdu[TC_FRAME_DATA_SIZE]; uint16_t tc_pdu_len; TC_FrameSecurityTrailer_t tc_sec_trailer; -} TC_t; +} __attribute__((packed)) TC_t; #define TC_SIZE (sizeof(TC_t)) /* @@ -342,7 +342,7 @@ typedef struct CCSDS_HDR_t hdr; CCSDS_PUS_t pus; SDLS_TLV_t pdu; -} CCSDS_t; +} __attribute__((packed)) CCSDS_t; #define CCSDS_SIZE (sizeof(CCSDS_t)) /* @@ -370,7 +370,7 @@ typedef struct uint8_t fbc : 2; // FARM-B Counter uint8_t spare1 : 1; // Reserved Spare "0" uint8_t rv : 8; // Report Value -} Telemetry_Frame_Ocf_Clcw_t; +} __attribute__((packed)) Telemetry_Frame_Ocf_Clcw_t; #define TELEMETRY_FRAME_OCF_CLCW_SIZE (sizeof(Telemetry_Frame_Ocf_Clcw_t)) @@ -386,7 +386,7 @@ typedef struct uint8_t bsaf : 1; // Bad Security Association Flag uint16_t lspi : 16; // Last SPI Used uint8_t snval : 8; // Sequence Number Value (LSB) -} Telemetry_Frame_Ocf_Fsr_t; +} __attribute__((packed)) Telemetry_Frame_Ocf_Fsr_t; #define TELEMETRY_FRAME_OCF_FSR_SIZE (sizeof(Telemetry_Frame_Ocf_Fsr_t)) @@ -463,10 +463,10 @@ typedef struct uint8_t spare : 2; // Reserved Spare // 0 = Shall be set to 0 // Sync Flag 1 = Undefined - uint8_t vfcc : 2; // VC Frame Count cycle + uint8_t vfcc : 4; // VC Frame Count cycle // Sync Flag 0 = Shall be 11 // Sync Flag 1 = Undefined - uint16_t fhp : 11; // First Header Pointer + uint16_t fhp : 16; // First Header Pointer // Sync Flag 0 = Contains position of the first byte of the first packet in the data field // Sync Flag 1 = undefined } AOS_FramePrimaryHeader_t; @@ -493,7 +493,7 @@ typedef struct AOS_FrameSecurityHeader_t tm_sec_header; uint8_t aos_pdu[AOS_FRAME_DATA_SIZE]; AOS_FrameSecurityTrailer_t aos_sec_trailer; -} AOS_t; +} __attribute__((packed)) AOS_t; #define AOS_SIZE (sizeof(AOS_t)) #define AOS_MIN_SIZE \ diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 96d2b2bc..20d6ff52 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -112,8 +112,8 @@ UTEST(CRYPTO_C, PDU_SWITCH) Crypto_Init(); - sdls_frame.hdr.type = 0; - sdls_frame.pdu.hdr.uf = 0; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.uf = PDU_USER_FLAG_FALSE; printf("SG_KEY_MGMT\n"); sdls_frame.pdu.hdr.sg = SG_KEY_MGMT; sdls_frame.pdu.hdr.pid = PID_OTAR; @@ -123,149 +123,176 @@ UTEST(CRYPTO_C, PDU_SWITCH) status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_ACTIVATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_DEACTIVATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.pdu_len = 0; + //sdls_frame.pdu.hdr.pdu_len = 0; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_VERIFICATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_DESTRUCTION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_INVENTORY; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = SG_KEY_MGMT; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("SG_SA_MGMT\n"); sdls_frame.pdu.hdr.sg = SG_SA_MGMT; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_CREATE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_DELETE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_SET_ARSNW; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_REKEY_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_EXPIRE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_SET_ARSN; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_START_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_STOP_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_READ_ARSN; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_SA_STATUS; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = 0b111; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("SG_SEC_MON_CTRL\n"); sdls_frame.pdu.hdr.sg = SG_SEC_MON_CTRL; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_LOG_STATUS; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_DUMP_LOG; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_ERASE_LOG; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_SELF_TEST; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_ALARM_FLAG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = 0b1111; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - printf("PID_LOG_STATUS\n"); - sdls_frame.pdu.hdr.sg = PID_LOG_STATUS; - sdls_frame.pdu.hdr.pid = PID_LOG_STATUS; - status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - printf("UF_TRUE\n"); - sdls_frame.pdu.hdr.uf = 1; - sdls_frame.pdu.hdr.pid = 0; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.uf = PDU_USER_FLAG_TRUE; + sdls_frame.pdu.hdr.pid = PID_IDLE_FRAME_TRIGGER; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.pid = 1; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.pid = PID_TOGGLE_BAD_SPI; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.pid = 2; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.pid = PID_TOGGLE_BAD_IV; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.pid = 3; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.pid = PID_TOGGLE_BAD_MAC; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.pid = 4; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.pid = PID_TOGGLE_BAD_FECF; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.pid = 5; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.pid = PID_MODIFY_KEY; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.pid = 6; + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.pid = PID_MODIFY_ACTIVE_TM; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); // TODO: (RB) Disabled for now. Key Inventory needs to be re-worked. - Not currently using EP - // sdls_frame.pdu.hdr.pid = 7; - // status = Crypto_PDU(ingest, &tc_frame); - // ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; + sdls_frame.pdu.hdr.pid = PID_MODIFY_VCID; + status = Crypto_PDU(ingest, &tc_frame); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = 8; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.hdr.type = 1; sdls_frame.pdu.hdr.pid = 8; status = Crypto_PDU(ingest, &tc_frame); @@ -360,4 +387,48 @@ UTEST(CRYPTO_C, GET_ECS_ALGO_KEY_LEN) ASSERT_EQ(algo_keylen, 32); } +UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) +{ + ASSERT_EQ(CRYPTO_GVCID_SIZE, (size_t)4); + ASSERT_EQ(SA_SIZE, (size_t)2348); + ASSERT_EQ(SDLS_FSR_SIZE, (size_t)4); + ASSERT_EQ(SDLS_TLV_HDR_SIZE, (size_t)3); + ASSERT_EQ(SDLS_TLV_SIZE, (size_t)497); + ASSERT_EQ(SDLS_EKB_SIZE, (size_t)514); + ASSERT_EQ(SDLS_OTAR_SIZE, (size_t)(2 + 16 + 30*514 + 16)); + ASSERT_EQ(SDLS_KEY_SIZE, (size_t)2); + ASSERT_EQ(SDLS_KEY_INVENTORY_CMD_SIZE, (size_t)4); + ASSERT_EQ(SDLS_KEY_INVENTORY_RPLY_SIZE, (size_t)3); + ASSERT_EQ(SDLS_KEYV_CMD_BLK_SIZE, (size_t)18); + ASSERT_EQ(SDLS_KEYV_CMD_SIZE, (size_t)(29*18)); + ASSERT_EQ(SDLS_KEYV_RPLY_BLK_SIZE, (size_t)50); + ASSERT_EQ(SDLS_KEYV_RPLY_SIZE, (size_t)(50*29)); + ASSERT_EQ(SDLS_KEYDB_CMD_SIZE, (size_t)12); + ASSERT_EQ(SDLS_KEYDB_RPLY_SIZE, (size_t)38); + ASSERT_EQ(SDLS_SA_STATUS_RPLY_SIZE, (size_t)3); + ASSERT_EQ(SDLS_SA_READ_ARSN_RPLY_SIZE, (size_t)22); + ASSERT_EQ(SDLS_MC_LOG_RPLY_SIZE, (size_t)4); + ASSERT_EQ(SDLS_MC_DUMP_RPLY_SIZE, (size_t)7); + ASSERT_EQ(SDLS_MC_DUMP_BLK_RPLY_SIZE, (size_t)(7*50)); + ASSERT_EQ(SDLS_MC_ST_RPLY_SIZE, (size_t)1); + ASSERT_EQ(SDLS_MC_SN_RPLY_SIZE, (size_t)16); + ASSERT_EQ(TC_FRAME_PRIMARYHEADER_STRUCT_SIZE, (size_t)5); + ASSERT_EQ(TC_FRAME_SECHEADER_SIZE, (size_t)70); + ASSERT_EQ(TC_FRAME_SECTRAILER_SIZE, (size_t)19); + ASSERT_EQ(TC_SIZE, (size_t)(5 + 70 + 19 + 2 + 1019)); + ASSERT_EQ(CCSDS_HDR_SIZE, (size_t)6); + ASSERT_EQ(CCSDS_PUS_SIZE, (size_t)4); + ASSERT_EQ(CCSDS_SIZE, (size_t)(6 + 4 + 497)); + ASSERT_EQ(TELEMETRY_FRAME_OCF_CLCW_SIZE, (size_t)4); + ASSERT_EQ(TELEMETRY_FRAME_OCF_FSR_SIZE, (size_t)4); + ASSERT_EQ(TM_FRAME_PRIMARYHEADER_SIZE, (size_t)6); + ASSERT_EQ(TM_FRAME_SECHEADER_SIZE, (size_t)18); + ASSERT_EQ(TM_FRAME_SECTRAILER_SIZE, (size_t)22); + ASSERT_EQ(TM_SIZE, (size_t)(6 + 18 + 1786 + 22)); + ASSERT_EQ(AOS_FRAME_PRIMARYHEADER_SIZE, (size_t)8); + ASSERT_EQ(AOS_FRAME_SECHEADER_SIZE, (size_t)18); + ASSERT_EQ(AOS_FRAME_SECTRAILER_SIZE, (size_t)22); + ASSERT_EQ(AOS_SIZE, (size_t)(8 + 18 + 1786 + 22)); +} + UTEST_MAIN(); \ No newline at end of file From 14a6668bc6d9b82c5f09d34f51dfd8e1dd3d73ef Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 29 Oct 2024 20:44:26 +0000 Subject: [PATCH 156/241] [nasa/cryptolib#332] Removed TODO --- test/unit/ut_crypto.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 20d6ff52..902466cc 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -280,8 +280,6 @@ UTEST(CRYPTO_C, PDU_SWITCH) status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - // TODO: (RB) Disabled for now. Key Inventory needs to be re-worked. - Not currently using EP - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_MODIFY_VCID; status = Crypto_PDU(ingest, &tc_frame); From e96dcbaf376865c969f07d18876121ba3c9ec51e Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 29 Oct 2024 21:01:39 +0000 Subject: [PATCH 157/241] [nasa/cryptolib#332] Set sdls_frame.pdu.hdr.type back to 0 after prepping reply --- src/core/crypto.c | 1 + test/unit/ut_crypto.c | 36 +----------------------------------- 2 files changed, 2 insertions(+), 35 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 1b9eaf81..15b40df8 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -287,6 +287,7 @@ uint8_t Crypto_Prep_Reply(uint8_t *reply, uint8_t appID) reply[count++] = (sdls_frame.pdu.hdr.pdu_len & 0xFF00) >> 8; reply[count++] = (sdls_frame.pdu.hdr.pdu_len & 0x00FF); + sdls_frame.pdu.hdr.type = 0; return count; } diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 902466cc..9c209c54 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -123,175 +123,141 @@ UTEST(CRYPTO_C, PDU_SWITCH) status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_ACTIVATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_DEACTIVATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - //sdls_frame.pdu.hdr.pdu_len = 0; - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_VERIFICATION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_DESTRUCTION; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_KEY_INVENTORY; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = SG_KEY_MGMT; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("SG_SA_MGMT\n"); sdls_frame.pdu.hdr.sg = SG_SA_MGMT; - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_CREATE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_DELETE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_SET_ARSNW; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_REKEY_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_EXPIRE_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_SET_ARSN; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_START_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_STOP_SA; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_READ_ARSN; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_SA_STATUS; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = 0b111; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("SG_SEC_MON_CTRL\n"); sdls_frame.pdu.hdr.sg = SG_SEC_MON_CTRL; - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_LOG_STATUS; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_DUMP_LOG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_ERASE_LOG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_SELF_TEST; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_ALARM_FLAG; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = 0b1111; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); printf("UF_TRUE\n"); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.uf = PDU_USER_FLAG_TRUE; sdls_frame.pdu.hdr.pid = PID_IDLE_FRAME_TRIGGER; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_TOGGLE_BAD_SPI; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_TOGGLE_BAD_IV; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_TOGGLE_BAD_MAC; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_TOGGLE_BAD_FECF; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_MODIFY_KEY; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_MODIFY_ACTIVE_TM; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = PID_MODIFY_VCID; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; sdls_frame.pdu.hdr.pid = 8; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; - sdls_frame.hdr.type = 1; + sdls_frame.hdr.type = PDU_TYPE_REPLY; sdls_frame.pdu.hdr.pid = 8; status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); From f35d5db1100afdec5aa9500841f62580403524f3 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 7 Nov 2024 14:51:39 +0000 Subject: [PATCH 158/241] [nasa/cryptolib#347] Check crypto_config status before freeing --- src/core/crypto_config.c | 85 ++++++++++++++++++++++------------------ 1 file changed, 46 insertions(+), 39 deletions(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index d4101e56..2dff325f 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -636,48 +636,55 @@ int32_t crypto_free_config_structs(void) { int32_t status = CRYPTO_LIB_SUCCESS; - // free(crypto_config); //no strings in this struct, just free it. - crypto_config.init_status = UNITIALIZED; - - // Config structs with char* types that are malloc'd and must be freed individually. - if (sa_mariadb_config != NULL) - { - free(sa_mariadb_config->mysql_username); - free(sa_mariadb_config->mysql_password); - free(sa_mariadb_config->mysql_hostname); - free(sa_mariadb_config->mysql_database); - free(sa_mariadb_config->mysql_mtls_cert); - free(sa_mariadb_config->mysql_mtls_key); - free(sa_mariadb_config->mysql_mtls_ca); - free(sa_mariadb_config->mysql_mtls_capath); - free(sa_mariadb_config->mysql_mtls_client_key_password); - free(sa_mariadb_config); - sa_mariadb_config = NULL; - } - if (cryptography_kmc_crypto_config != NULL) + if (crypto_config.init_status == UNITIALIZED) { - free(cryptography_kmc_crypto_config->kmc_crypto_hostname); - free(cryptography_kmc_crypto_config->protocol); - free(cryptography_kmc_crypto_config->kmc_crypto_app_uri); - free(cryptography_kmc_crypto_config->mtls_client_cert_path); - free(cryptography_kmc_crypto_config->mtls_client_cert_type); - free(cryptography_kmc_crypto_config->mtls_client_key_path); - free(cryptography_kmc_crypto_config->mtls_client_key_pass); - free(cryptography_kmc_crypto_config->mtls_ca_bundle); - free(cryptography_kmc_crypto_config->mtls_ca_path); - free(cryptography_kmc_crypto_config->mtls_issuer_cert); - free(cryptography_kmc_crypto_config); - cryptography_kmc_crypto_config = NULL; + status = CRYPTO_LIB_SUCCESS; } - if (cam_config != NULL) + else { - free(cam_config->cookie_file_path); - free(cam_config->keytab_file_path); - free(cam_config->access_manager_uri); - free(cam_config->username); - free(cam_config->cam_home); - free(cam_config); - cam_config = NULL; + // free(crypto_config); //no strings in this struct, just free it. + crypto_config.init_status = UNITIALIZED; + + // Config structs with char* types that are malloc'd and must be freed individually. + if (sa_mariadb_config != NULL) + { + free(sa_mariadb_config->mysql_username); + free(sa_mariadb_config->mysql_password); + free(sa_mariadb_config->mysql_hostname); + free(sa_mariadb_config->mysql_database); + free(sa_mariadb_config->mysql_mtls_cert); + free(sa_mariadb_config->mysql_mtls_key); + free(sa_mariadb_config->mysql_mtls_ca); + free(sa_mariadb_config->mysql_mtls_capath); + free(sa_mariadb_config->mysql_mtls_client_key_password); + free(sa_mariadb_config); + sa_mariadb_config = NULL; + } + if (cryptography_kmc_crypto_config != NULL) + { + free(cryptography_kmc_crypto_config->kmc_crypto_hostname); + free(cryptography_kmc_crypto_config->protocol); + free(cryptography_kmc_crypto_config->kmc_crypto_app_uri); + free(cryptography_kmc_crypto_config->mtls_client_cert_path); + free(cryptography_kmc_crypto_config->mtls_client_cert_type); + free(cryptography_kmc_crypto_config->mtls_client_key_path); + free(cryptography_kmc_crypto_config->mtls_client_key_pass); + free(cryptography_kmc_crypto_config->mtls_ca_bundle); + free(cryptography_kmc_crypto_config->mtls_ca_path); + free(cryptography_kmc_crypto_config->mtls_issuer_cert); + free(cryptography_kmc_crypto_config); + cryptography_kmc_crypto_config = NULL; + } + if (cam_config != NULL) + { + free(cam_config->cookie_file_path); + free(cam_config->keytab_file_path); + free(cam_config->access_manager_uri); + free(cam_config->username); + free(cam_config->cam_home); + free(cam_config); + cam_config = NULL; + } } return status; } From a2a1661aebcc494498b4ba9406cb5067f74c4831 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 11 Nov 2024 16:30:25 +0000 Subject: [PATCH 159/241] [nasa/cryptolib#349] Added Issue/PR templates --- .../workflows/ISSUE_TEMPLATE/1-BUG_REPORT.yml | 66 +++++++++++++++++++ .../ISSUE_TEMPLATE/2-FEATURE_REQUEST.yml | 23 +++++++ .github/workflows/ISSUE_TEMPLATE/config.yml | 1 + .../pull_request_template.md | 16 +++++ 4 files changed, 106 insertions(+) create mode 100644 .github/workflows/ISSUE_TEMPLATE/1-BUG_REPORT.yml create mode 100644 .github/workflows/ISSUE_TEMPLATE/2-FEATURE_REQUEST.yml create mode 100644 .github/workflows/ISSUE_TEMPLATE/config.yml create mode 100644 .github/workflows/PULL_REQUEST_TEMPLATE/pull_request_template.md diff --git a/.github/workflows/ISSUE_TEMPLATE/1-BUG_REPORT.yml b/.github/workflows/ISSUE_TEMPLATE/1-BUG_REPORT.yml new file mode 100644 index 00000000..e17c0b1e --- /dev/null +++ b/.github/workflows/ISSUE_TEMPLATE/1-BUG_REPORT.yml @@ -0,0 +1,66 @@ +name: "🐛 Bug Report" +description: Create a new ticket for a bug. +title: "🐛 [BUG] - " +labels: [ + "bug" +] +body: + - type: textarea + id: description + attributes: + label: "Description" + description: Please enter an explicit description of your issue + placeholder: Short and explicit description of your incident... + validations: + required: true + - type: input + id: reprod-url + attributes: + label: "Branch Name" + description: Please enter the branch / link to fork + placeholder: ex. 'dev' or https://github.com/USERNAME/REPO-NAME + validations: + required: false + - type: textarea + id: reprod + attributes: + label: "Reproduction steps" + description: Please enter an explicit description of your issue + value: | + 1. Go to '...' + 2. Click on '....' + 3. Scroll down to '....' + 4. See error + render: bash + validations: + required: true + - type: textarea + id: screenshot + attributes: + label: "Screenshots" + description: If applicable, add screenshots to help explain your problem. + value: | + ![DESCRIPTION](LINK.png) + render: bash + validations: + required: false + - type: textarea + id: logs + attributes: + label: "Logs" + description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. + render: bash + validations: + required: false + - type: dropdown + id: os + attributes: + label: "OS" + description: What is the impacted environment ? + multiple: true + options: + - Windows + - Linux + - Mac + validations: + required: true \ No newline at end of file diff --git a/.github/workflows/ISSUE_TEMPLATE/2-FEATURE_REQUEST.yml b/.github/workflows/ISSUE_TEMPLATE/2-FEATURE_REQUEST.yml new file mode 100644 index 00000000..e7b58a90 --- /dev/null +++ b/.github/workflows/ISSUE_TEMPLATE/2-FEATURE_REQUEST.yml @@ -0,0 +1,23 @@ +name: "💡 Feature Request" +description: Create a new ticket for a new feature request +title: "💡 [REQUEST] - <title>" +labels: [ + "question" +] +body: + - type: textarea + id: summary + attributes: + label: "Summary" + description: Provide a brief explanation of the feature + placeholder: Describe in a few lines your feature request + validations: + required: true + - type: textarea + id: basic_example + attributes: + label: "Use Case" + description: Indicate here some basic examples of your feature. + placeholder: A few specific words about your feature request. + validations: + required: true \ No newline at end of file diff --git a/.github/workflows/ISSUE_TEMPLATE/config.yml b/.github/workflows/ISSUE_TEMPLATE/config.yml new file mode 100644 index 00000000..ec4bb386 --- /dev/null +++ b/.github/workflows/ISSUE_TEMPLATE/config.yml @@ -0,0 +1 @@ +blank_issues_enabled: false \ No newline at end of file diff --git a/.github/workflows/PULL_REQUEST_TEMPLATE/pull_request_template.md b/.github/workflows/PULL_REQUEST_TEMPLATE/pull_request_template.md new file mode 100644 index 00000000..231381cb --- /dev/null +++ b/.github/workflows/PULL_REQUEST_TEMPLATE/pull_request_template.md @@ -0,0 +1,16 @@ +### All Submissions: + +* [ ] Have you followed the guidelines in our [Contributing](https://github.com/nasa/CryptoLib/blob/main/doc/CryptoLib_Indv_CLA.pdf) document? +* [ ] Have you checked to ensure there aren't other open [Pull Requests](https://github.com/nasa/cryptolib/pulls) for the same update/change? + +### New Feature Submissions: + +* [ ] Does your submission pass tests? + +### Changes to Core Features: + +* [ ] Have you added an explanation of what your changes do and why you'd like us to include them? + +### How do you test these changes? + +<input type="text" id="explain" name="explain"/> \ No newline at end of file From ab0e8c1324cbaafbe486e8355442b54e3d3cd9c4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 15 Nov 2024 16:23:04 +0000 Subject: [PATCH 160/241] [nasa/cryptolib#336] Replace key_mgmt magic numbers with defines --- include/crypto_config.h | 3 +++ src/core/crypto_key_mgmt.c | 46 +++++++++++++++++++------------------- 2 files changed, 26 insertions(+), 23 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 7dc1d139..e2d6e6de 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -112,6 +112,7 @@ #define SPI_LEN 2 /* bytes */ #define KEY_SIZE 512 /* bytes */ #define KEY_ID_SIZE 8 +#define MKID_MAX 128 #define NUM_KEYS 256 #define DISABLED 0 #define ENABLED 1 @@ -131,6 +132,7 @@ #define CHALLENGE_SIZE 16 /* bytes */ #define CHALLENGE_MAC_SIZE 16 /* bytes */ #define BYTE_LEN 8 /* bits */ +#define CRYPTOLIB_APPID 128 // Monitoring and Control Defines #define EMV_SIZE 4 /* bytes */ @@ -206,6 +208,7 @@ #define AOS_FILL_SIZE 1145 /* bytes */ // SDLS Behavior Defines +#define SDLS_OTAR_IV_OFFSET 2 #define SDLS_KEYV_MAX_KEYS 21 /* keys */ #define SDLS_IV_LEN 12 /* bytes */ #define SDLS_KEYV_KEY_ID_LEN 2 /* bytes */ diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 28b55829..b3a99e11 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -50,12 +50,12 @@ int32_t Crypto_Key_OTAR(void) crypto_key_t *ekp = NULL; // Master Key ID - packet.mkid = (sdls_frame.pdu.data[0] << 8) | (sdls_frame.pdu.data[1]); + packet.mkid = (sdls_frame.pdu.data[0] << BYTE_LEN) | (sdls_frame.pdu.data[1]); #ifdef DEBUG printf("# PDU Keys: %d\n", pdu_keys); printf("MKID: %d\n", packet.mkid); #endif - if (packet.mkid >= 128) + if (packet.mkid >= MKID_MAX) { report.af = 1; if (log_summary.rs > 0) @@ -76,11 +76,11 @@ int32_t Crypto_Key_OTAR(void) return status; } - for (count = 2; count < (2 + SDLS_IV_LEN); count++) + for (count = SDLS_OTAR_IV_OFFSET; count < (SDLS_OTAR_IV_OFFSET + SDLS_IV_LEN); count++) { // Initialization Vector - packet.iv[count - 2] = sdls_frame.pdu.data[count]; + packet.iv[count - SDLS_OTAR_IV_OFFSET] = sdls_frame.pdu.data[count]; #ifdef DEBUG - printf("packet.iv[%d] = 0x%02x\n", count - 2, packet.iv[count - 2]); + printf("packet.iv[%d] = 0x%02x\n", count - SDLS_OTAR_IV_OFFSET, packet.iv[count - SDLS_OTAR_IV_OFFSET]); #endif } @@ -124,8 +124,8 @@ int32_t Crypto_Key_OTAR(void) // Read in Decrypted Data for (count = 14; x < pdu_keys; x++) { // Encrypted Key Blocks - packet.EKB[x].ekid = (sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]); - if (packet.EKB[x].ekid < 128) + packet.EKB[x].ekid = (sdls_frame.pdu.data[count] << BYTE_LEN) | (sdls_frame.pdu.data[count + 1]); + if (packet.EKB[x].ekid < CRYPTOLIB_APPID) { report.af = 1; if (log_summary.rs > 0) @@ -213,7 +213,7 @@ int32_t Crypto_Key_update(uint8_t state) // Read in PDU for (x = 0; x < pdu_keys; x++) { - packet.kblk[x].kid = (sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]); + packet.kblk[x].kid = (sdls_frame.pdu.data[count] << BYTE_LEN) | (sdls_frame.pdu.data[count + 1]); count = count + 2; #ifdef PDU_DEBUG if (x != (pdu_keys - 1)) @@ -253,7 +253,7 @@ int32_t Crypto_Key_update(uint8_t state) // Update Key State for (x = 0; x < pdu_keys; x++) { - if (packet.kblk[x].kid < 128) + if (packet.kblk[x].kid < MKID_MAX) { report.af = 1; if (log_summary.rs > 0) @@ -327,24 +327,24 @@ int32_t Crypto_Key_inventory(uint8_t *ingest) } // Read in PDU - packet.kid_first = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); + packet.kid_first = ((uint8_t)sdls_frame.pdu.data[count] << BYTE_LEN) | ((uint8_t)sdls_frame.pdu.data[count + 1]); count = count + 2; - packet.kid_last = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); + packet.kid_last = ((uint8_t)sdls_frame.pdu.data[count] << BYTE_LEN) | ((uint8_t)sdls_frame.pdu.data[count + 1]); count = count + 2; // Prepare for Reply range = packet.kid_last - packet.kid_first + 1; - sdls_frame.pdu.hdr.pdu_len = (SDLS_KEY_INVENTORY_RPLY_SIZE * (range)) * 8; + sdls_frame.pdu.hdr.pdu_len = (SDLS_KEY_INVENTORY_RPLY_SIZE * (range)) * BYTE_LEN; sdls_frame.hdr.pkt_length = - (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 2 + 9; // 2 = Num Keys Returned Field (2 Bytes) - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1 + 2; // 2 = Num Keys Returned Field (2 Bytes) + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); - sdls_ep_reply[count++] = ((range & 0xFF00) >> 8); + sdls_ep_reply[count++] = ((range & 0xFF00) >> BYTE_LEN); sdls_ep_reply[count++] = (range & 0x00FF); for (x = packet.kid_first; x <= packet.kid_last; x++) { // Key ID - sdls_ep_reply[count++] = ((x & 0xFF00) >> 8); + sdls_ep_reply[count++] = ((x & 0xFF00) >> BYTE_LEN); sdls_ep_reply[count++] = (x & 0x00FF); // Get Key ekp = key_if->get_key(x); @@ -397,7 +397,7 @@ int32_t Crypto_Key_verify(TC_t *tc_frame) for (x = 0; x < pdu_keys; x++) { // Key ID - packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | ((uint8_t)sdls_frame.pdu.data[count + 1]); + packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[count] << BYTE_LEN) | ((uint8_t)sdls_frame.pdu.data[count + 1]); count += 2; #ifdef PDU_DEBUG printf("\tCrypto_Key_verify: Block %d Key ID is %d ", x, packet.blk[x].kid); @@ -415,20 +415,20 @@ int32_t Crypto_Key_verify(TC_t *tc_frame) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = - pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * 8; + pdu_keys * (SDLS_KEYV_KEY_ID_LEN + SDLS_IV_LEN + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE) * BYTE_LEN; // length = pdu_len + HDR + PUS - 1 (per CCSDS Convention) if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { sdls_frame.hdr.pkt_length = - CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / 8) - 1; + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; } else { - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / 8) - 1; + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; } - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); uint16_t pdu_data_idx = count; for (x = 0; x < pdu_keys; x++) @@ -436,8 +436,8 @@ int32_t Crypto_Key_verify(TC_t *tc_frame) // Key ID sdls_ep_keyv_reply.blk[x].kid = packet.blk[x].kid; - sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; - sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> 8; + sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> BYTE_LEN; + sdls_ep_reply[pdu_data_idx] = (packet.blk[x].kid & 0xFF00) >> BYTE_LEN; pdu_data_idx += 1; sdls_frame.pdu.data[pdu_data_idx] = (packet.blk[x].kid & 0x00FF); From 1124a65df5118a1f551725b8a53a881f629c7bfd Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 15 Nov 2024 16:28:33 +0000 Subject: [PATCH 161/241] [nasa/cryptolib#336] Replace MC magic numbers with defines --- src/core/crypto_mc.c | 48 ++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 4f90bfcd..997bc7c0 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -37,8 +37,8 @@ int32_t Crypto_MC_ping(uint8_t *ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = 0; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); #ifdef PDU_DEBUG printf("MC Ping Reply: \t 0x"); @@ -64,15 +64,15 @@ int32_t Crypto_MC_status(uint8_t *ingest) uint8_t count = 0; // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * BYTE_LEN; + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // PDU - sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> 8; + sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> BYTE_LEN; count++; sdls_ep_reply[count] = (log_summary.num_se & 0x00FF); count++; - sdls_ep_reply[count] = (log_summary.rs & 0xFF00) >> 8; + sdls_ep_reply[count] = (log_summary.rs & 0xFF00) >> BYTE_LEN; count++; sdls_ep_reply[count] = (log_summary.rs & 0x00FF); count++; @@ -105,15 +105,15 @@ int32_t Crypto_MC_dump(uint8_t *ingest) int y; // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_DUMP_RPLY_SIZE * log_count) * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_DUMP_RPLY_SIZE * log_count) * BYTE_LEN; + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // PDU for (x = 0; x < log_count; x++) { sdls_ep_reply[count] = mc_log.blk[x].emt; count++; - sdls_ep_reply[count] = (mc_log.blk[x].em_len & 0xFF00) >> 8; + sdls_ep_reply[count] = (mc_log.blk[x].em_len & 0xFF00) >> BYTE_LEN; count++; sdls_ep_reply[count] = (mc_log.blk[x].em_len & 0x00FF); count++; @@ -179,15 +179,15 @@ int32_t Crypto_MC_erase(uint8_t *ingest) log_summary.rs = LOG_SIZE; // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * 8; // 4 - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * BYTE_LEN; // 4 + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // PDU - sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> 8; + sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> BYTE_LEN; count++; sdls_ep_reply[count] = (log_summary.num_se & 0x00FF); count++; - sdls_ep_reply[count] = (log_summary.rs & 0xFF00) >> 8; + sdls_ep_reply[count] = (log_summary.rs & 0xFF00) >> BYTE_LEN; count++; sdls_ep_reply[count] = (log_summary.rs & 0x00FF); count++; @@ -222,10 +222,10 @@ int32_t Crypto_MC_selftest(uint8_t *ingest) // TODO: Perform test // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_ST_RPLY_SIZE)*8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + (SDLS_TLV_HDR_SIZE) + 9; + sdls_frame.pdu.hdr.pdu_len = SDLS_MC_ST_RPLY_SIZE * BYTE_LEN; + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; sdls_frame.pdu.data[0] = result; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); sdls_ep_reply[count] = result; count++; @@ -264,7 +264,7 @@ int32_t Crypto_SA_readARSN(uint8_t *ingest) int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; if (sa_if->sa_get_from_spi(spi, &sa_ptr) != CRYPTO_LIB_SUCCESS) { @@ -275,12 +275,12 @@ int32_t Crypto_SA_readARSN(uint8_t *ingest) if (status == CRYPTO_LIB_SUCCESS) { // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = (SPI_LEN + sa_ptr->arsn_len) * 8; // bits - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - uint8_t count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.pdu.hdr.pdu_len = (SPI_LEN + sa_ptr->arsn_len) * BYTE_LEN; // bits + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + uint8_t count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // Write SPI to reply - sdls_ep_reply[count] = (spi & 0xFF00) >> 8; + sdls_ep_reply[count] = (spi & 0xFF00) >> BYTE_LEN; count++; sdls_ep_reply[count] = (spi & 0x00FF); count++; From 234d64f155d6be155f3fff97d76c5d4d66beb3fd Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 15 Nov 2024 16:33:16 +0000 Subject: [PATCH 162/241] [nasa/cryptolib#336] Replace sa_mgmt magic numbers with defines --- .../internal/sa_interface_inmemory.template.c | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index d981b0c2..60fdf9af 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1112,7 +1112,7 @@ static int32_t sa_stop(void) int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); // Check SPI exists and in 'Active' state @@ -1178,7 +1178,7 @@ static int32_t sa_rekey(void) int x = 0; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; + spi = ((uint8_t)sdls_frame.pdu.data[count] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[count + 1]; count = count + 2; // Check SPI exists and in 'Unkeyed' state @@ -1195,7 +1195,7 @@ static int32_t sa_rekey(void) if (sa[spi].sa_state == SA_UNKEYED) { // Encryption Key - sa[spi].ekid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1]; + sa[spi].ekid = ((uint8_t)sdls_frame.pdu.data[count] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[count + 1]; count = count + 2; // Authentication Key @@ -1265,7 +1265,7 @@ static int32_t sa_expire(void) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); // Check SPI exists and in 'Keyed' state @@ -1312,7 +1312,7 @@ static int32_t sa_create(void) int x; // Read sdls_frame.pdu.data - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; #ifdef DEBUG printf("spi = %d \n", spi); #endif @@ -1351,7 +1351,7 @@ static int32_t sa_create(void) { sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1])); + sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << BYTE_LEN) | (sdls_frame.pdu.data[count + 1])); count = count + 2; for (x = 0; x < sa[spi].abm_len; x++) { @@ -1397,7 +1397,7 @@ static int32_t sa_delete(void) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; #ifdef DEBUG printf("spi = %d \n", spi); #endif @@ -1447,7 +1447,7 @@ static int32_t sa_setARSN(void) int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); // TODO: Check SA type (authenticated, encrypted, both) and set appropriately @@ -1505,7 +1505,7 @@ static int32_t sa_setARSNW(void) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; #ifdef PDU_DEBUG printf("spi = %d \n", spi); #endif @@ -1555,7 +1555,7 @@ static int32_t sa_status(uint8_t *ingest) uint16_t spi = 0x0000; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; printf("spi = %d \n", spi); // Check SPI exists @@ -1563,11 +1563,11 @@ static int32_t sa_status(uint8_t *ingest) { printf("SIZE: %ld\n", SDLS_SA_STATUS_RPLY_SIZE); // Prepare for Reply - sdls_frame.pdu.hdr.pdu_len = SDLS_SA_STATUS_RPLY_SIZE * 8; - sdls_frame.hdr.pkt_length = (sdls_frame.pdu.hdr.pdu_len / 8) + SDLS_TLV_HDR_SIZE + 9; - count = Crypto_Prep_Reply(sdls_ep_reply, 128); + sdls_frame.pdu.hdr.pdu_len = SDLS_SA_STATUS_RPLY_SIZE * BYTE_LEN; + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // PDU - sdls_ep_reply[count++] = (spi & 0xFF00) >> 8; + sdls_ep_reply[count++] = (spi & 0xFF00) >> BYTE_LEN; sdls_ep_reply[count++] = (spi & 0x00FF); sdls_ep_reply[count++] = sa[spi].lpid; } From e515db74fff814dd184f9e945ded628a73314363 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Tue, 3 Dec 2024 17:04:20 -0500 Subject: [PATCH 163/241] [nasa/cryptolib#355] Add checks for OTAR decryption and Key verification encryption. Need to add UTs --- src/core/crypto_key_mgmt.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index b3a99e11..96b41d4a 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -121,6 +121,15 @@ int32_t Crypto_Key_OTAR(void) NULL // cam_cookies ); + // If decryption errors, return + if (status != CRYPTO_LIB_SUCCESS) + { +#ifdef DEBUG + printf(KRED "Error: OTAR AEAD Decryption failed with error %d \n" RESET, status); +#endif + return status; + } + // Read in Decrypted Data for (count = 14; x < pdu_keys; x++) { // Encrypted Key Blocks @@ -468,7 +477,7 @@ int32_t Crypto_Key_verify(TC_t *tc_frame) // Encrypt challenge uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; - cryptography_if->cryptography_aead_encrypt(&(sdls_ep_keyv_reply.blk[x].challenged[0]), // ciphertext output + status = cryptography_if->cryptography_aead_encrypt(&(sdls_ep_keyv_reply.blk[x].challenged[0]), // ciphertext output (size_t)CHALLENGE_SIZE, // length of data &(packet.blk[x].challenge[0]), // plaintext input (size_t)CHALLENGE_SIZE, // in data length @@ -488,6 +497,15 @@ int32_t Crypto_Key_verify(TC_t *tc_frame) NULL // cam_cookies ); + // If encryption errors, return + if (status != CRYPTO_LIB_SUCCESS) + { +#ifdef DEBUG + printf(KRED "Error: OTAR Key Verification encryption failed for new key index %d with error %d \n" RESET, x, status); +#endif + return status; + } + // Copy from the KEYV Blocks into the output PDU memcpy(&sdls_frame.pdu.data[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].challenged[0]), CHALLENGE_SIZE); memcpy(&sdls_ep_reply[pdu_data_idx], &(sdls_ep_keyv_reply.blk[x].challenged[0]), CHALLENGE_SIZE); From f964036f1382d04ded35b4628e8b007d56d60ec3 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Tue, 3 Dec 2024 17:07:03 -0500 Subject: [PATCH 164/241] [nasa/cryptolib#355] Have key verification continue if a single key encryption fails for some reason, don't want the other to not be verified --- src/core/crypto_key_mgmt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 96b41d4a..3d0a3de4 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -497,13 +497,13 @@ int32_t Crypto_Key_verify(TC_t *tc_frame) NULL // cam_cookies ); - // If encryption errors, return + // If encryption errors, capture something about it for testing + // We need to continue on, other keys could be successful if (status != CRYPTO_LIB_SUCCESS) { #ifdef DEBUG printf(KRED "Error: OTAR Key Verification encryption failed for new key index %d with error %d \n" RESET, x, status); #endif - return status; } // Copy from the KEYV Blocks into the output PDU From 583134bbfbd01c32cf12a10cab8fcb63b7862cba Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 02:20:02 +0000 Subject: [PATCH 165/241] [nasa/cryptolib#353] Added checks/error for key state --- include/crypto_error.h | 3 ++- src/core/crypto_aos.c | 56 ++++++++++++++++++++++++++++------------- src/core/crypto_error.c | 3 ++- src/core/crypto_tc.c | 33 +++++++++++++++++++----- src/core/crypto_tm.c | 25 ++++++++++++------ 5 files changed, 87 insertions(+), 33 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 08f3aac0..0c410272 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -130,6 +130,7 @@ #define CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL (-57) #define CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH (-58) #define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) +#define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-60) // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 @@ -150,7 +151,7 @@ #define CONFIGURATION_ERROR_CODES 100 #define CONFIGURATION_ERROR_CODES_MAX 103 -#define CRYPTO_CORE_ERROR_CODES_MAX -59 +#define CRYPTO_CORE_ERROR_CODES_MAX -60 extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index d5bf0485..f45e50f9 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -359,21 +359,31 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer) // Get Key crypto_key_t *ekp = NULL; + crypto_key_t *akp = NULL; ekp = key_if->get_key(sa_ptr->ekid); - if (ekp == NULL) + akp = key_if->get_key(sa_ptr->akid); + + if (ekp->key_state != KEY_ACTIVE || akp->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); return status; } - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - if (akp == NULL) + if (status == CRYPTO_LIB_SUCCESS) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - mc_if->mc_log(status); - return status; + if (ekp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } + + if (akp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } } /** @@ -1200,21 +1210,31 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 // Get Key crypto_key_t *ekp = NULL; + crypto_key_t *akp = NULL; ekp = key_if->get_key(sa_ptr->ekid); - if (ekp == NULL) + akp = key_if->get_key(sa_ptr->akid); + + if (ekp->key_state != KEY_ACTIVE || akp->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); return status; } - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - if (akp == NULL) + if (status == CRYPTO_LIB_SUCCESS) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - mc_if->mc_log(status); - return status; + if (ekp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } + + if (akp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } } /** diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index c5dff512..c817d306 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -80,7 +80,8 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_SPI_INDEX_OOB", (char *)"CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL", (char *)"CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH", - (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR"}; + (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR", + (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID"}; char *crypto_enum_errlist_config[] = { (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index fae2bb0f..49fd1778 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -396,6 +396,12 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat mc_if->mc_log(status); return status; } + if (ekp->key_state != KEY_ACTIVE) + { + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + mc_if->mc_log(status); + return status; + } if (ecs_is_aead_algorithm == CRYPTO_TRUE) { // Check that key length to be used ets the algorithm requirement @@ -463,6 +469,12 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat { return CRYPTO_LIB_ERR_KEY_ID_ERROR; } + if (ekp->key_state != KEY_ACTIVE) + { + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + mc_if->mc_log(status); + return status; + } // Check that key length to be used ets the algorithm requirement if ((int32_t)akp->key_len != Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs)) @@ -1559,17 +1571,26 @@ int32_t Crypto_TC_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssoc *ekp = key_if->get_key(sa_ptr->ekid); *akp = key_if->get_key(sa_ptr->akid); - if (ekp == NULL) + if ((*ekp)->key_state != KEY_ACTIVE || (*akp)->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); } - - if ((akp == NULL) && (status == CRYPTO_LIB_SUCCESS)) + if (status == CRYPTO_LIB_SUCCESS) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - mc_if->mc_log(status); + if (ekp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + } + + if ((akp == NULL) && (status == CRYPTO_LIB_SUCCESS)) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + } } + return status; } diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 3547cf6c..378cf2a3 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -237,18 +237,29 @@ void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t *pdu_len) int32_t Crypto_TM_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; + *ekp = key_if->get_key(sa_ptr->ekid); - if (ekp == NULL) + *akp = key_if->get_key(sa_ptr->akid); + + if ((*ekp)->key_state != KEY_ACTIVE || (*akp)->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); } - - *akp = key_if->get_key(sa_ptr->akid); - if (akp == NULL && status == CRYPTO_LIB_SUCCESS) + + if (status == CRYPTO_LIB_SUCCESS) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - mc_if->mc_log(status); + if (ekp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + } + + if (akp == NULL && status == CRYPTO_LIB_SUCCESS) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + } } return status; } From e1968b7f4aeff4f7a6deaa0ba9982e2e9d4bc31e Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 02:22:45 +0000 Subject: [PATCH 166/241] [nasa/cryptolib#353] Modified unit tests to use active keys --- test/unit/ut_aos_apply.c | 80 +++++++++++++++++++++++++++----- test/unit/ut_aos_process.c | 16 +++++++ test/unit/ut_tc_process.c | 28 ++++++++++++ test/unit/ut_tm_apply.c | 83 +++++++++++++++++++++++++++++++++ test/unit/ut_tm_process.c | 94 ++++++++++++++++++++++++++++++++++++++ 5 files changed, 290 insertions(+), 11 deletions(-) diff --git a/test/unit/ut_aos_apply.c b/test/unit/ut_aos_apply.c index 5e24af1e..9a85a1b6 100644 --- a/test/unit/ut_aos_apply.c +++ b/test/unit/ut_aos_apply.c @@ -252,6 +252,17 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); + SecurityAssociation_t *test_association; + sa_if->sa_get_from_spi(10, &test_association); + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); @@ -376,6 +387,17 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); + SecurityAssociation_t *test_association; + sa_if->sa_get_from_spi(10, &test_association); + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -501,6 +523,17 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_FECF) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); + SecurityAssociation_t *test_association; + sa_if->sa_get_from_spi(10, &test_association); + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -627,6 +660,17 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_OID_FECF) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); + SecurityAssociation_t *test_association; + sa_if->sa_get_from_spi(10, &test_association); + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -761,9 +805,17 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_1) sa_ptr->sa_state = SA_KEYED; // Configure SA 15 on - sa_if->sa_get_from_spi(15, &sa_ptr); + sa_if->sa_get_from_spi(10, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1058,16 +1110,14 @@ UTEST(AOS_APPLY, AES_GCM) aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); - // Expose/setup SA for testing - // Configure SA 14 off - sa_if->sa_get_from_spi(14, &sa_ptr); - sa_ptr->sa_state = SA_KEYED; - - // Configure SA 16 on - sa_if->sa_get_from_spi(11, &sa_ptr); - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - sa_ptr->shplf_len = 0; + sa_if->sa_get_from_spi(10, &sa_ptr); + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1219,6 +1269,14 @@ UTEST(AOS_APPLY, AEAD_GCM_BITMASK_1) sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 16; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index 342ef8ae..b9de3404 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -1535,6 +1535,14 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) test_association->shsnf_len = 0; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask of ones + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; char *iv_b = NULL; @@ -1796,6 +1804,14 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 sa_ptr->sa_state = SA_NONE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index 3eea2d37..1ffee42c 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -103,6 +103,7 @@ UTEST(TC_PROCESS, EXERCISE_IV) hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; // Convert frames that will be processed hex_conversion(buffer_replay_h, (char **)&buffer_replay_b, &buffer_replay_len); @@ -239,6 +240,7 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); + akp->key_state = KEY_ACTIVE; // Convert frames that will be processed hex_conversion(buffer_replay_h, (char **)&buffer_replay_b, &buffer_replay_len); hex_conversion(buffer_outside_window_h, (char **)&buffer_outside_window_b, &buffer_outside_window_len); @@ -705,6 +707,14 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) test_association->ekid = 130; test_association->sa_state = SA_OPERATIONAL; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + // Convert input test frame hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); @@ -779,6 +789,14 @@ UTEST(TC_PROCESS, DECRYPT_CBC_1B) test_association->ekid = 130; test_association->sa_state = SA_OPERATIONAL; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + // Convert input test frame hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); @@ -853,6 +871,14 @@ UTEST(TC_PROCESS, DECRYPT_CBC_16B) test_association->sa_state = SA_OPERATIONAL; test_association->ekid = 130; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + // Convert input test frame hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); @@ -988,6 +1014,8 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; + // Convert frames that will be processed hex_conversion(buffer_replay_h, (char **)&buffer_replay_b, &buffer_replay_len); hex_conversion(buffer_outside_window_h, (char **)&buffer_outside_window_b, &buffer_outside_window_len); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index b39ce0eb..2d718f82 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -412,6 +412,14 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) sa_ptr->arsnw = 5; sa_ptr->gvcid_blk.vcid = 0; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -542,6 +550,14 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) sa_ptr->gvcid_blk.vcid = 0; sa_ptr->gvcid_blk.scid = 44; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -693,6 +709,14 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, @@ -842,6 +866,14 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -1008,6 +1040,14 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -1169,6 +1209,14 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -1328,6 +1376,14 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -1491,6 +1547,12 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Update key length for SHA512 akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; + akp->key_state = KEY_ACTIVE; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1662,6 +1724,11 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Update key length for SHA512 akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; + akp->key_state = KEY_ACTIVE; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1812,6 +1879,14 @@ UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) sa_ptr->iv_len = 16; sa_ptr->shivf_len = 16; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; char *iv_b = NULL; @@ -1980,6 +2055,14 @@ UTEST(TM_APPLY_ENC_VAL, AEAD_AES_GCM_BITMASK_1) sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 16; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; char *iv_b = NULL; diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 8f5b0c3c..7e62c382 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -295,6 +295,14 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) sa_if->sa_get_from_spi(5, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO @@ -442,6 +450,14 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 0; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO @@ -599,6 +615,14 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Determine managed parameters by GVCID, which nominally happens in TO // status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, @@ -748,6 +772,14 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -917,6 +949,14 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -1084,6 +1124,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -1251,6 +1299,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->ekid = 0; sa_ptr->akid = 136; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); @@ -1423,6 +1479,11 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Update key length for SHA512 akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; + akp->key_state = KEY_ACTIVE; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1596,6 +1657,11 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Update key length for SHA512 akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; + akp->key_state = KEY_ACTIVE; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1767,6 +1833,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) test_association->iv_len = 16; test_association->shivf_len = 16; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; char *iv_b = NULL; @@ -1945,6 +2019,14 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) test_association->shivf_len = 16; test_association->stmacf_len = 16; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; + // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; char *iv_b = NULL; @@ -2084,6 +2166,18 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) char *framed_tm_b = NULL; int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + SecurityAssociation_t *sa_ptr; + sa_if->sa_get_from_spi(44, &sa_ptr); + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); From c85ea2ff6cfcaebb9191705197934f1ed89441c3 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Tue, 3 Dec 2024 21:57:38 -0500 Subject: [PATCH 167/241] [nasa/cryptolib#354] Updates to EP. Allow only 0 or Max SA for EP --- include/crypto_config.h | 2 + src/core/crypto.c | 2 +- src/core/crypto_tc.c | 15 +- .../internal/sa_interface_inmemory.template.c | 2 +- test/unit/ut_ep_key_mgmt.c | 102 ++------------ test/unit/ut_ep_mc.c | 91 ++++++++---- test/unit/ut_ep_sa_mgmt.c | 133 +++++++++++++----- 7 files changed, 192 insertions(+), 155 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index e2d6e6de..f3b967df 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -110,6 +110,8 @@ // Generic Defines #define NUM_SA 64 #define SPI_LEN 2 /* bytes */ +#define SPI_MIN 0 +#define SPI_MAX NUM_SA /* TODO: is 64 what we want here?*/ #define KEY_SIZE 512 /* bytes */ #define KEY_ID_SIZE 8 #define MKID_MAX 128 diff --git a/src/core/crypto.c b/src/core/crypto.c index 15b40df8..dbcd6d94 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -719,7 +719,7 @@ int32_t Crypto_USER_DEFINED_CMD(uint8_t *ingest) } /** - * @brief Function: Crypto_Process_Extended_Procedure_Pdu + * @brief Function: Crypto_Get_Managed_Parameters_For_Gvcid * @param tfvn: uint8_t * @param scid: uint16_t * @param vcid: uint8_t diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index fae2bb0f..7894b321 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1867,6 +1867,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc memcpy((tc_sdls_processed_frame->tc_sec_header.pad), &(ingest[TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len]), sa_ptr->shplf_len); + // Parse MAC, prepare AAD status = Crypto_TC_Prep_AAD(tc_sdls_processed_frame, fecf_len, sa_service_type, ecs_is_aead_algorithm, &aad_len, @@ -1924,10 +1925,20 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc return status; // Cryptography IF call failed, return. } // Extended PDU processing, if applicable - // TODO: Validiate using correct SA + if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); + if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) //TODO: Make sure that SPI can't be changed from the current array index. + { + status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); + } + else + { + // Some Magic here to log that an inappropriate SA was attempted to be used for EP + status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; // TODO: Do we want a different error code for this? + mc_if->mc_log(status); + status = CRYPTO_LIB_SUCCESS; + } } Crypto_TC_Safe_Free_Ptr(aad); diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 60fdf9af..72bacc8c 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -229,12 +229,12 @@ static int32_t sa_save_sa(SecurityAssociation_t *sa) void sa_populate(void) { // Security Associations - // EMPTY SA - Not Used (SA_NONE) sa[0].spi = 0; sa[0].sa_state = SA_UNKEYED; sa[0].est = 0; sa[0].ast = 0; sa[0].shivf_len = 0; + sa[0].iv_len = 0; sa[0].shsnf_len = 0; sa[0].arsn_len = 0; sa[0].arsnw_len = 0; diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 79d8437b..ca33a296 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -34,32 +34,9 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; // char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char *buffer_OTAR_h = - "2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bb" + "2003009e00ff000000001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bb" "d55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af89" "6d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; - // |2003009e00| = Primary Header - // |ff| = Ext. Procs - // |0000| = SPI - // |0000| = ARSN - // |1880| = CryptoLib App ID - // |d037| = seq, pktid - // |008c| = pkt_length - // |197f| = pusv, ack, st - // |0b| = sst, sid, spare - // |0001| = PDU Tag - // |0084| = PDU Length - // |0000| = Master Key ID - // |344892bbc54f5395297d4c37| = IV - // |172f| = Encrypted - // Key ID - // |2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd| - // = Encrypted Key - // |21cf| = Encrypted Key ID - // |268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990| = Encrypted Key - // |ba41| = EKID - // |48af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e557| = EK - // |10a47209c923b641d19a39001f9e9861| = MAC - // |66f5ffd95555| = Trailer or Padding??? uint8_t *buffer_nist_key_b, *buffer_OTAR_b = NULL; int buffer_nist_key_len, buffer_OTAR_len = 0; @@ -70,8 +47,8 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Activate SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; @@ -82,6 +59,7 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) test_association->arsnw = 5; test_association->iv_len = 0; test_association->shivf_len = 0; + // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); // ekp = key_if->get_key(test_association->ekid); @@ -136,19 +114,6 @@ UTEST(EP_KEY_MGMT, ACTIVATE_141_142) char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char *buffer_ACTIVATE_h = "2003001e00ff000000001880d038000c197f0b00020004008d008e82ebe4fc55555555"; - // |2003001e00| = Primary Header - // |ff| = SPI - // |00010000| = Security Header - // |1880| = CryptoLib App ID - // |d038| = seq, pktid - // |000c| = pkt_length - // |197f| = pusv, ack, st - // |0b| = sst, sid, spare - // |0002| = PDU Tag - // |0004| = PDU Length - // |008d| = Key ID (141) - // |008e| = Key ID (142) - // |82ebe4fc55555555| = Trailer??? uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_ACTIVATE_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_ACTIVATE_len = 0; @@ -163,7 +128,7 @@ UTEST(EP_KEY_MGMT, ACTIVATE_141_142) sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; - // Activate SA 9 + // Activate SA 0 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; @@ -172,6 +137,7 @@ UTEST(EP_KEY_MGMT, ACTIVATE_141_142) test_association->arsn_len = 2; test_association->arsnw = 5; test_association->iv_len = 12; + test_association->sa_state = SA_OPERATIONAL; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); @@ -228,18 +194,6 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142) char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d039000a197f0b00030002008e1f6d21c4555555555555"; - // |2003001c00| = Primary Header - // |ff| = SPI - // |00010000| = security Header - // |1880| = CryptoLib App ID - // |d039| = seq, packet id - // |000a| = Packet Length - // |197f| = pusv, ack, st - // |0b| = sst - // |0003| = PDU Tag - // |0002| = PDU Length - // |008e| = Key ID (142) - // |1f6d82ebe4fc55555555| = Trailer??? uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; @@ -254,7 +208,7 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142) sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; - // Activate SA 9 + // Activate SA 0 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; // test_association->ecs_len = 1; @@ -265,6 +219,7 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142) test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; + test_association->sa_state = SA_OPERATIONAL; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); @@ -320,19 +275,7 @@ UTEST(EP_KEY_MGMT, INVENTORY_132_134) char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char *buffer_nist_iv_h = "000000000000000000000000"; // The last valid IV that was seen by the SA char *buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; - // |2003001c00| = Primary Header - // |ff| = SPI - // |00000000| = security Header - // |1880| = CryptoLib App ID - // |d03b| = seq, packet id - // |000a| = Packet Length - // |197f| = pusv, ack, st - // |0b| = sst - // |0007| = PDU Tag - // |0004| = PDU Length - // |0084| = Key ID (132) - // |0086| = Key ID (134) - // |1f6d82ebe4fc55555555| = Trailer??? + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; @@ -347,7 +290,7 @@ UTEST(EP_KEY_MGMT, INVENTORY_132_134) sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; - // Activate SA 9 + // Activate SA 0 sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; @@ -433,26 +376,6 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char *buffer_VERIFY_h = "2003003e00ff000000001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c0" "6302465bc6d5091a29957eebed35c00a6ed8"; - // |2003003e00| = Primary Header - // |ff| = SPI - // |00000000| = Security header - // |1880| = CryptoLib App ID - // |d03a| = seq, packet id - // |002c| = Packet Length - // |197f| = pusv, ack, st - // |0b| = sst - // |0004| = PDU Tag - // |0024| = PDU Length - // |0084| = Key ID (132) - // |71fc3ad5b1c36ad56bd5a5432315cdab| = - // Challenge - // |0086| = - // Key ID - // (134) - // |75c06302465bc6d5091a29957eebed35| - // = - // Challenge - // |c00a6ed8| = Trailer // TRUTH PDU char *buffer_TRUTH_RESPONSE_h = "0880D03A0068197F0B008402E00084000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF" @@ -488,6 +411,9 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) test_association->arsn_len = 2; test_association->arsnw_len = 1; test_association->arsnw = 5; + test_association->shivf_len = 0; + test_association->iv_len = 0; + test_association->gvcid_blk.scid = 0; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); @@ -522,7 +448,7 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) // Print Global copy for sanity check Crypto_Print_Sdls_Ep_Reply(); - // Let's compare everything. All three should match + // Let's compare everything. All should match for (int i = 0; i < reply_length; i++) { ASSERT_EQ(buffer_TRUTH_RESPONSE_b[i], sdls_ep_reply_local[i]); diff --git a/test/unit/ut_ep_mc.c b/test/unit/ut_ep_mc.c index 83b97d52..3ed2d2c6 100644 --- a/test/unit/ut_ep_mc.c +++ b/test/unit/ut_ep_mc.c @@ -25,10 +25,10 @@ UTEST(EP_MC, MC_REGULAR_PING) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_PING_h = "2003001a00ff000100001880d2c70008197f0b00310000b1fe312855"; + char *buffer_PING_h = "2003001a00ff000000001880d2c70008197f0b00310000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |0001| = SPI + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d2c7| = seq, pktid @@ -49,9 +49,16 @@ UTEST(EP_MC, MC_REGULAR_PING) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -115,10 +122,10 @@ UTEST(EP_MC, MC_STATUS) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_STATUS_h = "2003001a00ff000100001880d2c70008197f0b00320000b1fe312855"; + char *buffer_STATUS_h = "2003001a00ff000000001880d2c70008197f0b00320000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |00010000| = Security Header + // |00000000| = Security Header // |1880| = CryptoLib App ID // |d2c7| = seq, packet id // |0008| = packet length @@ -139,9 +146,16 @@ UTEST(EP_MC, MC_STATUS) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -206,10 +220,10 @@ UTEST(EP_MC, MC_DUMP) // NOTE: Added Transfer Frame header to the plaintext // 0880d2c70039b300300a044e4153410a044e4153410a044e4153410a044e4153410a044e4153410a044e415341 - char *buffer_DUMP_h = "2003001a00ff000100001880d2c70008197f0b00330000b1fe312855"; + char *buffer_DUMP_h = "2003001a00ff000000001880d2c70008197f0b00330000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |00010000| = Security Header + // |00000000| = Security Header // |1880| = CryptoLib App ID // |d2c7| = seq, packet id // |0008| = packet length @@ -230,9 +244,16 @@ UTEST(EP_MC, MC_DUMP) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -296,10 +317,10 @@ UTEST(EP_MC, MC_ERASE) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_ERASE_h = "2003001a00ff000100001880d2c70008197f0b00340000b1fe312855"; + char *buffer_ERASE_h = "2003001a00ff000000001880d2c70008197f0b00340000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |00010000| = Security Header + // |00000000| = Security Header // |1880| = CryptoLib App ID // |d2c7| = seq, packet id // |0008| = packet length @@ -320,9 +341,16 @@ UTEST(EP_MC, MC_ERASE) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -386,10 +414,10 @@ UTEST(EP_MC, MC_SELF_TEST) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_SELF_h = "2003001a00ff000100001880d2c70008197f0b00350000b1fe312855"; + char *buffer_SELF_h = "2003001a00ff000000001880d2c70008197f0b00350000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |00010000| = Security Header + // |00000000| = Security Header // |1880| = CryptoLib App ID // |d2c7| = seq, packet id // |0008| = packet length @@ -410,9 +438,17 @@ UTEST(EP_MC, MC_SELF_TEST) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -476,10 +512,10 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_ALARM_h = "2003001a00ff000100001880d2c70008197f0b00370000b1fe312855"; + char *buffer_ALARM_h = "2003001a00ff000000001880d2c70008197f0b00370000b1fe312855"; // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |00010000| = Security Header + // |00000000| = Security Header // |1880| = CryptoLib App ID // |d2c7| = seq, packet id // |0008| = packet length @@ -500,9 +536,16 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 419a2a8e..7ea5799c 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -26,10 +26,10 @@ UTEST(EP_SA_MGMT, SA_6_REKEY_133) // NOTE: Added Transfer Frame header to the plaintext char *buffer_REKEY_h = - "2003002a00ff000100001880d0ac0018197f0b0016000c00060085000000000000000000000000da959fc8555555555555"; + "2003002a00ff000000001880d0ac0018197f0b0016000c00060085000000000000000000000000da959fc8555555555555"; // |2003002a00| = Primary Header // |ff| = Ext. Procs - // |0001| = SPI + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d0ac| = seq, pktid @@ -51,9 +51,16 @@ UTEST(EP_SA_MGMT, SA_6_REKEY_133) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -92,10 +99,10 @@ UTEST(EP_SA_MGMT, SA_START_6) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_START_h = "2003002000ff000100001880d0ad000e197f0b001b0004000600003040f6f7a61a5555"; + char *buffer_START_h = "2003002000ff000000001880d0ad000e197f0b001b0004000600003040f6f7a61a5555"; // |2003002000| = Primary Header // |ff| = Ext. Procs - // |0001| = SPI + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d0ad| = seq, pktid @@ -115,9 +122,16 @@ UTEST(EP_SA_MGMT, SA_START_6) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Convert frames that will be processed hex_conversion(buffer_START_h, (char **)&buffer_START_b, &buffer_START_len); @@ -152,10 +166,10 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_READ_h = "2003001c00ff000100001880d0b0000a197f0b001000020006555555555555"; + char *buffer_READ_h = "2003001c00ff000000001880d0b0000a197f0b001000020006555555555555"; // |2003001c00| = Primary Header // |ff| = Ext. Procs - // |0001| = SPI + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d0ad| = seq, pktid @@ -175,11 +189,18 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; - // Modify SA 1 + // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->shivf_len = 0; @@ -247,10 +268,10 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_SET_h = "2003001a00ff000100001880d0b1000a197f0b0015000400060955"; - // |2003002800| = Primary Header + char *buffer_SET_h = "2003001a00ff000000001880d0b1000a197f0b0015000400060955"; + // |2003001a00| = Primary Header // |ff| = Ext. Procs - // |0001| = SPI + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d0b1| = seq, pktid @@ -271,12 +292,18 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; - test_association->arsnw_len = 1; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; - // Modify SA 1 + // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; @@ -315,7 +342,7 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_SET_h = "2003002800ff000100001880d0b10016197f0b001a000a000600000000000000000000006413b5983e55"; + char *buffer_SET_h = "2003002800ff000000001880d0b10016197f0b001a000a000600000000000000000000006413b5983e55"; // |2003002800| = Primary Header // |ff| = Ext. Procs // |0001| = SPI @@ -339,11 +366,18 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; - // Modify SA 1 + // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->arsn_len = 16; @@ -383,10 +417,10 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_STATUS_h = "2003001800ff000100001880d0b00008197f0b001f00020006"; + char *buffer_STATUS_h = "2003001800ff000000001880d0b00008197f0b001f00020006"; // |2003002000| = Primary Header // |ff| = Ext. Procs - // |0001| = SPI + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d0b0| = seq, pktid @@ -406,11 +440,18 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; - // Modify SA 1 + // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; @@ -470,10 +511,10 @@ UTEST(EP_SA_MGMT, SA_STOP_6) int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_STOP_h = "2003001c00ff000100001880d0b6000a197f0b001e00020006938f21c4555555555555"; + char *buffer_STOP_h = "2003001c00ff000000001880d0b6000a197f0b001e00020006938f21c4555555555555"; // |2003001c00| = Primary Header // |ff| = Ext. Procs - // |0001| = SPI + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d0b6| = seq, pktid @@ -493,11 +534,18 @@ UTEST(EP_SA_MGMT, SA_STOP_6) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; - // Modify SA 1 + // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); test_association->sa_state = SA_OPERATIONAL; @@ -529,15 +577,15 @@ UTEST(EP_SA_MGMT, SA_EXPIRE_6) Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext - char *buffer_EXPIRE_h = "2003001c00ff000100001880d0b7000a197f0b001900020006f72e21c4555555555555"; + char *buffer_EXPIRE_h = "2003001c00ff000000001880d0b7000a197f0b001900020006f72e21c4555555555555"; // |2003001c00| = Primary Header // |ff| = Ext. Procs - // |0001| = SPI + // |0000| = SPI // |0000| = ARSN // |1880| = CryptoLib App ID // |d0b7| = seq, pktid @@ -557,9 +605,16 @@ UTEST(EP_SA_MGMT, SA_EXPIRE_6) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Modify SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Convert frames that will be processed hex_conversion(buffer_EXPIRE_h, (char **)&buffer_EXPIRE_b, &buffer_EXPIRE_len); From 09d8d97cc032356d706c2edf28989af8ca40a256 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Tue, 3 Dec 2024 22:11:56 -0500 Subject: [PATCH 168/241] [nasa/cryptolib#354] Remove Duplicate SA 14 from Populate function --- .../internal/sa_interface_inmemory.template.c | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 72bacc8c..36b3df2d 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -511,23 +511,6 @@ void sa_populate(void) sa[13].gvcid_blk.vcid = 0; sa[13].gvcid_blk.mapid = TYPE_TC; - // TC - Keyed - sa[14].spi = 14; - sa[14].ekid = 14; - sa[14].sa_state = SA_KEYED; - sa[14].est = 0; - sa[14].ast = 0; - sa[14].shivf_len = 12; - sa[14].iv_len = 12; - sa[14].shsnf_len = 2; - sa[14].arsnw = 5; - sa[14].arsnw_len = 1; - sa[14].arsn_len = 2; - sa[14].gvcid_blk.tfvn = 2; - sa[14].gvcid_blk.scid = SCID & 0x3FF; - sa[14].gvcid_blk.vcid = 1; - sa[14].gvcid_blk.mapid = TYPE_TC; - // TC - Unkeyed sa[14].spi = 14; sa[14].ekid = 14; From c9226dc7e3522171afb1c6e94237ac603fa79dcf Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 14:01:03 +0000 Subject: [PATCH 169/241] [nasa/cryptolib#353] Added missing pointer --- src/core/crypto_tc.c | 4 ++-- src/core/crypto_tm.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 49fd1778..26c77642 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1578,13 +1578,13 @@ int32_t Crypto_TC_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssoc } if (status == CRYPTO_LIB_SUCCESS) { - if (ekp == NULL) + if (*ekp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); } - if ((akp == NULL) && (status == CRYPTO_LIB_SUCCESS)) + if ((*akp == NULL) && (status == CRYPTO_LIB_SUCCESS)) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 378cf2a3..2fbaad27 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -249,13 +249,13 @@ int32_t Crypto_TM_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssoc if (status == CRYPTO_LIB_SUCCESS) { - if (ekp == NULL) + if (*ekp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); } - if (akp == NULL && status == CRYPTO_LIB_SUCCESS) + if (*akp == NULL && status == CRYPTO_LIB_SUCCESS) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); From 965e29be4edf8b26ac70193d264df6d2961488b0 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 14:51:18 +0000 Subject: [PATCH 170/241] [nasa/cryptolib#353] Added key state unit tests --- src/core/crypto_tc.c | 8 +- test/unit/ut_aos_apply.c | 103 ++++++++++++++++++++++++- test/unit/ut_aos_process.c | 50 +++++++++++++ test/unit/ut_tc_apply.c | 48 ++++++++++++ test/unit/ut_tc_process.c | 56 +++++++++++++- test/unit/ut_tm_apply.c | 150 +++++++++++++++++++++++++++++++++++++ test/unit/ut_tm_process.c | 50 +++++++++++++ 7 files changed, 460 insertions(+), 5 deletions(-) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 26c77642..7a4f4955 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -348,6 +348,7 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat { int32_t status = CRYPTO_LIB_SUCCESS; uint16_t index = *index_p; + crypto_key_t *akp = NULL; if (sa_service_type != SA_PLAINTEXT) { uint8_t *mac_ptr = NULL; @@ -390,13 +391,14 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat /* Get Key */ ekp = key_if->get_key(sa_ptr->ekid); - if (ekp == NULL) + akp = key_if->get_key(sa_ptr->akid); + if (ekp == NULL || akp == NULL) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); return status; } - if (ekp->key_state != KEY_ACTIVE) + if (ekp->key_state != KEY_ACTIVE || akp->key_state != KEY_ACTIVE) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); @@ -469,7 +471,7 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat { return CRYPTO_LIB_ERR_KEY_ID_ERROR; } - if (ekp->key_state != KEY_ACTIVE) + if (akp->key_state != KEY_ACTIVE) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); diff --git a/test/unit/ut_aos_apply.c b/test/unit/ut_aos_apply.c index 9a85a1b6..eac6ea09 100644 --- a/test/unit/ut_aos_apply.c +++ b/test/unit/ut_aos_apply.c @@ -1145,7 +1145,7 @@ UTEST(AOS_APPLY, AES_GCM) * Sanity check: *https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'40C000000000001100000000000000000000000000000000'%7D)AES_Decrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'48caf5a6921559a2384174c025a04874'%7D,%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D/disabled)&input=MTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkI **/ -UTEST(AOS_APPLY, AEAD_GCM_BITMASK_1) +UTEST(AOS_APPLY, AOS_KEY_STATE_TEST) { remove("sa_save_file.bin"); // Local variables @@ -1294,4 +1294,105 @@ UTEST(AOS_APPLY, AEAD_GCM_BITMASK_1) Crypto_Shutdown(); } +UTEST(AOS_APPLY, AEAD_GCM_BITMASK_1) +{ + remove("sa_save_file.bin"); + // Local variables + int32_t status = CRYPTO_LIB_SUCCESS; + SecurityAssociation_t *sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + + // Configure, Add Managed Params, and Init + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_NO_IZ, 0); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_NO_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + + status = Crypto_Init(); + // Test Frame Setup + // 6 byte header, 2 byte blank SPI, 16 byte blank IV (CCC...), data, MAC, FECF + // | Header |SPI| + char *test_aos_h = + "40C0000000000000CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2AABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000"; + char *test_aos_b = NULL; + int test_aos_len = 0; + hex_conversion(test_aos_h, &test_aos_b, &test_aos_len); + + // Bit math to give concise access to values already set in the static transfer frame + aos_frame_pri_hdr.tfvn = ((uint8_t)test_aos_b[0] & 0xC0) >> 6; + aos_frame_pri_hdr.scid = (((uint16_t)test_aos_b[0] & 0x3F) << 2) | (((uint16_t)test_aos_b[1] & 0xC0) >> 6); + aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); + + // Expose/setup SA for testing + // Configure SA 14 off + sa_if->sa_get_from_spi(10, &sa_ptr); + sa_ptr->sa_state = SA_KEYED; + + // Configure SA 17 on + sa_if->sa_get_from_spi(11, &sa_ptr); + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ekid = 130; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->est = 1; + sa_ptr->ast = 1; + sa_ptr->abm_len = ABM_SIZE; + memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; + sa_ptr->stmacf_len = 16; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_DEACTIVATED; + + status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); + ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); + + + free(test_aos_b); + Crypto_Shutdown(); +} + UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index b9de3404..7bd5e6d6 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -1867,4 +1867,54 @@ UTEST(AOS_PROCESS, AOS_OCF_TEST) free(ptr_processed_frame); } +UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // AOS_NO_FHEC, AOS_HAS_IZ, 10); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + status = Crypto_Init(); + + // Test frame setup + char *framed_aos_h = "42C00000000000050000000000000000FFFF"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; + hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + + SecurityAssociation_t *sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 + sa_ptr->sa_state = SA_KEYED; + sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 + sa_ptr->sa_state = SA_OPERATIONAL; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_DEACTIVATED; + + status = + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); + + Crypto_Shutdown(); + free(framed_aos_b); + free(ptr_processed_frame); +} + UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index d66360de..cdb23121 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -1384,4 +1384,52 @@ UTEST(TC_APPLY_SECURITY, PLAINTEXT_W_ARSN) ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); } +UTEST(TC_APPLY_SECURITY, TC_KEY_STATE_TEST) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + Crypto_Init(); + // Test string + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + + hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + int32_t return_val = CRYPTO_LIB_ERROR; + + SecurityAssociation_t *test_association; + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_KEYED; + sa_if->sa_get_from_spi(4, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ekid = 130; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_DEACTIVATED; + + return_val = + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + + Crypto_Shutdown(); + free(raw_tc_sdls_ping_b); + ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, return_val); +} + UTEST_MAIN(); diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index 1ffee42c..19db3c4f 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -874,7 +874,7 @@ UTEST(TC_PROCESS, DECRYPT_CBC_16B) crypto_key_t *ekp = NULL; ekp = key_if->get_key(test_association->ekid); ekp->key_state = KEY_ACTIVE; - + crypto_key_t *akp = NULL; akp = key_if->get_key(test_association->akid); akp->key_state = KEY_ACTIVE; @@ -1128,6 +1128,7 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) UTEST(TC_PROCESS, TC_SA_SEGFAULT_TEST) { + remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; @@ -1167,6 +1168,7 @@ UTEST(TC_PROCESS, TC_SA_SEGFAULT_TEST) UTEST(TC_PROCESS, TC_SA_NOT_OPERATIONAL) { + remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; @@ -1204,4 +1206,56 @@ UTEST(TC_PROCESS, TC_SA_NOT_OPERATIONAL) Crypto_Shutdown(); } +UTEST(TC_PROCESS, TC_KEY_STATE_TEST) +{ + remove("sa_save_file.bin"); + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t AOS_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_Managed_Parameters); + + status = Crypto_Init(); + + TC_t *tc_sdls_processed_frame; + tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + + // Test frame setup + char *test_frame_pt_h = "2003002A0000000100000000000000000000000000000000025364F9BC3344AF359DA06CA886748F59A0AB"; + uint8_t *test_frame_pt_b = NULL; + int test_frame_pt_len = 0; + + SecurityAssociation_t *test_association; + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_OPERATIONAL; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_DEACTIVATED; + + // Convert input test frame + hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); + + status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); + + ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); + free(test_frame_pt_b); + free(tc_sdls_processed_frame); + Crypto_Shutdown(); +} + UTEST_MAIN(); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 2d718f82..b54f84c7 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -2124,4 +2124,154 @@ UTEST(TM_APPLY_ENC_VAL, AEAD_AES_GCM_BITMASK_1) free(next_iv_b); } +UTEST(TM_APPLY_ENC_VAL, TM_KEY_STATE_TEST) +{ + remove("sa_save_file.bin"); + int32_t status = CRYPTO_LIB_SUCCESS; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_NO_OCF, 1786, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + // Test frame setup Header |SPI| IV | Data + char *framed_tm_h = + "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBCCDDCCDDCCDDCCDDCCDDCCDDCCDDCCDDFFFF"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + // Truth frame setup + char *truth_tm_h = + "02C0000018000005DEADBEEFDEADBEEFDEADBEEFDEADBEEFFF00AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBCCDDCCDDCCDDCCDDCCDDCCDDCCDDCCDD2261"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; + hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); + + // Expose/setup SAs for testing + SecurityAssociation_t ta; + SecurityAssociation_t *sa_ptr = &ta; + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &sa_ptr); + sa_ptr->sa_state = SA_NONE; + // Activate SA 5 + sa_if->sa_get_from_spi(5, &sa_ptr); + sa_ptr->gvcid_blk.scid = 44; + sa_ptr->gvcid_blk.vcid = 0; + sa_ptr->arsn_len = 0; + sa_ptr->abm_len = 1786; + memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->ast = 1; + sa_ptr->ecs_len = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->acs_len = 1; + sa_ptr->acs = CRYPTO_MAC_NONE; + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; + sa_ptr->stmacf_len = 16; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_DEACTIVATED; + + // Set a more obvious IV for test purposes + char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; + char *iv_b = NULL; + int iv_len = 0; + hex_conversion(iv_h, &iv_b, &iv_len); + memcpy(sa_ptr->iv, iv_b, iv_len); + + // Expected IV after increment + char *next_iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEF0"; + char *next_iv_b = NULL; + int next_iv_len = 0; + hex_conversion(next_iv_h, &next_iv_b, &next_iv_len); + ASSERT_EQ(next_iv_len, iv_len); + + status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b); + ASSERT_EQ(status, CRYPTO_LIB_ERR_KEY_STATE_INVALID); + + Crypto_Shutdown(); + free(truth_tm_b); + free(framed_tm_b); + free(iv_b); + free(next_iv_b); +} + UTEST_MAIN(); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 7e62c382..7aed739c 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -2186,4 +2186,54 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) Crypto_Shutdown(); } +UTEST(TM_PROCESS, TM_KEY_STATE_TEST) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // TM Tests + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); + + status = Crypto_Init(); + + TC_t *tc_sdls_processed_frame; + tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + + char *framed_tm_h = "02C0000018000001414243444546"; + char *framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + SecurityAssociation_t *sa_ptr; + sa_if->sa_get_from_spi(1, &sa_ptr); + sa_ptr->sa_state = SA_OPERATIONAL; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_DEACTIVATED; + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + + ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); + free(framed_tm_b); + free(tc_sdls_processed_frame); + Crypto_Shutdown(); +} + UTEST_MAIN(); \ No newline at end of file From 43c9df14206c72901a4bb253d2849240b55fdbdf Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 15:44:08 +0000 Subject: [PATCH 171/241] [nasa/cryptolib#353] Normalize TC key error checks --- src/core/crypto_tc.c | 74 +++++++++++++++++++++++---------------- test/unit/ut_tc_process.c | 1 + 2 files changed, 44 insertions(+), 31 deletions(-) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 7a4f4955..9be6a9c1 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -349,6 +349,35 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat int32_t status = CRYPTO_LIB_SUCCESS; uint16_t index = *index_p; crypto_key_t *akp = NULL; + + /* Get Key */ + ekp = key_if->get_key(sa_ptr->ekid); + akp = key_if->get_key(sa_ptr->akid); + if (ekp == NULL || akp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } + if (sa_ptr->est == 1) + { + if (ekp->key_state != KEY_ACTIVE) + { + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + mc_if->mc_log(status); + return status; + } + } + if (sa_ptr->ast == 1) + { + if (akp->key_state != KEY_ACTIVE) + { + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + mc_if->mc_log(status); + return status; + } + } + if (sa_service_type != SA_PLAINTEXT) { uint8_t *mac_ptr = NULL; @@ -389,21 +418,6 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat printf("Input bytes input_loc is %d\n", TC_FRAME_HEADER_SIZE + segment_hdr_len); #endif - /* Get Key */ - ekp = key_if->get_key(sa_ptr->ekid); - akp = key_if->get_key(sa_ptr->akid); - if (ekp == NULL || akp == NULL) - { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - mc_if->mc_log(status); - return status; - } - if (ekp->key_state != KEY_ACTIVE || akp->key_state != KEY_ACTIVE) - { - status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; - mc_if->mc_log(status); - return status; - } if (ecs_is_aead_algorithm == CRYPTO_TRUE) { // Check that key length to be used ets the algorithm requirement @@ -464,19 +478,6 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat if (sa_service_type == SA_AUTHENTICATION) { - /* Get Key */ - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - if (akp == NULL) - { - return CRYPTO_LIB_ERR_KEY_ID_ERROR; - } - if (akp->key_state != KEY_ACTIVE) - { - status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; - mc_if->mc_log(status); - return status; - } // Check that key length to be used ets the algorithm requirement if ((int32_t)akp->key_len != Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs)) @@ -1573,10 +1574,21 @@ int32_t Crypto_TC_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssoc *ekp = key_if->get_key(sa_ptr->ekid); *akp = key_if->get_key(sa_ptr->akid); - if ((*ekp)->key_state != KEY_ACTIVE || (*akp)->key_state != KEY_ACTIVE) + if (sa_ptr->est == 1) { - status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; - mc_if->mc_log(status); + if ((*ekp)->key_state != KEY_ACTIVE) + { + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + mc_if->mc_log(status); + } + } + if (sa_ptr->ast == 1) + { + if ((*akp)->key_state != KEY_ACTIVE) + { + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + mc_if->mc_log(status); + } } if (status == CRYPTO_LIB_SUCCESS) { diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index 19db3c4f..a098c3de 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -1238,6 +1238,7 @@ UTEST(TC_PROCESS, TC_KEY_STATE_TEST) SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_OPERATIONAL; + test_association->est = 1; crypto_key_t *ekp = NULL; ekp = key_if->get_key(test_association->ekid); From ef490145985ad78c7ff639d22229227aa1eca1e4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 15:50:14 +0000 Subject: [PATCH 172/241] [nasa/cryptolib#353] Normalize TM key error checks --- src/core/crypto_tm.c | 23 +++++++++++++---------- test/unit/ut_tm_process.c | 2 ++ 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 2fbaad27..3ba1aaac 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -237,28 +237,31 @@ void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t *pdu_len) int32_t Crypto_TM_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - *ekp = key_if->get_key(sa_ptr->ekid); *akp = key_if->get_key(sa_ptr->akid); - if ((*ekp)->key_state != KEY_ACTIVE || (*akp)->key_state != KEY_ACTIVE) + if (*ekp == NULL || *akp == NULL) { - status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); + return status; } - - if (status == CRYPTO_LIB_SUCCESS) + if (sa_ptr->est == 1) { - if (*ekp == NULL) + if ((*ekp)->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); + return status; } - - if (*akp == NULL && status == CRYPTO_LIB_SUCCESS) + } + if (sa_ptr->ast == 1) + { + if ((*akp)->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); + return status; } } return status; diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 7aed739c..ecc604ba 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -2219,6 +2219,8 @@ UTEST(TM_PROCESS, TM_KEY_STATE_TEST) SecurityAssociation_t *sa_ptr; sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->est = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; crypto_key_t *ekp = NULL; ekp = key_if->get_key(sa_ptr->ekid); From 8b5fbb537165fee12a3b440722d7dd07178a560e Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 15:54:14 +0000 Subject: [PATCH 173/241] [nasa/cryptolib#353] Normalize AOS key error checks --- src/core/crypto_aos.c | 36 ++++++++++++++++++++---------------- test/unit/ut_aos_process.c | 2 ++ 2 files changed, 22 insertions(+), 16 deletions(-) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index f45e50f9..0602aca3 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -363,24 +363,26 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer) ekp = key_if->get_key(sa_ptr->ekid); akp = key_if->get_key(sa_ptr->akid); - if (ekp->key_state != KEY_ACTIVE || akp->key_state != KEY_ACTIVE) + if (ekp == NULL || akp == NULL) { - status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); return status; } - if (status == CRYPTO_LIB_SUCCESS) + if (sa_ptr->est == 1) { - if (ekp == NULL) + if (ekp->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); return status; } - - if (akp == NULL) + } + if (sa_ptr->ast == 1) + { + if (akp->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); return status; } @@ -1214,24 +1216,26 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 ekp = key_if->get_key(sa_ptr->ekid); akp = key_if->get_key(sa_ptr->akid); - if (ekp->key_state != KEY_ACTIVE || akp->key_state != KEY_ACTIVE) + if (ekp == NULL || akp == NULL) { - status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); return status; } - if (status == CRYPTO_LIB_SUCCESS) + if (sa_ptr->est == 1) { - if (ekp == NULL) + if (ekp->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); return status; } - - if (akp == NULL) + } + if (sa_ptr->ast == 1) + { + if (akp->key_state != KEY_ACTIVE) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); return status; } diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index 7bd5e6d6..a470af7f 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -1899,6 +1899,8 @@ UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) sa_ptr->sa_state = SA_KEYED; sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->est = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; crypto_key_t *ekp = NULL; ekp = key_if->get_key(sa_ptr->ekid); From e8723483a81951c5964c4ce0489589832fcd6432 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Wed, 4 Dec 2024 11:05:49 -0500 Subject: [PATCH 174/241] [nasa/cryptolib#354] Unit Test Cleanup. Sanity Check to ensure SAs do not change their SPI. --- src/core/crypto_tc.c | 22 +++++++++ test/unit/ut_ep_key_mgmt.c | 42 ++--------------- test/unit/ut_ep_mc.c | 77 +------------------------------ test/unit/ut_ep_sa_mgmt.c | 93 +------------------------------------- test/unit/ut_tc_apply.c | 41 +++++++++++++++++ 5 files changed, 70 insertions(+), 205 deletions(-) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 7894b321..83057689 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -2020,6 +2020,24 @@ uint8_t *Crypto_Prepare_TC_AAD(uint8_t *buffer, uint16_t len_aad, uint8_t *abm_b return aad; } +static int32_t validate_sa_index(SecurityAssociation_t *sa) +{ + int32_t returnval = -1; + SecurityAssociation_t *temp_sa; + sa_if->sa_get_from_spi(sa->spi, &temp_sa); + int sa_index = -1; + sa_index = (int)(sa - temp_sa); +#ifdef DEBUG + if(sa_index == 0) + printf("SA Index matches SPI\n"); + else + printf("Malformed SA SPI based on SA Index!\n"); +#endif + if(sa_index == 0) + returnval = 0; + return returnval; +} + /** * TODO: Single Return * @brief Function: crypto_tc_validate_sa @@ -2029,6 +2047,10 @@ uint8_t *Crypto_Prepare_TC_AAD(uint8_t *buffer, uint16_t len_aad, uint8_t *abm_b **/ static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa) { + if(validate_sa_index(sa) != 0) + { + return CRYPTO_LIB_ERR_SPI_INDEX_OOB; + } if (sa->sa_state != SA_OPERATIONAL) { return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index ca33a296..bbaffa20 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -13,21 +13,17 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_1_Managed_Parameters = { 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); Crypto_Init(); SaInterface sa_if = get_sa_interface_inmemory(); - // crypto_key_t* ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext @@ -62,14 +58,10 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - // ekp = key_if->get_key(test_association->ekid); - // memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed hex_conversion(buffer_OTAR_h, (char **)&buffer_OTAR_b, &buffer_OTAR_len); // Convert/Set input IV - // hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - // memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Expect success on next valid IV && ARSN printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); @@ -78,7 +70,6 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142) printf("\n"); Crypto_Shutdown(); - // free(buffer_nist_iv_b); free(buffer_nist_key_b); free(buffer_OTAR_b); } @@ -93,14 +84,10 @@ UTEST(EP_KEY_MGMT, ACTIVATE_141_142) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_1_Managed_Parameters = { 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); @@ -137,7 +124,6 @@ UTEST(EP_KEY_MGMT, ACTIVATE_141_142) test_association->arsn_len = 2; test_association->arsnw = 5; test_association->iv_len = 12; - test_association->sa_state = SA_OPERATIONAL; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); @@ -173,14 +159,10 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_1_Managed_Parameters = { 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); @@ -219,7 +201,6 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142) test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; - test_association->sa_state = SA_OPERATIONAL; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); @@ -254,17 +235,11 @@ UTEST(EP_KEY_MGMT, INVENTORY_132_134) IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); - // GvcidManagedParameters_t TC_1_Managed_Parameters = {0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, - // TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); - int status = CRYPTO_LIB_SUCCESS; status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -354,14 +329,11 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_1_Managed_Parameters = { 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); @@ -380,13 +352,7 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) char *buffer_TRUTH_RESPONSE_h = "0880D03A0068197F0B008402E00084000000000000000000000001D8EAA795AFFAA0E951BB6CF0116192E16B1977D6723E92E01123CCEF" "548E2885008600000000000000000000000275C47F30CA26E64AF30C19EBFFE0B314849133E138AC65BC2806E520A90C96A8"; - // 0880D03A0068 = Primary Header - // 197F0B00 = PUS Header - // 0402E0 = PDU Tag & Length - // 0084 000000000000000000000001 D8EAA795AFFAA0E951BB6CF0116192E1 - // 6B1977D6723E92E01123CCEF548E2885 = #1: KID, IV, CHALLENGE, MAC - // 0086 000000000000000000000002 75C47F30CA26E64AF30C19EBFFE0B314 - // 849133E138AC65BC2806E520A90C96A8 = #2: KID, IV, CHALLENGE, MAC + uint8_t *buffer_nist_key_b, *buffer_VERIFY_b, *buffer_TRUTH_RESPONSE_b = NULL; int buffer_nist_key_len, buffer_VERIFY_len, buffer_TRUTH_RESPONSE_len = 0; diff --git a/test/unit/ut_ep_mc.c b/test/unit/ut_ep_mc.c index 3ed2d2c6..1e6e24fc 100644 --- a/test/unit/ut_ep_mc.c +++ b/test/unit/ut_ep_mc.c @@ -13,8 +13,6 @@ UTEST(EP_MC, MC_REGULAR_PING) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -123,19 +121,6 @@ UTEST(EP_MC, MC_STATUS) // NOTE: Added Transfer Frame header to the plaintext char *buffer_STATUS_h = "2003001a00ff000000001880d2c70008197f0b00320000b1fe312855"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |00000000| = Security Header - // |1880| = CryptoLib App ID - // |d2c7| = seq, packet id - // |0008| = packet length - // |197f| = pusv, ack, st - // |0b| = sst - // |0032| = PDU Tag - // |0000| = PDU Length - // |b1fe| - // |3128| - // |55| = Padding uint8_t *buffer_STATUS_b = NULL; int buffer_STATUS_len = 0; @@ -207,8 +192,6 @@ UTEST(EP_MC, MC_DUMP) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -218,22 +201,7 @@ UTEST(EP_MC, MC_DUMP) int status = CRYPTO_LIB_SUCCESS; - // NOTE: Added Transfer Frame header to the plaintext - // 0880d2c70039b300300a044e4153410a044e4153410a044e4153410a044e4153410a044e4153410a044e415341 char *buffer_DUMP_h = "2003001a00ff000000001880d2c70008197f0b00330000b1fe312855"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |00000000| = Security Header - // |1880| = CryptoLib App ID - // |d2c7| = seq, packet id - // |0008| = packet length - // |197f| = pusv, ack, st - // |0b| = sst - // |0033| = PDU Tag - // |0000| = PDU Length - // |b1fe| - // |3128| - // |55| = Padding uint8_t *buffer_DUMP_b = NULL; int buffer_DUMP_len = 0; @@ -318,19 +286,6 @@ UTEST(EP_MC, MC_ERASE) // NOTE: Added Transfer Frame header to the plaintext char *buffer_ERASE_h = "2003001a00ff000000001880d2c70008197f0b00340000b1fe312855"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |00000000| = Security Header - // |1880| = CryptoLib App ID - // |d2c7| = seq, packet id - // |0008| = packet length - // |197f| = pusv, ack, st - // |0b| = sst - // |0034| = PDU Tag - // |0000| = PDU Length - // |b1fe| - // |3128| - // |55| = Padding uint8_t *buffer_ERASE_b = NULL; int buffer_ERASE_len = 0; @@ -402,8 +357,6 @@ UTEST(EP_MC, MC_SELF_TEST) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -415,19 +368,6 @@ UTEST(EP_MC, MC_SELF_TEST) // NOTE: Added Transfer Frame header to the plaintext char *buffer_SELF_h = "2003001a00ff000000001880d2c70008197f0b00350000b1fe312855"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |00000000| = Security Header - // |1880| = CryptoLib App ID - // |d2c7| = seq, packet id - // |0008| = packet length - // |197f| = pusv, ack, st - // |0b| = sst - // |0035| = PDU Tag - // |0000| = PDU Length - // |b1fe| - // |3128| - // |55| = Padding uint8_t *buffer_SELF_b = NULL; int buffer_SELF_len = 0; @@ -500,8 +440,6 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -513,20 +451,7 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) // NOTE: Added Transfer Frame header to the plaintext char *buffer_ALARM_h = "2003001a00ff000000001880d2c70008197f0b00370000b1fe312855"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |00000000| = Security Header - // |1880| = CryptoLib App ID - // |d2c7| = seq, packet id - // |0008| = packet length - // |197f| = pusv, ack, st - // |0b| = sst - // |0037| = PDU Tag - // |0000| = PDU Length - // |b1fe| - // |3128| - // |55| = Padding - + uint8_t *buffer_ALARM_b = NULL; int buffer_ALARM_len = 0; diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 7ea5799c..5497a077 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -27,21 +27,7 @@ UTEST(EP_SA_MGMT, SA_6_REKEY_133) // NOTE: Added Transfer Frame header to the plaintext char *buffer_REKEY_h = "2003002a00ff000000001880d0ac0018197f0b0016000c00060085000000000000000000000000da959fc8555555555555"; - // |2003002a00| = Primary Header - // |ff| = Ext. Procs - // |0000| = SPI - // |0000| = ARSN - // |1880| = CryptoLib App ID - // |d0ac| = seq, pktid - // |0018| = pkt_length - // |197f| = pusv, ack, st - // |0b| = sst, sid, spare - // |0016| = PDU Tag - // |000c| = PDU Length - // |0006| = SA - // |0085| = Key ID - // |000000000000000000000000da959fc8| = IV - + uint8_t *buffer_REKEY_b = NULL; int buffer_REKEY_len = 0; @@ -87,8 +73,6 @@ UTEST(EP_SA_MGMT, SA_START_6) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -100,18 +84,6 @@ UTEST(EP_SA_MGMT, SA_START_6) // NOTE: Added Transfer Frame header to the plaintext char *buffer_START_h = "2003002000ff000000001880d0ad000e197f0b001b0004000600003040f6f7a61a5555"; - // |2003002000| = Primary Header - // |ff| = Ext. Procs - // |0000| = SPI - // |0000| = ARSN - // |1880| = CryptoLib App ID - // |d0ad| = seq, pktid - // |000e| = pkt_length - // |197f| = pusv, ack, st - // |0b| = sst, sid, spare - // |001b| = PDU Tag - // |0004| = PDU Length - // |0006| = SA being started uint8_t *buffer_START_b = NULL; int buffer_START_len = 0; @@ -154,8 +126,7 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -167,18 +138,6 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) // NOTE: Added Transfer Frame header to the plaintext char *buffer_READ_h = "2003001c00ff000000001880d0b0000a197f0b001000020006555555555555"; - // |2003001c00| = Primary Header - // |ff| = Ext. Procs - // |0000| = SPI - // |0000| = ARSN - // |1880| = CryptoLib App ID - // |d0ad| = seq, pktid - // |000e| = pkt_length - // |197f| = pusv, ack, st - // |0b| = sst, sid, spare - // |001b| = PDU Tag - // |0002| = PDU Length - // |0006| = SA being read uint8_t *buffer_READ_b = NULL; int buffer_READ_len = 0; @@ -256,8 +215,6 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -269,19 +226,6 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) // NOTE: Added Transfer Frame header to the plaintext char *buffer_SET_h = "2003001a00ff000000001880d0b1000a197f0b0015000400060955"; - // |2003001a00| = Primary Header - // |ff| = Ext. Procs - // |0000| = SPI - // |0000| = ARSN - // |1880| = CryptoLib App ID - // |d0b1| = seq, pktid - // |0009| = pkt_length - // |197f| = pusv, ack, st - // |0b| = sst, sid, spare - // |0015| = PDU Tag - // |000a| = PDU Length - // |0006| = SA being modified - // |09| = ARSNW uint8_t *buffer_SET_b = NULL; int buffer_SET_len = 0; @@ -330,8 +274,6 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -343,19 +285,6 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) // NOTE: Added Transfer Frame header to the plaintext char *buffer_SET_h = "2003002800ff000000001880d0b10016197f0b001a000a000600000000000000000000006413b5983e55"; - // |2003002800| = Primary Header - // |ff| = Ext. Procs - // |0001| = SPI - // |0000| = ARSN - // |1880| = CryptoLib App ID - // |d0b1| = seq, pktid - // |0016| = pkt_length - // |197f| = pusv, ack, st - // |0b| = sst, sid, spare - // |001a| = PDU Tag - // |000a| = PDU Length - // |0006| = SA being modified - // |00000000000000000000006413b5983e| = ARSN uint8_t *buffer_SET_b = NULL; int buffer_SET_len = 0; @@ -405,8 +334,6 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -499,8 +426,6 @@ UTEST(EP_SA_MGMT, SA_STOP_6) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -512,18 +437,6 @@ UTEST(EP_SA_MGMT, SA_STOP_6) // NOTE: Added Transfer Frame header to the plaintext char *buffer_STOP_h = "2003001c00ff000000001880d0b6000a197f0b001e00020006938f21c4555555555555"; - // |2003001c00| = Primary Header - // |ff| = Ext. Procs - // |0000| = SPI - // |0000| = ARSN - // |1880| = CryptoLib App ID - // |d0b6| = seq, pktid - // |000a| = pkt_length - // |197f| = pusv, ack, st - // |0b| = sst, sid, spare - // |001e| = PDU Tag - // |0002| = PDU Length - // |0006| = SA being stopped uint8_t *buffer_STOP_b = NULL; int buffer_STOP_len = 0; @@ -570,8 +483,6 @@ UTEST(EP_SA_MGMT, SA_EXPIRE_6) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index d66360de..4c8b642b 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -159,6 +159,47 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC) ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); } +/** + * @brief Unit Test: Nominal Encryption + **/ +UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_BAD_SPI) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Init_TC_Unit_Test(); + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; + SaInterface sa_if = get_sa_interface_inmemory(); + + hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + + int32_t return_val = CRYPTO_LIB_ERROR; + + SecurityAssociation_t *test_association; + // Expose the SADB Security Association for test edits. + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + sa_if->sa_get_from_spi(4, &test_association); + // Set the Key + test_association->ekid = 130; + test_association->gvcid_blk.vcid = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 0; + test_association->arsn_len = 0; + test_association->spi = 5; + + return_val = + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_Shutdown(); + free(raw_tc_sdls_ping_b); + free(ptr_enc_frame); + ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, return_val); +} + /** * @brief Unit Test: Nominal Encryption CBC **/ From 7c89e1b1d45543850e37bb64354d5944937f6bf1 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Wed, 4 Dec 2024 11:59:02 -0500 Subject: [PATCH 175/241] [nasa/cryptolib#354] Fix off by 1 issue in SPI_MAX (Num_SA-1 now). Error Code update. --- include/crypto_error.h | 1 + src/core/crypto_error.c | 3 ++- src/core/crypto_tc.c | 6 +++--- test/unit/ut_tc_apply.c | 2 +- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 08f3aac0..fc3d8f91 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -130,6 +130,7 @@ #define CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL (-57) #define CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH (-58) #define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) +#define CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH (-60) // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index c5dff512..24ca589e 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -80,7 +80,8 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_SPI_INDEX_OOB", (char *)"CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL", (char *)"CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH", - (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR"}; + (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR", + (char *)"CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH"}; char *crypto_enum_errlist_config[] = { (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 83057689..f6655695 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1928,7 +1928,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) //TODO: Make sure that SPI can't be changed from the current array index. + if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); } @@ -2026,7 +2026,7 @@ static int32_t validate_sa_index(SecurityAssociation_t *sa) SecurityAssociation_t *temp_sa; sa_if->sa_get_from_spi(sa->spi, &temp_sa); int sa_index = -1; - sa_index = (int)(sa - temp_sa); + sa_index = (int)(sa - temp_sa); // Based on array memory location #ifdef DEBUG if(sa_index == 0) printf("SA Index matches SPI\n"); @@ -2049,7 +2049,7 @@ static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa) { if(validate_sa_index(sa) != 0) { - return CRYPTO_LIB_ERR_SPI_INDEX_OOB; + return CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH; } if (sa->sa_state != SA_OPERATIONAL) { diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index 4c8b642b..555185bc 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -197,7 +197,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_BAD_SPI) Crypto_Shutdown(); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, return_val); + ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH, return_val); } /** From 3bc1389b9f6da6a04b979230b2ca15e842f9929f Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 18:28:40 +0000 Subject: [PATCH 176/241] [nasa/cryptolib#353] Add SPI_INDEX_MISMATCH error code to avoid merge conflicts --- include/crypto_error.h | 5 +++-- src/core/crypto_error.c | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 0c410272..c92f8e20 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -130,7 +130,8 @@ #define CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL (-57) #define CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH (-58) #define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) -#define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-60) +#define CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH (-60) +#define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-61) // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 @@ -151,7 +152,7 @@ #define CONFIGURATION_ERROR_CODES 100 #define CONFIGURATION_ERROR_CODES_MAX 103 -#define CRYPTO_CORE_ERROR_CODES_MAX -60 +#define CRYPTO_CORE_ERROR_CODES_MAX -61 extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index c817d306..38857bc0 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -81,6 +81,7 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL", (char *)"CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH", (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR", + (char *)"CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH", (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID"}; char *crypto_enum_errlist_config[] = { From 00e6be82b061fb6f8ecdbed54e29f2f818fd5c0b Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 4 Dec 2024 18:49:18 +0000 Subject: [PATCH 177/241] [nasa/cryptolib#353] Move NULL check for ekp and akp inside est and ast checks --- src/core/crypto_aos.c | 23 +++++++++++++++-------- src/core/crypto_tc.c | 42 +++++++++++++++++++++++------------------- src/core/crypto_tm.c | 22 ++++++++++++++-------- 3 files changed, 52 insertions(+), 35 deletions(-) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index 0602aca3..62ef7f3b 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -1213,17 +1213,17 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 // Get Key crypto_key_t *ekp = NULL; crypto_key_t *akp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - akp = key_if->get_key(sa_ptr->akid); - if (ekp == NULL || akp == NULL) - { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - mc_if->mc_log(status); - return status; - } + if (sa_ptr->est == 1) { + ekp = key_if->get_key(sa_ptr->ekid); + if (ekp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } if (ekp->key_state != KEY_ACTIVE) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; @@ -1233,6 +1233,13 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 } if (sa_ptr->ast == 1) { + akp = key_if->get_key(sa_ptr->akid); + if (akp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } if (akp->key_state != KEY_ACTIVE) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 9be6a9c1..3311b833 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -351,16 +351,16 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat crypto_key_t *akp = NULL; /* Get Key */ - ekp = key_if->get_key(sa_ptr->ekid); - akp = key_if->get_key(sa_ptr->akid); - if (ekp == NULL || akp == NULL) - { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - mc_if->mc_log(status); - return status; - } + if (sa_ptr->est == 1) { + ekp = key_if->get_key(sa_ptr->ekid); + if (ekp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } if (ekp->key_state != KEY_ACTIVE) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; @@ -370,6 +370,13 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat } if (sa_ptr->ast == 1) { + akp = key_if->get_key(sa_ptr->akid); + if (akp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } if (akp->key_state != KEY_ACTIVE) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; @@ -1576,34 +1583,31 @@ int32_t Crypto_TC_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssoc if (sa_ptr->est == 1) { - if ((*ekp)->key_state != KEY_ACTIVE) + if (*ekp == NULL) { - status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); } - } - if (sa_ptr->ast == 1) - { - if ((*akp)->key_state != KEY_ACTIVE) + if ((*ekp)->key_state != KEY_ACTIVE && (status == CRYPTO_LIB_SUCCESS)) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); } } - if (status == CRYPTO_LIB_SUCCESS) + if (sa_ptr->ast == 1 && status == CRYPTO_LIB_SUCCESS) { - if (*ekp == NULL) + if ((*akp == NULL) && (status == CRYPTO_LIB_SUCCESS)) { status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); } - - if ((*akp == NULL) && (status == CRYPTO_LIB_SUCCESS)) + if ((*akp)->key_state != KEY_ACTIVE && (status == CRYPTO_LIB_SUCCESS)) { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); } } + return status; } diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 3ba1aaac..ac01ef7d 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -237,17 +237,16 @@ void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t *pdu_len) int32_t Crypto_TM_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; - *ekp = key_if->get_key(sa_ptr->ekid); - *akp = key_if->get_key(sa_ptr->akid); - if (*ekp == NULL || *akp == NULL) - { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - mc_if->mc_log(status); - return status; - } if (sa_ptr->est == 1) { + *ekp = key_if->get_key(sa_ptr->ekid); + if (*ekp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } if ((*ekp)->key_state != KEY_ACTIVE) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; @@ -257,6 +256,13 @@ int32_t Crypto_TM_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssoc } if (sa_ptr->ast == 1) { + *akp = key_if->get_key(sa_ptr->akid); + if (*akp == NULL) + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + mc_if->mc_log(status); + return status; + } if ((*akp)->key_state != KEY_ACTIVE) { status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; From bd7b686c04a1d2ecd7cb0d0d48ed75287a4e47a0 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Wed, 4 Dec 2024 15:37:09 -0500 Subject: [PATCH 178/241] [nasa/cryptolib#355] Fix Master Key max enum reference in code (accidentally used CL APID) --- src/core/crypto_key_mgmt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 3d0a3de4..eb9ded96 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -99,7 +99,7 @@ int32_t Crypto_Key_OTAR(void) return CRYPTO_LIB_ERR_KEY_ID_ERROR; } - uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; + uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; // Per SDLS baseline status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output (size_t)(pdu_keys * (SDLS_KEYID_LEN + SDLS_KEY_LEN)), // length of data NULL, // in place decryption @@ -134,7 +134,7 @@ int32_t Crypto_Key_OTAR(void) for (count = 14; x < pdu_keys; x++) { // Encrypted Key Blocks packet.EKB[x].ekid = (sdls_frame.pdu.data[count] << BYTE_LEN) | (sdls_frame.pdu.data[count + 1]); - if (packet.EKB[x].ekid < CRYPTOLIB_APPID) + if (packet.EKB[x].ekid < MKID_MAX) { report.af = 1; if (log_summary.rs > 0) From a15904d13c79175f26b582e7d85b849b1c076a8f Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Wed, 4 Dec 2024 16:02:21 -0500 Subject: [PATCH 179/241] [nasa/cryptolib#355] Check master key state before otar deccryption --- src/core/crypto_key_mgmt.c | 9 +++- test/unit/ut_ep_key_mgmt.c | 104 +++++++++++++++++++++++++++++++++++++ 2 files changed, 112 insertions(+), 1 deletion(-) diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index eb9ded96..5d29af05 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -72,7 +72,7 @@ int32_t Crypto_Key_OTAR(void) #ifdef DEBUG printf(KRED "Error: MKID is not valid! \n" RESET); #endif - status = CRYPTO_LIB_ERROR; + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; return status; } @@ -93,12 +93,19 @@ int32_t Crypto_Key_OTAR(void) #endif } + // Try to get key ekp = key_if->get_key(packet.mkid); if (ekp == NULL) { return CRYPTO_LIB_ERR_KEY_ID_ERROR; } + // Check key state + if(ekp->key_state != KEY_ACTIVE) + { + return CRYPTO_LIB_ERR_KEY_STATE_INVALID; + } + uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; // Per SDLS baseline status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output (size_t)(pdu_keys * (SDLS_KEYID_LEN + SDLS_KEY_LEN)), // length of data diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 79d8437b..772e01d7 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -534,4 +534,108 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) free(buffer_VERIFY_b); } +/* +** Test that a fail OTAR key decryption will bubble up to a top-level error. +*/ +UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + // crypto_key_t* ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + // char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_OTAR_h = + "2003009e00ff000100001880d037008c197f0b00010084007F344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bb" + "d55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af89" + "6d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986366f5ffd95555"; + // |2003009e00| = Primary Header + // |ff| = Ext. Procs + // |0000| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d037| = seq, pktid + // |008c| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |0001| = PDU Tag + // |0084| = PDU Length + // |007F| = Master Key ID - Valid id, invalid that it isn't set up in the keyring! + // |344892bbc54f5395297d4c37| = IV + // |172f| = Encrypted + // Key ID + // |2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd| + // = Encrypted Key + // |21cf| = Encrypted Key ID + // |268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990| = Encrypted Key + // |ba41| = EKID + // |48af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e557| = EK + // |10a47209c923b641d19a39001f9e9861| = MAC + // |66f5ffd95555| = Trailer or Padding??? + + uint8_t *buffer_nist_key_b, *buffer_OTAR_b = NULL; + int buffer_nist_key_len, buffer_OTAR_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Activate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->iv_len = 0; + test_association->shivf_len = 0; + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + // ekp = key_if->get_key(test_association->ekid); + // memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + + // Convert frames that will be processed + hex_conversion(buffer_OTAR_h, (char **)&buffer_OTAR_b, &buffer_OTAR_len); + // Convert/Set input IV + // hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + // memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_OTAR_b, &buffer_OTAR_len, &tc_nist_processed_frame); + // Not sure where it'll fail yet, but shouldn't be a success + ASSERT_NE(CRYPTO_LIB_SUCCESS, status); + printf("\n"); + Crypto_Shutdown(); + // free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_OTAR_b); +} + UTEST_MAIN(); \ No newline at end of file From 52a32b5bcb699abafc6322a8569cf5195ec57d45 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Wed, 4 Dec 2024 16:52:33 -0500 Subject: [PATCH 180/241] [nasa/cryptolib#355] Add error case, add UT for a Master Key for OTAR that is Key_Active with invalid settings to decrypt call fails for libgcrypt and error bubbles up. --- src/core/crypto_error.c | 3 +- src/core/crypto_tc.c | 2 +- .../internal/sa_interface_inmemory.template.c | 3 + test/unit/ut_ep_key_mgmt.c | 116 +++++++++++++++++- 4 files changed, 117 insertions(+), 7 deletions(-) diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 38857bc0..7cd38971 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -82,7 +82,8 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH", (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR", (char *)"CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH", - (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID"}; + (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID", + (char *)"CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI"}; char *crypto_enum_errlist_config[] = { (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 336f5e84..509a34ee 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1974,7 +1974,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc else { // Some Magic here to log that an inappropriate SA was attempted to be used for EP - status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; // TODO: Do we want a different error code for this? + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; // TODO: Do we want a different error code for this? mc_if->mc_log(status); status = CRYPTO_LIB_SUCCESS; } diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 36b3df2d..0d59f13c 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -714,6 +714,9 @@ static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t **security_as // Check if spi index in sa array if (spi >= NUM_SA) { +#ifdef SA_DEBUG + printf(KRED "sa_get_from_spi: SPI: %d > NUM_SA: %d.\n" RESET, spi, NUM_SA); +#endif return CRYPTO_LIB_ERR_SPI_INDEX_OOB; } *security_association = &sa[spi]; diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 162ad4f8..0eaa113e 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -427,9 +427,9 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) } /* -** Test that a fail OTAR key decryption will bubble up to a top-level error. +** Test that an OTAR attempt with non-active Master Key will bubble up to a top-level error. */ -UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) +UTEST(EP_KEY_MGMT, OTAR_0_140_142_MK_NOT_ACTIVE) { remove("sa_save_file.bin"); // Setup & Initialize CryptoLib @@ -459,7 +459,7 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; // char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA char *buffer_OTAR_h = - "2003009e00ff000100001880d037008c197f0b00010084007F344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bb" + "2003009e00ff000000001880d037008c197f0b00010084007F344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bb" "d55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af89" "6d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986366f5ffd95555"; // |2003009e00| = Primary Header @@ -495,8 +495,8 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) // Expose/setup SAs for testing SecurityAssociation_t *test_association; - // Activate SA 1 - sa_if->sa_get_from_spi(1, &test_association); + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; test_association->ecs = CRYPTO_CIPHER_NONE; @@ -530,4 +530,110 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) free(buffer_OTAR_b); } +/* +** Test that a fail OTAR key decryption will bubble up to a top-level error. +*/ +UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, + // AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t* ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + // char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_OTAR_h = + "2003009e00ff000000001880d037008c197f0b00010084007F344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bb" + "d55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af89" + "6d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986366f5ffd95555"; + // |2003009e00| = Primary Header + // |ff| = Ext. Procs + // |0000| = SPI + // |0000| = ARSN + // |1880| = CryptoLib App ID + // |d037| = seq, pktid + // |008c| = pkt_length + // |197f| = pusv, ack, st + // |0b| = sst, sid, spare + // |0001| = PDU Tag + // |0084| = PDU Length + // |007F| = Master Key ID - Valid id, invalid that it isn't set up in the keyring! + // |344892bbc54f5395297d4c37| = IV + // |172f| = Encrypted + // Key ID + // |2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd| + // = Encrypted Key + // |21cf| = Encrypted Key ID + // |268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990| = Encrypted Key + // |ba41| = EKID + // |48af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e557| = EK + // |10a47209c923b641d19a39001f9e9861| = MAC + // |66f5ffd95555| = Trailer or Padding??? + + uint8_t *buffer_nist_key_b, *buffer_OTAR_b = NULL; + int buffer_nist_key_len, buffer_OTAR_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->iv_len = 0; + test_association->shivf_len = 0; + test_association->ekid = 127; + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + // memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + + // Convert frames that will be processed + hex_conversion(buffer_OTAR_h, (char **)&buffer_OTAR_b, &buffer_OTAR_len); + // Convert/Set input IV + // hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); + // memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_OTAR_b, &buffer_OTAR_len, &tc_nist_processed_frame); + // Not sure where it'll fail yet, but shouldn't be a success + ASSERT_NE(CRYPTO_LIB_SUCCESS, status); + printf("\n"); + Crypto_Shutdown(); + // free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_OTAR_b); +} + UTEST_MAIN(); \ No newline at end of file From 377f0989cada1c37d9094dd4bf533fe79763eb33 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Wed, 4 Dec 2024 16:53:29 -0500 Subject: [PATCH 181/241] [nasa/cryptolib#355] Missed crypto_error.h last commit --- include/crypto_error.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/crypto_error.h b/include/crypto_error.h index c92f8e20..aadc313a 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -132,6 +132,7 @@ #define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) #define CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH (-60) #define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-61) +#define CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI (-62) // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 From e782c723348abe00c46f6d0bd26cd39bf76067da Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Wed, 4 Dec 2024 17:05:07 -0500 Subject: [PATCH 182/241] [nasa/cryptolib#355] Modify crypto_pdu, OTAR is tested other places --- test/unit/ut_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 9c209c54..87081d0d 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -116,12 +116,12 @@ UTEST(CRYPTO_C, PDU_SWITCH) sdls_frame.pdu.hdr.uf = PDU_USER_FLAG_FALSE; printf("SG_KEY_MGMT\n"); sdls_frame.pdu.hdr.sg = SG_KEY_MGMT; - sdls_frame.pdu.hdr.pid = PID_OTAR; + // sdls_frame.pdu.hdr.pid = PID_OTAR; uint8_t *ingest = NULL; TC_t tc_frame; - status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + // status = Crypto_PDU(ingest, &tc_frame); + // ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_KEY_ACTIVATION; status = Crypto_PDU(ingest, &tc_frame); From c2e90c98827035234022516916ec57698f9c6445 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 5 Dec 2024 17:44:49 +0000 Subject: [PATCH 183/241] [nasa/cryptolib#357] Added sa_verify_data function with errors --- include/crypto_config.h | 2 +- include/crypto_error.h | 7 +- src/core/crypto_error.c | 7 +- .../internal/sa_interface_inmemory.template.c | 90 +++++++++++++------ 4 files changed, 74 insertions(+), 32 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index f3b967df..7fc69233 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -134,7 +134,7 @@ #define CHALLENGE_SIZE 16 /* bytes */ #define CHALLENGE_MAC_SIZE 16 /* bytes */ #define BYTE_LEN 8 /* bits */ -#define CRYPTOLIB_APPID 128 +#define CRYPTOLIB_APPID 128 // Monitoring and Control Defines #define EMV_SIZE 4 /* bytes */ diff --git a/include/crypto_error.h b/include/crypto_error.h index c92f8e20..758ccb7b 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -132,6 +132,11 @@ #define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) #define CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH (-60) #define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-61) +#define CRYPTO_LIB_ERR_SHIVF_LEN_GREATER_THAN_MAX_IV_SIZE (-62) +#define CRYPTO_LIB_ERR_SHSNF_LEN_GREATER_THAN_MAX_ARSN_SIZE (-63) +#define CRYPTO_LIB_ERR_ABM_LEN_GREATER_THAN_MAX_ABM_SIZE (-64) +#define CRYPTO_LIB_ERR_STMACF_LEN_GREATER_THAN_MAX_MAC_SIZE (-65) +#define CRYPTO_LIB_ERR_SHPLF_LEN_GREATER_THAN_MAX_PAD_SIZE (-66) // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 @@ -152,7 +157,7 @@ #define CONFIGURATION_ERROR_CODES 100 #define CONFIGURATION_ERROR_CODES_MAX 103 -#define CRYPTO_CORE_ERROR_CODES_MAX -61 +#define CRYPTO_CORE_ERROR_CODES_MAX -66 extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 38857bc0..44d9c842 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -82,7 +82,12 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_IV_GREATER_THAN_MAX_LENGTH", (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR", (char *)"CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH", - (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID"}; + (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID", + (char *)"CRYPTO_LIB_ERR_SHIVF_LEN_GREATER_THAN_MAX_IV_SIZE", + (char *)"CRYPTO_LIB_ERR_SHSNF_LEN_GREATER_THAN_MAX_ARSN_SIZE", + (char *)"CRYPTO_LIB_ERR_ABM_LEN_GREATER_THAN_MAX_ABM_SIZE", + (char *)"CRYPTO_LIB_ERR_STMACF_LEN_GREATER_THAN_MAX_MAC_SIZE", + (char *)"CRYPTO_LIB_ERR_SHPLF_LEN_GREATER_THAN_MAX_PAD_SIZE"}; char *crypto_enum_errlist_config[] = { (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 36b3df2d..87d6801c 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -34,6 +34,8 @@ static int32_t sa_create(void); static int32_t sa_setARSN(void); static int32_t sa_setARSNW(void); static int32_t sa_delete(void); +// Security Association Local Functions +int32_t sa_verify_data(SecurityAssociation_t *); /* ** Global Variables @@ -1290,6 +1292,7 @@ static int32_t sa_expire(void) static int32_t sa_create(void) { // Local variables + int32_t status = CRYPTO_LIB_SUCCESS; uint8_t count = 6; uint16_t spi = 0x0000; int x; @@ -1303,58 +1306,61 @@ static int32_t sa_create(void) // Check if valid SPI if (spi < NUM_SA) { + SecurityAssociation_t *temp_sa; + sa_if->sa_get_from_spi(spi, &temp_sa); // Overwrite last PID : 8 bits // Bits from L-R // 1 : Procedure Type Flag (type) // 2 : User Flag (uf) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) - sa[spi].lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | + temp_sa->lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | sdls_frame.pdu.hdr.pid; // Write SA Configuration - sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; - sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; - sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); - sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; - sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); - sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); - sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); - for (x = 0; x < sa[spi].ecs_len; x++) + temp_sa->est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; + temp_sa->ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; + temp_sa->shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); + temp_sa->shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; + temp_sa->shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); + temp_sa->stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); + temp_sa->ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); + for (x = 0; x < temp_sa->ecs_len; x++) { - sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]); + temp_sa->ecs = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]); - for (x = 0; x < sa[spi].shivf_len; x++) + temp_sa->shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]); + for (x = 0; x < temp_sa->shivf_len; x++) { - sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]); + temp_sa->iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]); - for (x = 0; x < sa[spi].acs_len; x++) + temp_sa->acs_len = ((uint8_t)sdls_frame.pdu.data[count++]); + for (x = 0; x < temp_sa->acs_len; x++) { - sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); + temp_sa->acs = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << BYTE_LEN) | (sdls_frame.pdu.data[count + 1])); + temp_sa->abm_len = (uint8_t)((sdls_frame.pdu.data[count] << BYTE_LEN) | (sdls_frame.pdu.data[count + 1])); count = count + 2; - for (x = 0; x < sa[spi].abm_len; x++) + for (x = 0; x < temp_sa->abm_len; x++) { - sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); + temp_sa->abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]); - for (x = 0; x < sa[spi].arsn_len; x++) + temp_sa->arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]); + for (x = 0; x < temp_sa->arsn_len; x++) { - *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]); + *(temp_sa->arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]); } - sa[spi].arsnw_len = ((uint8_t)sdls_frame.pdu.data[count++]); - for (x = 0; x < sa[spi].arsnw_len; x++) + temp_sa->arsnw_len = ((uint8_t)sdls_frame.pdu.data[count++]); + for (x = 0; x < temp_sa->arsnw_len; x++) { - sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_frame.pdu.data[count++]) << (sa[spi].arsnw_len - x)); + temp_sa->arsnw = temp_sa->arsnw | (((uint8_t)sdls_frame.pdu.data[count++]) << (temp_sa->arsnw_len - x)); } - // TODO: Checks for valid data - // Set state to unkeyed - sa[spi].sa_state = SA_UNKEYED; + temp_sa->sa_state = SA_UNKEYED; + + // Verify data + status = sa_verify_data(temp_sa); #ifdef PDU_DEBUG Crypto_saPrint(&sa[spi]); @@ -1367,7 +1373,7 @@ static int32_t sa_create(void) #endif } - return CRYPTO_LIB_SUCCESS; + return status; } /** @@ -1574,5 +1580,31 @@ static int32_t sa_status(uint8_t *ingest) #endif } + return status; +} + +int32_t sa_verify_data(SecurityAssociation_t * sa_ptr) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + if (sa_ptr->shivf_len > IV_SIZE) + { + status = CRYPTO_LIB_ERR_SHIVF_LEN_GREATER_THAN_MAX_IV_SIZE; + } + if (sa_ptr->shsnf_len > ARSN_SIZE) + { + status = CRYPTO_LIB_ERR_SHSNF_LEN_GREATER_THAN_MAX_ARSN_SIZE; + } + if (sa_ptr->abm_len > ABM_SIZE) + { + status = CRYPTO_LIB_ERR_ABM_LEN_GREATER_THAN_MAX_ABM_SIZE; + } + if (sa_ptr->stmacf_len > MAC_SIZE) + { + status = CRYPTO_LIB_ERR_STMACF_LEN_GREATER_THAN_MAX_MAC_SIZE; + } + if (sa_ptr->shplf_len > PAD_SIZE) + { + status = CRYPTO_LIB_ERR_SHPLF_LEN_GREATER_THAN_MAX_PAD_SIZE; + } return status; } \ No newline at end of file From dc66018ca16ef17fafd6c65938cade50f24d07b2 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 5 Dec 2024 17:49:57 +0000 Subject: [PATCH 184/241] [nasa/cryptolib#357] Resolve merge conflicts --- include/crypto_error.h | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 583a4403..a6743a9f 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -132,15 +132,13 @@ #define CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR (-59) #define CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH (-60) #define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-61) -<<<<<<< HEAD -#define CRYPTO_LIB_ERR_SHIVF_LEN_GREATER_THAN_MAX_IV_SIZE (-62) -#define CRYPTO_LIB_ERR_SHSNF_LEN_GREATER_THAN_MAX_ARSN_SIZE (-63) -#define CRYPTO_LIB_ERR_ABM_LEN_GREATER_THAN_MAX_ABM_SIZE (-64) -#define CRYPTO_LIB_ERR_STMACF_LEN_GREATER_THAN_MAX_MAC_SIZE (-65) -#define CRYPTO_LIB_ERR_SHPLF_LEN_GREATER_THAN_MAX_PAD_SIZE (-66) -======= #define CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI (-62) ->>>>>>> dev +#define CRYPTO_LIB_ERR_SHIVF_LEN_GREATER_THAN_MAX_IV_SIZE (-63) +#define CRYPTO_LIB_ERR_SHSNF_LEN_GREATER_THAN_MAX_ARSN_SIZE (-64) +#define CRYPTO_LIB_ERR_ABM_LEN_GREATER_THAN_MAX_ABM_SIZE (-65) +#define CRYPTO_LIB_ERR_STMACF_LEN_GREATER_THAN_MAX_MAC_SIZE (-66) +#define CRYPTO_LIB_ERR_SHPLF_LEN_GREATER_THAN_MAX_PAD_SIZE (-67) + // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 @@ -161,7 +159,7 @@ #define CONFIGURATION_ERROR_CODES 100 #define CONFIGURATION_ERROR_CODES_MAX 103 -#define CRYPTO_CORE_ERROR_CODES_MAX -66 +#define CRYPTO_CORE_ERROR_CODES_MAX -67 extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; From 22e03b3f65890823377da52f642fd383977fbb80 Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Thu, 5 Dec 2024 15:02:44 -0500 Subject: [PATCH 185/241] [nasa/cryptolib#362] Fix missing -1 for bounds checking --- include/crypto_config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index f3b967df..8cde6adb 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -111,7 +111,7 @@ #define NUM_SA 64 #define SPI_LEN 2 /* bytes */ #define SPI_MIN 0 -#define SPI_MAX NUM_SA /* TODO: is 64 what we want here?*/ +#define SPI_MAX NUM_SA - 1 #define KEY_SIZE 512 /* bytes */ #define KEY_ID_SIZE 8 #define MKID_MAX 128 @@ -245,4 +245,4 @@ */ #define TC_BLOCK_SIZE 16 -#endif // CRYPTO_CONFIG_H \ No newline at end of file +#endif // CRYPTO_CONFIG_H From 727ee7bd6a3ce88c7d8a4f0d65c825687071196f Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Tue, 10 Dec 2024 15:52:53 -0500 Subject: [PATCH 186/241] [nasa/cryptolib#364] Add ExProc Build Flag - Print/Warning that ExProcs are currently a WIP. --- CMakeLists.txt | 7 +++++++ include/crypto_error.h | 5 +++-- src/core/crypto.c | 3 +++ src/core/crypto_error.c | 3 ++- src/core/crypto_tc.c | 11 +++++++++-- test/CMakeLists.txt | 25 +++++++++++++------------ test/unit/ut_crypto.c | 2 ++ 7 files changed, 39 insertions(+), 17 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 691d9bc1..dd454968 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -64,6 +64,7 @@ OPTION(KMC_MDB_RH "KMC-MDB-RedHat-Integration-Testing" OFF) #Disabled by default OPTION(KMC_MDB_DB "KMC-MDB-Debian-Integration-Testing" OFF) #Disabled by default, enable with: -DKMC_MDB_DB=ON OPTION(KMC_CFFI_EXCLUDE "KMC-Exclude-Problematic-CFFI-Code" OFF) #Disabled by default, enable with: -DKMC_CFFI_EXCLUDE=ON +OPTION(CRYPTO_EPROC "Enables the building and use of Extended Procedures" OFF) #Disabled by default, enable with -DCRYPTO_EPROC=ON # # Custom Module Paths @@ -138,6 +139,12 @@ IF(KMC_MDB_DB) ADD_DEFINITIONS(-DKMC_CFFI_EXCLUDE) ENDIF(KMC_MDB_DB) +IF(CRYPTO_EPROC) + ADD_DEFINITIONS(-DCRYPTO_EPROC) + message(WARNING "Cryptolib Extended Procedures NOT complete. NOT Fully tested. Use at own risk!") + +ENDIF(CRYPTO_EPROC) + if(SYSTEM_INSTALL) # The library will be installed to /usr/local unless overridden with # -DCMAKE_INSTALL_PREFIX=/some/path diff --git a/include/crypto_error.h b/include/crypto_error.h index aadc313a..de965747 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -133,6 +133,9 @@ #define CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH (-60) #define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-61) #define CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI (-62) +#define CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT (-63) + +#define CRYPTO_CORE_ERROR_CODES_MAX -63 // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 @@ -153,8 +156,6 @@ #define CONFIGURATION_ERROR_CODES 100 #define CONFIGURATION_ERROR_CODES_MAX 103 -#define CRYPTO_CORE_ERROR_CODES_MAX -61 - extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; extern char *crypto_enum_errlist_sa_if[]; diff --git a/src/core/crypto.c b/src/core/crypto.c index dbcd6d94..9c7e401d 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -761,6 +761,8 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin return status; } + +#ifdef CRYPTO_EPROC /** * @brief Function: Crypto_Process_Extended_Procedure_Pdu * @param tc_sdls_processed_frame: TC_t* @@ -861,6 +863,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } return status; } // End Process SDLS PDU +#endif //CRYPTO_EPROC /** * @brief Function: Crypto_Check_Anti_Replay_Verify_Pointers diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 7cd38971..d6f1b4dd 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -83,7 +83,8 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_KEY_STATE_TRANSITION_ERROR", (char *)"CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH", (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID", - (char *)"CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI"}; + (char *)"CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI", + (char *)"CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT"}; char *crypto_enum_errlist_config[] = { (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 509a34ee..8ba8d65f 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1967,17 +1967,24 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) + #ifdef CRYPTO_EPROC + if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) //TODO: Make sure that SPI can't be changed from the current array index. { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); } else { // Some Magic here to log that an inappropriate SA was attempted to be used for EP - status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; // TODO: Do we want a different error code for this? + status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; mc_if->mc_log(status); status = CRYPTO_LIB_SUCCESS; } + #else + status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; + mc_if->mc_log(status); + status = CRYPTO_LIB_SUCCESS; + printf("Extended Procedures Not Built - Rebuild with -DEPROCS Flag if needed.\n"); + #endif //CRYPTO_EPROC } Crypto_TC_Safe_Free_Ptr(aad); diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 990d5082..fbf69484 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -52,18 +52,19 @@ add_test(NAME UT_TM_APPLY add_test(NAME UT_TM_PROCESS COMMAND ${PROJECT_BINARY_DIR}/bin/ut_tm_process WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - -add_test(NAME UT_EP_MC - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_mc - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - -add_test(NAME UT_EP_SA_MGMT - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_sa_mgmt - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - -add_test(NAME UT_EP_KEY_MGMT - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_key_mgmt - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) +if(CRYPTO_EPROC) + add_test(NAME UT_EP_MC + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_mc + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + + add_test(NAME UT_EP_SA_MGMT + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_sa_mgmt + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + + add_test(NAME UT_EP_KEY_MGMT + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_ep_key_mgmt + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) +endif() if(NOT ${CRYPTO_WOLFSSL}) add_test(NAME UT_AES_GCM_SIV diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 87081d0d..4a0cd5f0 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -263,6 +263,7 @@ UTEST(CRYPTO_C, PDU_SWITCH) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } +#ifdef CRYPTO_EPROC /** * @brief Unit Test: Crypto Extended Procedures PDU Test **/ @@ -280,6 +281,7 @@ UTEST(CRYPTO_C, EXT_PROC_PDU) status = Crypto_Process_Extended_Procedure_Pdu(tc_frame, ingest); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } +#endif //CRYPTO_EPROC /** * @brief Unit Test: Crypto ACS Get Algorithm response From 56fffc53fb8c9184215c0a97c18fb2b1c3166208 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Tue, 10 Dec 2024 21:16:19 +0000 Subject: [PATCH 187/241] [nasa/cryptolib#364] Add build script, added CI --- .github/workflows/build.yml | 51 +++++++++++++++++++++++++++++++++++++ support/scripts/build_ep.sh | 14 ++++++++++ 2 files changed, 65 insertions(+) create mode 100644 support/scripts/build_ep.sh diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5c6ecf9e..11356dce 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -269,3 +269,54 @@ jobs: with: files: 'coverage/*.c.gcov' verbose: true + + # + # Ext. Proc. Build + # + EP_build: + # Container Setup + runs-on: ubuntu-latest + container: + image: ivvitc/cryptolib:20240814 + steps: + - uses: actions/checkout@v4 + - name: Update + run: apt-get update + - name: Install Dependencies + run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 + - name: Install Python Libraries + run: pip install pycryptodome + - name: Install Libgcrypt + run: > + curl + -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 + -o /tmp/libgpg-error-1.50.tar.bz2 + && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ + && cd /tmp/libgpg-error-1.50 + && ./configure + && make install + && curl + -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 + -o /tmp/libgcrypt-1.11.0.tar.bz2 + && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ + && cd /tmp/libgcrypt-1.11.0 + && ./configure + && make install + && ldconfig + # End Container Setup + + - name: Internal Build Script + working-directory: ${{github.workspace}} + run: bash ${GITHUB_WORKSPACE}/support/scripts/build_ep.sh + + - name: Code-Coverage + working-directory: ${{github.workspace}} + run: make gcov + + - name: Upload + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a + with: + files: 'coverage/*.c.gcov' + verbose: true diff --git a/support/scripts/build_ep.sh b/support/scripts/build_ep.sh new file mode 100644 index 00000000..ea68d982 --- /dev/null +++ b/support/scripts/build_ep.sh @@ -0,0 +1,14 @@ +#!/bin/bash -i +# +# Convenience script for CryptoLib development +# Will build in current directory +# +# ./build_ep.sh +# + +SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +source $SCRIPT_DIR/env.sh + +rm $BASE_DIR/CMakeCache.txt + +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DMC_INTERNAL=1 -DTEST=1 -DSA_FILE=1 -DKEY_VALIDATION=0 -DCRYPTO_EPROC=1 && make && make test From 9378f3b48e07e75c828de11a958d034ad34c01a2 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Tue, 10 Dec 2024 21:18:27 +0000 Subject: [PATCH 188/241] [nasa/cryptolib#364] Added CodeQL CI for EP --- .github/workflows/codeql.yml | 54 +++++++++++++++++++++++++++++++++++- 1 file changed, 53 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 06c3bdd8..4d11de2f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -253,4 +253,56 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: - category: "/language:${{matrix.language}}" \ No newline at end of file + category: "/language:${{matrix.language}}" + + build_ep: + name: Analyze Build_EP + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + container: + image: ivvitc/cryptolib:20240814 + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: write + contents: read + + env: + BUILD_STRING: build_ep.sh + + strategy: + fail-fast: false + matrix: + include: + - language: c-cpp + build-mode: manual + # - language: python + # build-mode: none + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Update Dependencies + run: | + bash ${GITHUB_WORKSPACE}/support/scripts/update_env.sh + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + + - if: matrix.build-mode == 'manual' + shell: bash + run: | + bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" \ No newline at end of file From 3b67825cf31e600ce86ad036f3c2b076baf1a142 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Tue, 10 Dec 2024 17:19:23 -0500 Subject: [PATCH 189/241] [nasa/cryptolib#364] Updates to allow for failure codes. New Unit test. --- src/core/crypto.c | 7 ++-- src/core/crypto_tc.c | 7 ---- test/unit/ut_crypto.c | 74 ++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 78 insertions(+), 10 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 9c7e401d..a25d2da1 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -762,7 +762,6 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin } -#ifdef CRYPTO_EPROC /** * @brief Function: Crypto_Process_Extended_Procedure_Pdu * @param tc_sdls_processed_frame: TC_t* @@ -785,7 +784,9 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin { if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) // Crypto Lib Application ID + { + #ifdef CRYPTO_EPROC #ifdef DEBUG printf(KGRN "Received SDLS command: " RESET); #endif @@ -828,6 +829,9 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); + #else + status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; + #endif //CRYPTO_EPROC } } else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer @@ -863,7 +867,6 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } return status; } // End Process SDLS PDU -#endif //CRYPTO_EPROC /** * @brief Function: Crypto_Check_Anti_Replay_Verify_Pointers diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 8ba8d65f..e11e7199 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1967,7 +1967,6 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - #ifdef CRYPTO_EPROC if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) //TODO: Make sure that SPI can't be changed from the current array index. { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); @@ -1979,12 +1978,6 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc mc_if->mc_log(status); status = CRYPTO_LIB_SUCCESS; } - #else - status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; - mc_if->mc_log(status); - status = CRYPTO_LIB_SUCCESS; - printf("Extended Procedures Not Built - Rebuild with -DEPROCS Flag if needed.\n"); - #endif //CRYPTO_EPROC } Crypto_TC_Safe_Free_Ptr(aad); diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 4a0cd5f0..87b72600 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -87,6 +87,7 @@ UTEST(CRYPTO_C, BAD_CC_FLAG) ASSERT_EQ(CRYPTO_LIB_ERR_INVALID_CC_FLAG, return_val); } +#ifdef CRYPTO_EPROC /** * @brief Unit Test: PDU Switch testing * @note: TODO: This needs to be reworked to actually better test. @@ -263,7 +264,7 @@ UTEST(CRYPTO_C, PDU_SWITCH) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } -#ifdef CRYPTO_EPROC + /** * @brief Unit Test: Crypto Extended Procedures PDU Test **/ @@ -397,4 +398,75 @@ UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) ASSERT_EQ(AOS_SIZE, (size_t)(8 + 18 + 1786 + 22)); } +#ifndef CRYPTO_EPROC +UTEST(CRYPTO_C, OTAR_0_140_142_FAIL_TEST) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + // char* buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_OTAR_h = + "2003009e00ff000000001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bb" + "d55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af89" + "6d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555"; + + uint8_t *buffer_nist_key_b, *buffer_OTAR_b = NULL; + int buffer_nist_key_len, buffer_OTAR_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + test_association->iv_len = 0; + test_association->shivf_len = 0; + + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + + // Convert frames that will be processed + hex_conversion(buffer_OTAR_h, (char **)&buffer_OTAR_b, &buffer_OTAR_len); + // Convert/Set input IV + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_OTAR_b, &buffer_OTAR_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT, status); + + printf("\n"); + Crypto_Shutdown(); + free(buffer_nist_key_b); + free(buffer_OTAR_b); +} +#endif //CRYPTO_EPROC UTEST_MAIN(); \ No newline at end of file From 1ff944b82c68dd7fdf6cd580ee4a8527a505ee24 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Tue, 10 Dec 2024 17:25:52 -0500 Subject: [PATCH 190/241] [nasa/cryptolib#364] Remove TODO that was completed. --- src/core/crypto_tc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index e11e7199..22a458e0 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1967,7 +1967,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) //TODO: Make sure that SPI can't be changed from the current array index. + if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); } From 7d1df06be992a30f948d40043b805b3437732535 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Thu, 12 Dec 2024 10:55:06 -0500 Subject: [PATCH 191/241] [nasa/cryptolib#365] Re-arrange to remove magic nums in tc_process --- src/core/crypto.c | 140 ++++++++++++++++++++++++------------------- src/core/crypto_tc.c | 18 +++--- 2 files changed, 88 insertions(+), 70 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index a25d2da1..aa27f074 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -21,6 +21,7 @@ */ #include "crypto.h" #include <string.h> +#include <stdbool.h> /* ** Static Library Declaration @@ -772,99 +773,116 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uint8_t *ingest) { int32_t status = CRYPTO_LIB_SUCCESS; - int x; + ingest = ingest; // Suppress unused variable error depending on build + // Check for null pointers if (tc_sdls_processed_frame == NULL) { status = CRYPTO_LIB_ERR_NULL_BUFFER; } + + // Validate correct SA for EPs + bool valid_ep_sa = (tc_sdls_processed_frame->tc_sec_header.spi != SPI_MIN) && (tc_sdls_processed_frame->tc_sec_header.spi != SPI_MAX); if (status == CRYPTO_LIB_SUCCESS) { if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { + // Check for speciic App ID for EPs - the CryptoLib Apid in this case if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) - // Crypto Lib Application ID - { - #ifdef CRYPTO_EPROC +#ifdef CRYPTO_EPROC + // Check validity of SAs used for EP + if(valid_ep_sa) + { #ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); + printf(KGRN "Received SDLS command: " RESET); #endif - // CCSDS Header - sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; - sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; - sdls_frame.hdr.appID = - ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; - sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; - sdls_frame.hdr.pktid = - ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; - sdls_frame.hdr.pkt_length = - (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; - - // CCSDS PUS - sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; - sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; - sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); - sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; - sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; - sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; - sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); - - // SDLS TLV PDU - sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = - (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) - { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; - } + // CCSDS Header + sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; + sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; + sdls_frame.hdr.appID = + ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; + sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; + sdls_frame.hdr.pktid = + ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; + sdls_frame.hdr.pkt_length = + (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + + // CCSDS PUS + sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; + sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; + sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); + sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; + sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; + sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; + sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); + + // SDLS TLV PDU + sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + for (uint16_t x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + } #ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); + Crypto_ccsdsPrint(&sdls_frame); #endif - + // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); - #else + } + + #else // Received an EP command without EPs being built status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } } else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer { + #ifdef CRYPTO_EPROC + // Check validity of SAs used for EP + if(valid_ep_sa) + { #ifdef DEBUG - printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); + printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); #endif - // No Packet HDR or PUS in these frames - // SDLS TLV PDU - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; - for (x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) - { - // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely - // fails. Must consider Uplink Sessions (sequence numbers). - sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; - } + // No Packet HDR or PUS in these frames + // SDLS TLV PDU + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; + for (uint16_t x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) + { + // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely + // fails. Must consider Uplink Sessions (sequence numbers). + sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; + } #ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); + Crypto_ccsdsPrint(&sdls_frame); #endif - // Determine type of PDU - status = Crypto_PDU(ingest, tc_sdls_processed_frame); + // Determine type of PDU + status = Crypto_PDU(ingest, tc_sdls_processed_frame); + } + + #else // Received an EP command without EPs being built + status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; + #endif //CRYPTO_EPROC } - else - { - // TODO - Process SDLS PDU with Packet Layer without PUS_HDR + else + { + // TODO - Process SDLS PDU with Packet Layer without PUS_HDR + } } - } return status; } // End Process SDLS PDU diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 22a458e0..5236e290 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1967,17 +1967,17 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) - { + // if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) + // { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); - } - else - { + // } + // else + // { // Some Magic here to log that an inappropriate SA was attempted to be used for EP - status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; - mc_if->mc_log(status); - status = CRYPTO_LIB_SUCCESS; - } + // status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; + // mc_if->mc_log(status); + // status = CRYPTO_LIB_SUCCESS; + // } } Crypto_TC_Safe_Free_Ptr(aad); From bb1191ef74752a4044cf06dc934fa3eada8c53d2 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Fri, 13 Dec 2024 11:32:14 -0500 Subject: [PATCH 192/241] [nasa/cryptolib#365] Fix unused variable error in crypto.c depending on build --- src/core/crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/core/crypto.c b/src/core/crypto.c index aa27f074..559dd615 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -839,6 +839,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } #else // Received an EP command without EPs being built + valid_ep_sa = valid_ep_sa; // Suppress build error status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } @@ -875,6 +876,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } #else // Received an EP command without EPs being built + valid_ep_sa = valid_ep_sa; // Suppress build error status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } From 59509799f3bbb911d161ed7668662fd6810c5763 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Fri, 13 Dec 2024 13:09:12 -0500 Subject: [PATCH 193/241] [nasa/Cryptolib#365] Adjust boolean logic for SPI assessment --- src/core/crypto.c | 14 +++++++++++--- src/core/crypto_tc.c | 12 +----------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 559dd615..724860b0 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -782,7 +782,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } // Validate correct SA for EPs - bool valid_ep_sa = (tc_sdls_processed_frame->tc_sec_header.spi != SPI_MIN) && (tc_sdls_processed_frame->tc_sec_header.spi != SPI_MAX); + bool valid_ep_sa = (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX); if (status == CRYPTO_LIB_SUCCESS) { if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) @@ -793,7 +793,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin #ifdef CRYPTO_EPROC // Check validity of SAs used for EP if(valid_ep_sa) - { + { #ifdef DEBUG printf(KGRN "Received SDLS command: " RESET); #endif @@ -837,6 +837,12 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); } + // Received EP PDU on invalid SA + else + { + printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + } #else // Received an EP command without EPs being built valid_ep_sa = valid_ep_sa; // Suppress build error @@ -874,8 +880,10 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); } - #else // Received an EP command without EPs being built +#ifdef CCSDS_DEBUG + printf(KRED "PDU DEBUG %s %d\n" RESET, __FILE__, __LINE__); +#endif valid_ep_sa = valid_ep_sa; // Suppress build error status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 5236e290..cca8a8fa 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1967,17 +1967,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - // if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) - // { - status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); - // } - // else - // { - // Some Magic here to log that an inappropriate SA was attempted to be used for EP - // status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; - // mc_if->mc_log(status); - // status = CRYPTO_LIB_SUCCESS; - // } + status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); } Crypto_TC_Safe_Free_Ptr(aad); From f98c58b405f611a982f7a6477542a4f416cdf468 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Fri, 13 Dec 2024 13:14:43 -0500 Subject: [PATCH 194/241] [nasa/cryptolib#365] Fix security bot warnings --- src/core/crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 724860b0..6feda2e1 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -825,7 +825,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (uint16_t x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) { sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; } @@ -866,7 +866,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; - for (uint16_t x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) + for (int x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) { // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely // fails. Must consider Uplink Sessions (sequence numbers). From 0828ff00a2dfe3ee756940e7be8f47a39a3026aa Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Mon, 16 Dec 2024 13:45:46 +0000 Subject: [PATCH 195/241] [nasa/cryptolib#367] Updated build_ep and update_env script permissions --- support/scripts/build_ep.sh | 0 support/scripts/update_env.sh | 0 2 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 support/scripts/build_ep.sh mode change 100644 => 100755 support/scripts/update_env.sh diff --git a/support/scripts/build_ep.sh b/support/scripts/build_ep.sh old mode 100644 new mode 100755 diff --git a/support/scripts/update_env.sh b/support/scripts/update_env.sh old mode 100644 new mode 100755 From e9b36c6f7ef4857e6100b9ce7565a69ac33a2b5b Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Mon, 16 Dec 2024 13:50:36 +0000 Subject: [PATCH 196/241] [nasa/cryptolib#367] Added UT to stop SA 0 while using SA 0 --- test/unit/ut_ep_sa_mgmt.c | 57 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 5497a077..6c2d82df 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -539,4 +539,61 @@ UTEST(EP_SA_MGMT, SA_EXPIRE_6) free(buffer_EXPIRE_b); } +UTEST(EP_SA_MGMT, SA_STOP_SELF) +{ + remove("sa_save_file.bin"); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_STOP_h = "2003001c00ff000000001880d0b6000a197f0b001e00020000938f21c4555555555555"; + + uint8_t *buffer_STOP_b = NULL; + int buffer_STOP_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Modify SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; + + // Modify SA 6 + sa_if->sa_get_from_spi(6, &test_association); + test_association->sa_state = SA_OPERATIONAL; + + // Convert frames that will be processed + hex_conversion(buffer_STOP_h, (char **)&buffer_STOP_b, &buffer_STOP_len); + + status = Crypto_TC_ProcessSecurity(buffer_STOP_b, &buffer_STOP_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + + free(buffer_STOP_b); +} + UTEST_MAIN(); \ No newline at end of file From 3a6a6f59313fce2f118dd83dcea41d5b655f5efc Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Mon, 16 Dec 2024 10:28:23 -0500 Subject: [PATCH 197/241] [nasa/cryptolib#365] Remove bool in favor of #defines --- src/core/crypto.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 6feda2e1..160fd498 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -21,7 +21,6 @@ */ #include "crypto.h" #include <string.h> -#include <stdbool.h> /* ** Static Library Declaration @@ -782,7 +781,12 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } // Validate correct SA for EPs - bool valid_ep_sa = (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX); + uint8_t valid_ep_sa = CRYPTO_TRUE; + if ((tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX)) + { + valid_ep_sa = CRYPTO_FALSE; + } + if (status == CRYPTO_LIB_SUCCESS) { if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) From 8e1d5469dc71cdc0a050c9e005756c90ea9eb3cb Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Mon, 16 Dec 2024 11:40:36 -0500 Subject: [PATCH 198/241] [nasa/cryptolib#365] Fix reversed boolean logic --- src/core/crypto.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 160fd498..0821a5e9 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -781,10 +781,10 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } // Validate correct SA for EPs - uint8_t valid_ep_sa = CRYPTO_TRUE; + uint8_t valid_ep_sa = CRYPTO_FALSE; if ((tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX)) { - valid_ep_sa = CRYPTO_FALSE; + valid_ep_sa = CRYPTO_TRUE; } if (status == CRYPTO_LIB_SUCCESS) @@ -796,7 +796,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin { #ifdef CRYPTO_EPROC // Check validity of SAs used for EP - if(valid_ep_sa) + if(valid_ep_sa == CRYPTO_TRUE) { #ifdef DEBUG printf(KGRN "Received SDLS command: " RESET); @@ -858,7 +858,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin { #ifdef CRYPTO_EPROC // Check validity of SAs used for EP - if(valid_ep_sa) + if(valid_ep_sa == CRYPTO_TRUE) { #ifdef DEBUG printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); @@ -892,10 +892,10 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } - else - { - // TODO - Process SDLS PDU with Packet Layer without PUS_HDR - } + else + { + // TODO - Process SDLS PDU with Packet Layer without PUS_HDR + } } return status; } // End Process SDLS PDU From 52a694d38b5b3f26f5295260addfc416d283b5c3 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Mon, 16 Dec 2024 11:51:06 -0500 Subject: [PATCH 199/241] [nasa/cryptolib#265] Believe this resolves the SDLS EP processing w or w/o PUS Header usage --- src/core/crypto.c | 102 ++++++++++++++++++++++------------------------ 1 file changed, 49 insertions(+), 53 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 0821a5e9..7149e23f 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -789,31 +789,31 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin if (status == CRYPTO_LIB_SUCCESS) { - if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + // Check for speciic App ID for EPs - the CryptoLib Apid in this case + if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) { - // Check for speciic App ID for EPs - the CryptoLib Apid in this case - if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) - { #ifdef CRYPTO_EPROC - // Check validity of SAs used for EP - if(valid_ep_sa == CRYPTO_TRUE) - { + // Check validity of SAs used for EP + if(valid_ep_sa == CRYPTO_TRUE) + { #ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); + printf(KGRN "Received SDLS command: " RESET); #endif - // CCSDS Header - sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; - sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; - sdls_frame.hdr.appID = - ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; - sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; - sdls_frame.hdr.pktid = - ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; - sdls_frame.hdr.pkt_length = - (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; - - // CCSDS PUS + // CCSDS Header + sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; + sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; + sdls_frame.hdr.appID = + ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; + sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; + sdls_frame.hdr.pktid = + ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; + sdls_frame.hdr.pkt_length = + (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + + if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + { + // If ECSS PUS Header is being used sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); @@ -821,38 +821,38 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); - - // SDLS TLV PDU - sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = - (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) - { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; - } - -#ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); -#endif - - // Determine type of PDU - status = Crypto_PDU(ingest, tc_sdls_processed_frame); } - // Received EP PDU on invalid SA - else + + // SDLS TLV PDU + sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) { - printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); - status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; } - #else // Received an EP command without EPs being built - valid_ep_sa = valid_ep_sa; // Suppress build error - status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; - #endif //CRYPTO_EPROC +#ifdef CCSDS_DEBUG + Crypto_ccsdsPrint(&sdls_frame); +#endif + + // Determine type of PDU + status = Crypto_PDU(ingest, tc_sdls_processed_frame); + } + // Received EP PDU on invalid SA + else + { + printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; } + + #else // Received an EP command without EPs being built + valid_ep_sa = valid_ep_sa; // Suppress build error + status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; + #endif //CRYPTO_EPROC } else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer { @@ -892,11 +892,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } - else - { - // TODO - Process SDLS PDU with Packet Layer without PUS_HDR - } - } + } return status; } // End Process SDLS PDU From 9ae5e135846b5bc4c500499406159855231bd31b Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Mon, 16 Dec 2024 11:56:43 -0500 Subject: [PATCH 200/241] [nasa/cryptolib#365] Minor typo --- src/core/crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 7149e23f..e0da4993 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -789,7 +789,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin if (status == CRYPTO_LIB_SUCCESS) { - // Check for speciic App ID for EPs - the CryptoLib Apid in this case + // Check for specific App ID for EPs - the CryptoLib Apid in this case if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) { #ifdef CRYPTO_EPROC From b935c5f73a92ec3059c5101211938c096cd19bb4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Mon, 16 Dec 2024 19:13:20 +0000 Subject: [PATCH 201/241] [nasa/cryptolib#367] Added checks to prevent modification of current SA --- include/sa_interface.h | 14 +- src/core/crypto.c | 14 +- .../internal/sa_interface_inmemory.template.c | 122 ++++++++++++++---- test/unit/ut_crypto.c | 14 +- test/unit/ut_ep_sa_mgmt.c | 2 +- 5 files changed, 119 insertions(+), 47 deletions(-) diff --git a/include/sa_interface.h b/include/sa_interface.h index 25f8b604..073b4e81 100644 --- a/include/sa_interface.h +++ b/include/sa_interface.h @@ -37,15 +37,15 @@ typedef struct int32_t (*sa_get_operational_sa_from_gvcid)(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t **); int32_t (*sa_save_sa)(SecurityAssociation_t *); // Security Association Utility Functions - int32_t (*sa_stop)(void); + int32_t (*sa_stop)(TC_t *tc_frame); int32_t (*sa_start)(TC_t *tc_frame); - int32_t (*sa_expire)(void); - int32_t (*sa_rekey)(void); + int32_t (*sa_expire)(TC_t *tc_frame); + int32_t (*sa_rekey)(TC_t *tc_frame); int32_t (*sa_status)(uint8_t *); - int32_t (*sa_create)(void); - int32_t (*sa_setARSN)(void); - int32_t (*sa_setARSNW)(void); - int32_t (*sa_delete)(void); + int32_t (*sa_create)(TC_t *tc_frame); + int32_t (*sa_setARSN)(TC_t *tc_frame); + int32_t (*sa_setARSNW)(TC_t *tc_frame); + int32_t (*sa_delete)(TC_t *tc_frame); } SaInterfaceStruct, *SaInterface; diff --git a/src/core/crypto.c b/src/core/crypto.c index a25d2da1..6ef0fa23 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -529,37 +529,37 @@ int32_t Crypto_SG_SA_MGMT(uint8_t *ingest, TC_t *tc_frame) #ifdef PDU_DEBUG printf(KGRN "SA Create\n" RESET); #endif - status = sa_if->sa_create(); + status = sa_if->sa_create(tc_frame); break; case PID_DELETE_SA: #ifdef PDU_DEBUG printf(KGRN "SA Delete\n" RESET); #endif - status = sa_if->sa_delete(); + status = sa_if->sa_delete(tc_frame); break; case PID_SET_ARSNW: #ifdef PDU_DEBUG printf(KGRN "SA setARSNW\n" RESET); #endif - status = sa_if->sa_setARSNW(); + status = sa_if->sa_setARSNW(tc_frame); break; case PID_REKEY_SA: #ifdef PDU_DEBUG printf(KGRN "SA Rekey\n" RESET); #endif - status = sa_if->sa_rekey(); + status = sa_if->sa_rekey(tc_frame); break; case PID_EXPIRE_SA: #ifdef PDU_DEBUG printf(KGRN "SA Expire\n" RESET); #endif - status = sa_if->sa_expire(); + status = sa_if->sa_expire(tc_frame); break; case PID_SET_ARSN: #ifdef PDU_DEBUG printf(KGRN "SA SetARSN\n" RESET); #endif - status = sa_if->sa_setARSN(); + status = sa_if->sa_setARSN(tc_frame); break; case PID_START_SA: #ifdef PDU_DEBUG @@ -571,7 +571,7 @@ int32_t Crypto_SG_SA_MGMT(uint8_t *ingest, TC_t *tc_frame) #ifdef PDU_DEBUG printf(KGRN "SA Stop\n" RESET); #endif - status = sa_if->sa_stop(); + status = sa_if->sa_stop(tc_frame); break; case PID_READ_ARSN: #ifdef PDU_DEBUG diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 0d59f13c..c97d98fe 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -25,15 +25,15 @@ static int32_t sa_get_from_spi(uint16_t, SecurityAssociation_t **); static int32_t sa_get_operational_sa_from_gvcid(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t **); static int32_t sa_save_sa(SecurityAssociation_t *sa); // Security Association Utility Functions -static int32_t sa_stop(void); +static int32_t sa_stop(TC_t *tc_frame); static int32_t sa_start(TC_t *tc_frame); -static int32_t sa_expire(void); -static int32_t sa_rekey(void); +static int32_t sa_expire(TC_t *tc_frame); +static int32_t sa_rekey(TC_t *tc_frame); static int32_t sa_status(uint8_t *); -static int32_t sa_create(void); -static int32_t sa_setARSN(void); -static int32_t sa_setARSNW(void); -static int32_t sa_delete(void); +static int32_t sa_create(TC_t *tc_frame); +static int32_t sa_setARSN(TC_t *tc_frame); +static int32_t sa_setARSNW(TC_t *tc_frame); +static int32_t sa_delete(TC_t *tc_frame); /* ** Global Variables @@ -1091,15 +1091,29 @@ static int32_t sa_start(TC_t *tc_frame) * @brief Function: sa_stop * @return int32: Success/Failure **/ -static int32_t sa_stop(void) +static int32_t sa_stop(TC_t *tc_frame) { // Local variables - uint16_t spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t spi = 0x0000; + uint16_t control_spi = 0x0000; int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; + control_spi = tc_frame->tc_sec_header.spi; + +#ifdef DEBUG + printf("control_spi = %d \n", spi); printf("spi = %d \n", spi); +#endif + + if (spi == control_spi) + { + printf(KRED "ERROR: Cannot modify SA in use\n" RESET); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + return status; + } // Check SPI exists and in 'Active' state if (spi < NUM_SA) @@ -1149,24 +1163,34 @@ static int32_t sa_stop(void) printf("\t spi = %d \n", spi); #endif - return CRYPTO_LIB_SUCCESS; + return status; } /** * @brief Function: sa_rekey * @return int32: Success/Failure **/ -static int32_t sa_rekey(void) +static int32_t sa_rekey(TC_t *tc_frame) { // Local variables - uint16_t spi = 0x0000; - int count = 0; - int x = 0; + uint16_t spi = 0x0000; + uint16_t control_spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; + int count = 0; + int x = 0; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[count] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[count + 1]; count = count + 2; + control_spi = tc_frame->tc_sec_header.spi; + if (spi == control_spi) + { + printf(KRED "ERROR: Cannot modify SA in use\n" RESET); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + return status; + } + // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) { @@ -1245,14 +1269,23 @@ static int32_t sa_rekey(void) * @brief Function: sa_expire * @return int32: Success/Failure **/ -static int32_t sa_expire(void) +static int32_t sa_expire(TC_t *tc_frame) { // Local variables - uint16_t spi = 0x0000; + uint16_t spi = 0x0000; + uint16_t control_spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; - printf("spi = %d \n", spi); + + control_spi = tc_frame->tc_sec_header.spi; + if (spi == control_spi) + { + printf(KRED "ERROR: Cannot modify SA in use\n" RESET); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + return status; + } // Check SPI exists and in 'Keyed' state if (spi < NUM_SA) @@ -1290,11 +1323,13 @@ static int32_t sa_expire(void) * @brief Function: sa_create * @return int32: Success/Failure **/ -static int32_t sa_create(void) +static int32_t sa_create(TC_t *tc_frame) { // Local variables uint8_t count = 6; uint16_t spi = 0x0000; + uint16_t control_spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; int x; // Read sdls_frame.pdu.data @@ -1303,6 +1338,14 @@ static int32_t sa_create(void) printf("spi = %d \n", spi); #endif + control_spi = tc_frame->tc_sec_header.spi; + if (spi == control_spi) + { + printf(KRED "ERROR: Cannot modify SA in use\n" RESET); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + return status; + } + // Check if valid SPI if (spi < NUM_SA) { @@ -1377,10 +1420,12 @@ static int32_t sa_create(void) * @brief Function: sa_delete * @return int32: Success/Failure **/ -static int32_t sa_delete(void) +static int32_t sa_delete(TC_t *tc_frame) { // Local variables uint16_t spi = 0x0000; + uint16_t control_spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; @@ -1388,6 +1433,14 @@ static int32_t sa_delete(void) printf("spi = %d \n", spi); #endif + control_spi = tc_frame->tc_sec_header.spi; + if (spi == control_spi) + { + printf(KRED "ERROR: Cannot modify SA in use\n" RESET); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + return status; + } + // Check SPI exists and in 'Unkeyed' state if (spi < NUM_SA) { @@ -1426,15 +1479,24 @@ static int32_t sa_delete(void) * @brief Function: sa_setASRN * @return int32: Success/Failure **/ -static int32_t sa_setARSN(void) +static int32_t sa_setARSN(TC_t *tc_frame) { // Local variables - uint16_t spi = 0x0000; + uint16_t spi = 0x0000; + uint16_t control_spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; int x; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; - printf("spi = %d \n", spi); + + control_spi = tc_frame->tc_sec_header.spi; + if (spi == control_spi) + { + printf(KRED "ERROR: Cannot modify SA in use\n" RESET); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + return status; + } // TODO: Check SA type (authenticated, encrypted, both) and set appropriately // TODO: Add more checks on bounds @@ -1485,10 +1547,12 @@ static int32_t sa_setARSN(void) * @brief Function: sa_setARSNW * @return int32: Success/Failure **/ -static int32_t sa_setARSNW(void) +static int32_t sa_setARSNW(TC_t *tc_frame) { // Local variables - uint16_t spi = 0x0000; + uint16_t spi = 0x0000; + uint16_t control_spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; @@ -1496,6 +1560,14 @@ static int32_t sa_setARSNW(void) printf("spi = %d \n", spi); #endif + control_spi = tc_frame->tc_sec_header.spi; + if (spi == control_spi) + { + printf(KRED "ERROR: Cannot modify SA in use\n" RESET); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + return status; + } + // Check SPI exists if (spi < NUM_SA) { diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 87b72600..35ad07ee 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -152,27 +152,27 @@ UTEST(CRYPTO_C, PDU_SWITCH) sdls_frame.pdu.hdr.sg = SG_SA_MGMT; sdls_frame.pdu.hdr.pid = PID_CREATE_SA; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI); sdls_frame.pdu.hdr.pid = PID_DELETE_SA; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI); sdls_frame.pdu.hdr.pid = PID_SET_ARSNW; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI); sdls_frame.pdu.hdr.pid = PID_REKEY_SA; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI); sdls_frame.pdu.hdr.pid = PID_EXPIRE_SA; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI); sdls_frame.pdu.hdr.pid = PID_SET_ARSN; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI); sdls_frame.pdu.hdr.pid = PID_START_SA; status = Crypto_PDU(ingest, &tc_frame); @@ -180,7 +180,7 @@ UTEST(CRYPTO_C, PDU_SWITCH) sdls_frame.pdu.hdr.pid = PID_STOP_SA; status = Crypto_PDU(ingest, &tc_frame); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + ASSERT_EQ(status, CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI); sdls_frame.pdu.hdr.pid = PID_READ_ARSN; status = Crypto_PDU(ingest, &tc_frame); diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 6c2d82df..4d009c4d 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -588,7 +588,7 @@ UTEST(EP_SA_MGMT, SA_STOP_SELF) hex_conversion(buffer_STOP_h, (char **)&buffer_STOP_b, &buffer_STOP_len); status = Crypto_TC_ProcessSecurity(buffer_STOP_b, &buffer_STOP_len, &tc_nist_processed_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + ASSERT_EQ(CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI, status); printf("\n"); Crypto_Shutdown(); From 6fe9516d8451443d3166c44a99608d26cb109ff0 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Mon, 16 Dec 2024 16:51:03 -0500 Subject: [PATCH 202/241] [nasa/cryptolib#365] WIP on SDLS EP test with no PUS header. no working atm --- src/core/crypto.c | 40 ++++++++++++++----- src/core/crypto_key_mgmt.c | 2 +- src/core/crypto_print.c | 24 ++++++++---- test/unit/ut_ep_key_mgmt.c | 78 ++++++++++++++++++++++++++++++++++++++ 4 files changed, 125 insertions(+), 19 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index e0da4993..333fbf1d 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -797,7 +797,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin if(valid_ep_sa == CRYPTO_TRUE) { #ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); + printf(KGRN "Received SDLS command w/ packet header:\n\t " RESET); #endif // CCSDS Header sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; @@ -821,20 +821,39 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); - } // SDLS TLV PDU - sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = - (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + printf(KRED "WHOMP WHOMP 1\n" RESET); + sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + } + } + // Not using PUS Header + else { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + // SDLS TLV PDU + printf(KRED "WHOMP WHOMP 2\n" RESET); + sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[6] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[6] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[7] << 8) | tc_sdls_processed_frame->tc_pdu[8]; + for (int x = 9; x < (9 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 9] = tc_sdls_processed_frame->tc_pdu[x]; + } } + + #ifdef CCSDS_DEBUG Crypto_ccsdsPrint(&sdls_frame); #endif @@ -865,6 +884,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU + printf(KRED "WHOMP WHOMP 3\n" RESET); sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 5d29af05..1a759cc6 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -224,7 +224,7 @@ int32_t Crypto_Key_update(uint8_t state) } #ifdef PDU_DEBUG - printf("Keys "); + printf("Key(s) "); #endif // Read in PDU for (x = 0; x < pdu_keys; x++) diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index 4fc5bb6e..ec78cc70 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -183,14 +183,22 @@ void Crypto_ccsdsPrint(CCSDS_t *sdls_frame) printf("\t\t seq = 0x%01x \n", sdls_frame->hdr.seq); printf("\t\t pktid = 0x%04x \n", sdls_frame->hdr.pktid); printf("\t\t pkt_length = 0x%04x \n", sdls_frame->hdr.pkt_length); - printf("\t PUS Header\n"); - printf("\t\t shf = 0x%01x \n", sdls_frame->pus.shf); - printf("\t\t pusv = 0x%01x \n", sdls_frame->pus.pusv); - printf("\t\t ack = 0x%01x \n", sdls_frame->pus.ack); - printf("\t\t st = 0x%02x \n", sdls_frame->pus.st); - printf("\t\t sst = 0x%02x \n", sdls_frame->pus.sst); - printf("\t\t sid = 0x%01x \n", sdls_frame->pus.sid); - printf("\t\t spare = 0x%01x \n", sdls_frame->pus.spare); + if(crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + { + printf("\t PUS Header\n"); + printf("\t\t shf = 0x%01x \n", sdls_frame->pus.shf); + printf("\t\t pusv = 0x%01x \n", sdls_frame->pus.pusv); + printf("\t\t ack = 0x%01x \n", sdls_frame->pus.ack); + printf("\t\t st = 0x%02x \n", sdls_frame->pus.st); + printf("\t\t sst = 0x%02x \n", sdls_frame->pus.sst); + printf("\t\t sid = 0x%01x \n", sdls_frame->pus.sid); + printf("\t\t spare = 0x%01x \n", sdls_frame->pus.spare); + } + else + { + printf("\t PUS Header\n"); + printf("\t\t Config not configured for PUS Header, not printing\n"); + } printf("\t PDU \n"); printf("\t\t type = 0x%01x \n", sdls_frame->pdu.hdr.type); printf("\t\t uf = 0x%01x \n", sdls_frame->pdu.hdr.uf); diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 0eaa113e..16d56f7a 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -636,4 +636,82 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) free(buffer_OTAR_b); } +UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS) +{ + remove("sa_save_file.bin"); + uint8_t *ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_NO_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d0390000030002008e1f6d21c4555555555555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + // test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(142); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; + + // Convert frames that will be processed + hex_conversion(buffer_DEACTIVATE_h, (char **)&buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_DEACTIVATE_b); +} + UTEST_MAIN(); \ No newline at end of file From 00c9d50cded420a792b7c79eed26622fc83dcdf1 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Tue, 17 Dec 2024 19:39:23 +0000 Subject: [PATCH 203/241] [nasa/cryptolib#357] Modify file permissions, sa_create now saves SA to array --- src/sa/internal/sa_interface_inmemory.template.c | 5 +++++ support/scripts/build_ep.sh | 0 support/scripts/update_env.sh | 0 3 files changed, 5 insertions(+) mode change 100644 => 100755 support/scripts/build_ep.sh mode change 100644 => 100755 support/scripts/update_env.sh diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 0f17bded..dbc17825 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1365,6 +1365,11 @@ static int32_t sa_create(void) // Verify data status = sa_verify_data(temp_sa); + if (status == CRYPTO_LIB_SUCCESS) + { + sa[spi] = *temp_sa; + } + #ifdef PDU_DEBUG Crypto_saPrint(&sa[spi]); #endif diff --git a/support/scripts/build_ep.sh b/support/scripts/build_ep.sh old mode 100644 new mode 100755 diff --git a/support/scripts/update_env.sh b/support/scripts/update_env.sh old mode 100644 new mode 100755 From cdeebfee476cc9ee7ea4a757ca2447d015a49e98 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Tue, 17 Dec 2024 20:05:33 +0000 Subject: [PATCH 204/241] [nasa/cryptolib#367] Wrap prints in ifdefs --- .../internal/sa_interface_inmemory.template.c | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index c97d98fe..9ff488b0 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1072,12 +1072,16 @@ static int32_t sa_start(TC_t *tc_frame) } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d is not in the KEYED state.\n" RESET, spi); +#endif } } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d does not exist.\n" RESET, spi); +#endif } #ifdef DEBUG @@ -1110,7 +1114,9 @@ static int32_t sa_stop(TC_t *tc_frame) if (spi == control_spi) { +#ifdef DEBUG printf(KRED "ERROR: Cannot modify SA in use\n" RESET); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; return status; } @@ -1151,12 +1157,16 @@ static int32_t sa_stop(TC_t *tc_frame) } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d is not in the OPERATIONAL state.\n" RESET, spi); +#endif } } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d does not exist.\n" RESET, spi); +#endif } #ifdef DEBUG @@ -1186,7 +1196,9 @@ static int32_t sa_rekey(TC_t *tc_frame) control_spi = tc_frame->tc_sec_header.spi; if (spi == control_spi) { +#ifdef DEBUG printf(KRED "ERROR: Cannot modify SA in use\n" RESET); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; return status; } @@ -1282,7 +1294,9 @@ static int32_t sa_expire(TC_t *tc_frame) control_spi = tc_frame->tc_sec_header.spi; if (spi == control_spi) { +#ifdef DEBUG printf(KRED "ERROR: Cannot modify SA in use\n" RESET); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; return status; } @@ -1308,12 +1322,16 @@ static int32_t sa_expire(TC_t *tc_frame) } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d is not in the KEYED state.\n" RESET, spi); +#endif } } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d does not exist.\n" RESET, spi); +#endif } return CRYPTO_LIB_SUCCESS; @@ -1341,7 +1359,9 @@ static int32_t sa_create(TC_t *tc_frame) control_spi = tc_frame->tc_sec_header.spi; if (spi == control_spi) { +#ifdef DEBUG printf(KRED "ERROR: Cannot modify SA in use\n" RESET); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; return status; } @@ -1436,7 +1456,9 @@ static int32_t sa_delete(TC_t *tc_frame) control_spi = tc_frame->tc_sec_header.spi; if (spi == control_spi) { +#ifdef DEBUG printf(KRED "ERROR: Cannot modify SA in use\n" RESET); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; return status; } @@ -1464,12 +1486,16 @@ static int32_t sa_delete(TC_t *tc_frame) } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d is not in the UNKEYED state.\n" RESET, spi); +#endif } } else { +#ifdef DEBUG printf(KRED "ERROR: SPI %d does not exist.\n" RESET, spi); +#endif } return CRYPTO_LIB_SUCCESS; @@ -1493,7 +1519,9 @@ static int32_t sa_setARSN(TC_t *tc_frame) control_spi = tc_frame->tc_sec_header.spi; if (spi == control_spi) { +#ifdef DEBUG printf(KRED "ERROR: Cannot modify SA in use\n" RESET); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; return status; } @@ -1563,7 +1591,9 @@ static int32_t sa_setARSNW(TC_t *tc_frame) control_spi = tc_frame->tc_sec_header.spi; if (spi == control_spi) { +#ifdef DEBUG printf(KRED "ERROR: Cannot modify SA in use\n" RESET); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; return status; } From 0a853547f3ca2f34757ea73ed051a3e0736c6a8e Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Tue, 17 Dec 2024 15:46:19 -0500 Subject: [PATCH 205/241] [nasa/cryptolib#365] Adjust UT for key deactivation, No PUS Header --- src/core/crypto.c | 2 +- test/unit/ut_ep_key_mgmt.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 333fbf1d..14a3de2d 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -811,6 +811,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.hdr.pkt_length = (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + // Using PUS Header if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { // If ECSS PUS Header is being used @@ -839,7 +840,6 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin else { // SDLS TLV PDU - printf(KRED "WHOMP WHOMP 2\n" RESET); sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[6] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[6] & 0x30) >> 4; diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 16d56f7a..7caa610f 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -662,7 +662,7 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS) // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d0390000030002008e1f6d21c4555555555555"; + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d039000a030002008e1f6d21c4555555555555"; uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; From b5e5c8ce313dbdd83c26289681a1d71b9d40c39b Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Tue, 17 Dec 2024 17:03:08 -0500 Subject: [PATCH 206/241] [nasa/cryptolib#365] Add UTs with and without PUS Header for EPs --- include/crypto_error.h | 3 +- src/core/crypto.c | 32 ++++++-- src/core/crypto_error.c | 3 +- test/unit/ut_ep_key_mgmt.c | 159 +++++++++++++++++++++++++++++++++++++ 4 files changed, 189 insertions(+), 8 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index de965747..d50b5150 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -134,8 +134,9 @@ #define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-61) #define CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI (-62) #define CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT (-63) +#define CRYPTO_LIB_ERR_BAD_TLV_LENGTH (-64) -#define CRYPTO_CORE_ERROR_CODES_MAX -63 +#define CRYPTO_CORE_ERROR_CODES_MAX -64 // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 diff --git a/src/core/crypto.c b/src/core/crypto.c index 14a3de2d..cd3b978a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -824,16 +824,26 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); // SDLS TLV PDU - printf(KRED "WHOMP WHOMP 1\n" RESET); sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + + // Subtract headers from total frame length + // uint16_t max_tlv = tc_sdls_processed_frame->tc_header.fl - CCSDS_HDR_SIZE - CCSDS_PUS_SIZE - SDLS_TLV_HDR_SIZE; + if (sdls_frame.hdr.pkt_length < TLV_DATA_SIZE) // && (sdls_frame.hdr.pkt_length < max_tlv)) + { + for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + } + } + else { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + status = CRYPTO_LIB_ERR_BAD_TLV_LENGTH; + return status; } } // Not using PUS Header @@ -846,9 +856,20 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[7] << 8) | tc_sdls_processed_frame->tc_pdu[8]; - for (int x = 9; x < (9 + sdls_frame.hdr.pkt_length); x++) + + // Make sure TLV isn't larger than we have allocated, and it is sane given total frame length + uint16_t max_tlv = tc_sdls_processed_frame->tc_header.fl - CCSDS_HDR_SIZE - SDLS_TLV_HDR_SIZE; + if ((sdls_frame.hdr.pkt_length < TLV_DATA_SIZE) && (sdls_frame.hdr.pkt_length < max_tlv)) + { + for (int x = 9; x < (9 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 9] = tc_sdls_processed_frame->tc_pdu[x]; + } + } + else { - sdls_frame.pdu.data[x - 9] = tc_sdls_processed_frame->tc_pdu[x]; + status = CRYPTO_LIB_ERR_BAD_TLV_LENGTH; + return status; } } @@ -884,7 +905,6 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU - printf(KRED "WHOMP WHOMP 3\n" RESET); sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index d6f1b4dd..570528ca 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -84,7 +84,8 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH", (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID", (char *)"CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI", - (char *)"CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT"}; + (char *)"CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT", + (char *)"CRYPTO_LIB_ERR_BAD_TLV_LENGTH"}; char *crypto_enum_errlist_config[] = { (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 7caa610f..fee64c54 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -714,4 +714,163 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS) free(buffer_DEACTIVATE_b); } +/* +** Tests for overrun of the TLV field which could cause a segmentation fault +*/ +UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS_BAD_TLV) +{ + remove("sa_save_file.bin"); + uint8_t *ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_NO_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d039FFFF030002008e1f6d21c4555555555555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(142); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; + + // Convert frames that will be processed + hex_conversion(buffer_DEACTIVATE_h, (char **)&buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_ERR_BAD_TLV_LENGTH, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_DEACTIVATE_b); +} + + +UTEST(EP_KEY_MGMT, DEACTIVATE_142_PUS_BAD_TLV) +{ + remove("sa_save_file.bin"); + uint8_t *ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d039FFFF197f0b00030002008e1f6d21c4555555555555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + // test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(142); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; + + // Convert frames that will be processed + hex_conversion(buffer_DEACTIVATE_h, (char **)&buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_ERR_BAD_TLV_LENGTH, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_DEACTIVATE_b); +} + UTEST_MAIN(); \ No newline at end of file From 4567ceeeff10cc51871a340dc145b6428a39109f Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" <David.C.Cutright@nasa.gov> Date: Wed, 18 Dec 2024 09:40:42 -0500 Subject: [PATCH 207/241] [nasa/cryptolib#365] Address a review comment, and update a code comment --- src/core/crypto.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index cd3b978a..9bdc2d0f 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -768,6 +768,10 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin * @param ingest: uint8_t* * @return int32: Success/Failure * @note TODO - Actually update based on variable config + * @note Allows EPs to be processed one of two ways. + * @note - 1) By using a packet layer with APID 0x1880 + * @note - 2) By using a defined Virtual Channel ID + * @note Requires this to happen on either SPI_MIN (0) or SPI_MAX (configurable) **/ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uint8_t *ingest) { @@ -885,7 +889,9 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Received EP PDU on invalid SA else { +#ifdef CCSDS_DEBUG printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; } @@ -894,13 +900,15 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } - else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer + + // If not a specific APID, check if using VCIDs for SDLS PDUs with no packet layer + else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) { #ifdef CRYPTO_EPROC // Check validity of SAs used for EP if(valid_ep_sa == CRYPTO_TRUE) { -#ifdef DEBUG +#ifdef CCSDS_DEBUG printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); #endif // No Packet HDR or PUS in these frames From a584c44c9ca90d6b91c530fea4ba38a3b5327792 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 18 Dec 2024 15:42:33 +0000 Subject: [PATCH 208/241] [nasa/cryptolib#367] Deep copy temp_sa to sa array --- .../internal/sa_interface_inmemory.template.c | 29 ++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index dbc17825..fc94eefe 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1367,7 +1367,34 @@ static int32_t sa_create(void) if (status == CRYPTO_LIB_SUCCESS) { - sa[spi] = *temp_sa; + // Copy data from temp_sa to sa[spi] + sa[spi].lpid = temp_sa->lpid; + sa[spi].est = temp_sa->est; + sa[spi].ast = temp_sa->ast; + sa[spi].shivf_len = temp_sa->shivf_len; + sa[spi].shsnf_len = temp_sa->shsnf_len; + sa[spi].shplf_len = temp_sa->shplf_len; + sa[spi].stmacf_len = temp_sa->stmacf_len; + sa[spi].ecs_len = temp_sa->ecs_len; + sa[spi].ecs = temp_sa->ecs; + for (x = 0; x < sa[spi].shivf_len; x++) + { + sa[spi].iv[x] = temp_sa->iv[x]; + } + sa[spi].acs = temp_sa->acs; + sa[spi].abm_len = temp_sa->abm_len; + for (x = 0; x < sa[spi].abm_len; x++) + { + sa[spi].abm[x] = temp_sa->abm[x]; + } + sa[spi].arsn_len = temp_sa->arsn_len; + for (x = 0; x < sa[spi].arsn_len; x++) + { + *(sa[spi].arsn + x) = *(temp_sa->arsn + x); + } + sa[spi].arsnw_len = temp_sa->arsnw_len; + sa[spi].arsnw = temp_sa->arsnw; + sa[spi].sa_state = temp_sa->sa_state; } #ifdef PDU_DEBUG From a1e2688c99fab05e404b0bf0ae89162d8108fc6b Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Wed, 18 Dec 2024 15:55:16 +0000 Subject: [PATCH 209/241] [nasa/cryptolib#367] Fix merge errors --- src/sa/internal/sa_interface_inmemory.template.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 7f370325..e2597763 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1351,7 +1351,6 @@ static int32_t sa_create(TC_t *tc_frame) uint8_t count = 6; uint16_t spi = 0x0000; uint16_t control_spi = 0x0000; - int32_t status = CRYPTO_LIB_SUCCESS; int x; // Read sdls_frame.pdu.data From 1ea35672ed52b17593a4128f7d8d2195cfc96803 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 19 Dec 2024 09:37:35 -0500 Subject: [PATCH 210/241] [nasa/nos3#352] Fix cross-compiling issue --- src/CMakeLists.txt | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 418e8e8d..1d6e0731 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -126,12 +126,24 @@ else() list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) endif() +if(NOT CMAKE_CROSSCOMPILING) + install(TARGETS cryptolib + RUNTIME_DEPENDENCIES + # Other dependencies here) +else() + install(TARGETS cryptolib) +endif() + # Create the app module if(DEFINED CFE_SYSTEM_PSPNAME) set(CMAKE_INSTALL_RPATH "./${INSTALL_SUBDIR}") add_cfe_app(crypto ${LIB_SRC_FILES}) target_include_directories(crypto PUBLIC ../include) - install(TARGETS crypto RUNTIME_DEPENDENCIES DESTINATION ${CMAKE_INSTALL_PREFIX}/${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR}) + if(NOT CMAKE_CROSSCOMPILING) + install(TARGETS crypto RUNTIME_DEPENDENCIES DESTINATION ${CMAKE_INSTALL_PREFIX}/${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR}) + else() + install(TARGETS crypto) + endif() else() # Standalone build add_library(crypto SHARED ${LIB_SRC_FILES}) From 19c5fef6e5e4f080d482fde889b14db8e0dcdb39 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 19 Dec 2024 09:40:09 -0500 Subject: [PATCH 211/241] [nasa/nos3#352] Fix cross-compiling issue --- src/CMakeLists.txt | 8 -------- 1 file changed, 8 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 1d6e0731..b0c62d97 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -126,14 +126,6 @@ else() list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) endif() -if(NOT CMAKE_CROSSCOMPILING) - install(TARGETS cryptolib - RUNTIME_DEPENDENCIES - # Other dependencies here) -else() - install(TARGETS cryptolib) -endif() - # Create the app module if(DEFINED CFE_SYSTEM_PSPNAME) set(CMAKE_INSTALL_RPATH "./${INSTALL_SUBDIR}") From 6590a23d9a78e74d9db4b27284ff74eca86867c1 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 19 Dec 2024 10:07:18 -0500 Subject: [PATCH 212/241] [nasa/nos3#352] Fix cross-compiling issue --- CMakeLists.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index dd454968..3c018653 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -171,6 +171,7 @@ endif() # Project Specifics # set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Werror -g -O0") +set(CMAKE_CROSSCOMPILING "FALSE") include_directories(include) add_subdirectory(src) From d5abd18839b4b6d245e30fe93f358f6c55b86f57 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 19 Dec 2024 10:16:14 -0500 Subject: [PATCH 213/241] [nasa/nos3#352] Fix cross-compiling issue --- include/crypto.h | 2 +- src/core/crypto.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 87e04d27..0b14f215 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -160,7 +160,7 @@ void Crypto_TC_Handle_Padding(uint32_t pkcs_padding, SecurityAssociation_t *s int32_t Crypto_TC_Set_IV(SecurityAssociation_t *sa_ptr, uint8_t *p_new_enc_frame, uint16_t *index); // OCF -uint32_t Crypto_Get_FSR(); +uint32_t Crypto_Get_FSR(void); void Crypto_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); // Telemetry (TM) diff --git a/src/core/crypto.c b/src/core/crypto.c index 613c02fc..9b12d6ff 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -644,8 +644,8 @@ int32_t Crypto_SEC_MON_CTRL(uint8_t *ingest) default: #ifdef PDU_DEBUG printf(KRED "Error: Crypto_PDU failed interpreting MC Procedure Identification Field! \n" RESET); - break; #endif + break; } return status; } @@ -1277,7 +1277,7 @@ void Crypto_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, Secu } } -uint32_t Crypto_Get_FSR() +uint32_t Crypto_Get_FSR(void) { uint32_t fsr; fsr = (report.cwt << 31) | // bit(s) 1 From 0b6fba8e395d9cb02625536bcb713364c0ce452d Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 19 Dec 2024 10:37:16 -0500 Subject: [PATCH 214/241] [nasa/nos3#352] Fix cross-compiling issue --- Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Makefile b/Makefile index 013a1d27..a9453554 100644 --- a/Makefile +++ b/Makefile @@ -33,3 +33,6 @@ kmc: wolf: ./support/scripts/wolf_docker_build.sh + +env: + ./support/scripts/update_env.sh From 4e67544eb4d53d02d1a0dab4374a15b3609ad3b4 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 19 Dec 2024 10:46:07 -0500 Subject: [PATCH 215/241] [nasa/nos3#352] Fix cross-compiling issue --- src/sa/internal/sa_interface_inmemory.template.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index e2597763..870ccee6 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -73,7 +73,7 @@ SaInterface get_sa_interface_inmemory(void) * @brief Function: sa_load_file * Loads saved sa_file **/ -int32_t sa_load_file() +int32_t sa_load_file(void) { FILE *sa_save_file; int32_t status = CRYPTO_LIB_SUCCESS; From 36aace4fb1d4e65085619c714b25eec9bbe36e19 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 19 Dec 2024 10:55:53 -0500 Subject: [PATCH 216/241] [nasa/nos3#352] Fix cross-compiling issue --- include/crypto.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/crypto.h b/include/crypto.h index 0b14f215..7721c9d9 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -176,6 +176,13 @@ extern int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest // Crypo Error Support Functions extern char *Crypto_Get_Error_Code_Enum_String(int32_t crypto_error_code); +/* +** Internal Prototypes +*/ + +int32_t Crypto_Get_Security_Header_Length(SecurityAssociation_t *sa_ptr); +int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t *sa_ptr); + /* ** Internal Prototypes */ From dc44c63916b119a4f947e6a1d205c2260438f00e Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 20 Dec 2024 12:18:15 +0000 Subject: [PATCH 217/241] [nasa/cryptolib#379] Updated dockerfile and image tags --- .github/workflows/build.yml | 8 ++++---- .github/workflows/codeql.yml | 10 +++++----- support/Dockerfile | 3 ++- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 11356dce..e2354c7a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 steps: - uses: actions/checkout@v4 - name: Update @@ -51,7 +51,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 steps: - uses: actions/checkout@v4 - name: Update @@ -151,7 +151,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 steps: - uses: actions/checkout@v4 - name: Update @@ -277,7 +277,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 steps: - uses: actions/checkout@v4 - name: Update diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4d11de2f..32dfcef6 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,7 +22,7 @@ jobs: name: Analyze Build_Internal runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 permissions: # required for all workflows security-events: write @@ -74,7 +74,7 @@ jobs: name: Analyze Build_Minimal runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 permissions: # required for all workflows security-events: write @@ -126,7 +126,7 @@ jobs: name: Analyze Build_Wolf runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 permissions: # required for all workflows security-events: write @@ -207,7 +207,7 @@ jobs: name: Analyze Build_RHEL runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 permissions: # required for all workflows security-events: write @@ -259,7 +259,7 @@ jobs: name: Analyze Build_EP runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20240814 + image: ivvitc/cryptolib:20241220 permissions: # required for all workflows security-events: write diff --git a/support/Dockerfile b/support/Dockerfile index 0d62587d..cc4937a2 100644 --- a/support/Dockerfile +++ b/support/Dockerfile @@ -57,7 +57,8 @@ RUN curl \ && tar -xjf /tmp/libgcrypt-${GCRYPT_VERSION}.tar.bz2 -C /tmp/ \ && cd /tmp/libgcrypt-${GCRYPT_VERSION} \ && ./configure \ - && make install + && make install \ + && ldconfig FROM cl1 AS cl2 ARG WOLFSSL_VERSION=5.6.0-stable From 5adda9772d8d3eb42856021b7dae50a4485a27b3 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 20 Dec 2024 12:29:39 +0000 Subject: [PATCH 218/241] [nasa/cryptolib#379] Update env.sh docker image tag --- support/scripts/env.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/support/scripts/env.sh b/support/scripts/env.sh index b469f37b..db95a3fa 100755 --- a/support/scripts/env.sh +++ b/support/scripts/env.sh @@ -10,4 +10,4 @@ export BASE_DIR=$(cd `dirname $SCRIPT_DIR`/.. && pwd) DFLAGS="docker run --rm -it -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro -u $(id -u $(stat -c '%U' $SCRIPT_DIR/env.sh)):$(getent group $(stat -c '%G' $SCRIPT_DIR/env.sh) | cut -d: -f3)" -DBOX="ivvitc/cryptolib:20240814" +DBOX="ivvitc/cryptolib:20241220" From 62b352aaa31ad47d964f7a79ccad6baa2fca225a Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 2 Jan 2025 20:52:45 +0000 Subject: [PATCH 219/241] [nasa/cryptolib#379] Updated to gcc-14 for MC/DC --- support/Dockerfile | 9 +++++++-- support/scripts/env.sh | 2 +- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/support/Dockerfile b/support/Dockerfile index cc4937a2..cd367349 100644 --- a/support/Dockerfile +++ b/support/Dockerfile @@ -17,19 +17,21 @@ # ARG WOLFSSL_VERSION=5.6.0-stable -FROM ubuntu:jammy-20240530 AS cl0 +FROM ubuntu:latest AS cl0 ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update -y \ && apt-get install -y \ autoconf \ automake \ + build-essential \ ca-certificates \ cmake \ curl \ gettext \ git \ gdb\ + gcc-14 \ lcov \ libcurl4-openssl-dev \ libmariadb-dev \ @@ -41,6 +43,9 @@ RUN apt-get update -y \ unzip \ && rm -rf /var/lib/apt/lists/* +RUN ldconfig \ + && update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-14 60 + FROM cl0 AS cl1 ARG GPG_ERROR_VERSION=1.50 ARG GCRYPT_VERSION=1.11.0 @@ -73,4 +78,4 @@ RUN curl \ && cmake -DWOLFSSL_AESCCM=yes -DWOLFSSL_AESSIV=yes -DWOLFSSL_CMAC=yes .. \ && cmake --build . \ && make install \ - && ldconfig + && ldconfig \ No newline at end of file diff --git a/support/scripts/env.sh b/support/scripts/env.sh index db95a3fa..8b9d1bd4 100755 --- a/support/scripts/env.sh +++ b/support/scripts/env.sh @@ -10,4 +10,4 @@ export BASE_DIR=$(cd `dirname $SCRIPT_DIR`/.. && pwd) DFLAGS="docker run --rm -it -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro -u $(id -u $(stat -c '%U' $SCRIPT_DIR/env.sh)):$(getent group $(stat -c '%G' $SCRIPT_DIR/env.sh) | cut -d: -f3)" -DBOX="ivvitc/cryptolib:20241220" +DBOX="ivvitc/cryptolib:20250102" From d1c3d18838cc590eb054e852d7d7ddf4f0db5a21 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 3 Jan 2025 17:07:49 +0000 Subject: [PATCH 220/241] [nasa/cryptolib#379] Updated CI image tags --- .github/workflows/build.yml | 8 ++++---- .github/workflows/codeql.yml | 10 +++++----- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e2354c7a..039a7553 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 steps: - uses: actions/checkout@v4 - name: Update @@ -51,7 +51,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 steps: - uses: actions/checkout@v4 - name: Update @@ -151,7 +151,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 steps: - uses: actions/checkout@v4 - name: Update @@ -277,7 +277,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 steps: - uses: actions/checkout@v4 - name: Update diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 32dfcef6..9f55900c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,7 +22,7 @@ jobs: name: Analyze Build_Internal runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 permissions: # required for all workflows security-events: write @@ -74,7 +74,7 @@ jobs: name: Analyze Build_Minimal runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 permissions: # required for all workflows security-events: write @@ -126,7 +126,7 @@ jobs: name: Analyze Build_Wolf runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 permissions: # required for all workflows security-events: write @@ -207,7 +207,7 @@ jobs: name: Analyze Build_RHEL runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 permissions: # required for all workflows security-events: write @@ -259,7 +259,7 @@ jobs: name: Analyze Build_EP runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250102 permissions: # required for all workflows security-events: write From 8d2b28aa2377bbbdcd806614b8f2c330261d9d1e Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 3 Jan 2025 17:09:21 +0000 Subject: [PATCH 221/241] [nasa/cryptolib#379] Set default gcov to gcov-14 --- support/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/support/Dockerfile b/support/Dockerfile index cd367349..c274d991 100644 --- a/support/Dockerfile +++ b/support/Dockerfile @@ -44,7 +44,8 @@ RUN apt-get update -y \ && rm -rf /var/lib/apt/lists/* RUN ldconfig \ - && update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-14 60 + && update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-14 60 \ + && update-alternatives --install /usr/bin/gcov gcov /usr/bin/gcov-14 60 FROM cl0 AS cl1 ARG GPG_ERROR_VERSION=1.50 From 57c5c4a7a960e57f7aa352737b280f5637be74f1 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 3 Jan 2025 17:13:20 +0000 Subject: [PATCH 222/241] [nasa/cryptolib#379] Remove libgcrypt pycryptodome install --- .github/workflows/build.yml | 97 ------------------------------------- 1 file changed, 97 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 039a7553..08790e71 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,25 +19,6 @@ jobs: run: apt-get update - name: Install Dependencies run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - - name: Install Python Libraries - run: pip install pycryptodome - - name: Install Libgcrypt - run: > - curl - -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 - -o /tmp/libgpg-error-1.50.tar.bz2 - && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ - && cd /tmp/libgpg-error-1.50 - && ./configure - && make install - && curl - -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 - -o /tmp/libgcrypt-1.11.0.tar.bz2 - && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ - && cd /tmp/libgcrypt-1.11.0 - && ./configure - && make install - && ldconfig # End Container Setup - name: Minimal Build Script @@ -58,25 +39,6 @@ jobs: run: apt-get update - name: Install Dependencies run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - - name: Install Python Libraries - run: pip install pycryptodome - - name: Install Libgcrypt - run: > - curl - -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 - -o /tmp/libgpg-error-1.50.tar.bz2 - && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ - && cd /tmp/libgpg-error-1.50 - && ./configure - && make install - && curl - -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 - -o /tmp/libgcrypt-1.11.0.tar.bz2 - && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ - && cd /tmp/libgcrypt-1.11.0 - && ./configure - && make install - && ldconfig # End Container Setup - name: Internal Build Script @@ -158,25 +120,6 @@ jobs: run: apt-get update - name: Install Dependencies run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool - - name: Install Python Libraries - run: pip install pycryptodome - - name: Install Libgcrypt - run: > - curl - -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 - -o /tmp/libgpg-error-1.50.tar.bz2 - && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ - && cd /tmp/libgpg-error-1.50 - && ./configure - && make install - && curl - -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 - -o /tmp/libgcrypt-1.11.0.tar.bz2 - && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ - && cd /tmp/libgcrypt-1.11.0 - && ./configure - && make install - && ldconfig - name: Clone WolfSSL run: git clone --depth 1 --branch v5.6.0-stable https://github.com/wolfSSL/wolfssl.git /tmp/wolfssl @@ -231,27 +174,6 @@ jobs: # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov - - name: install lcov - run: python3 -m pip install pycryptodome - - name: Install Libgcrypt - run: > - curl - -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 - -o /tmp/libgpg-error-1.50.tar.bz2 - && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ - && cd /tmp/libgpg-error-1.50 - && ./configure - && make install - && curl - -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 - -o /tmp/libgcrypt-1.11.0.tar.bz2 - && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ - && cd /tmp/libgcrypt-1.11.0 - && ./configure - && make install - && echo "export LD_LIBRARY_PATH=/usr/local/lib/:/usr/local/include:$LD_LIBRARY_PATH" >> ~/.bashrc - && source ~/.bashrc - && ldconfig # End Container Setup - name: RHEL Build Script @@ -284,25 +206,6 @@ jobs: run: apt-get update - name: Install Dependencies run: apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 - - name: Install Python Libraries - run: pip install pycryptodome - - name: Install Libgcrypt - run: > - curl - -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 - -o /tmp/libgpg-error-1.50.tar.bz2 - && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ - && cd /tmp/libgpg-error-1.50 - && ./configure - && make install - && curl - -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 - -o /tmp/libgcrypt-1.11.0.tar.bz2 - && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ - && cd /tmp/libgcrypt-1.11.0 - && ./configure - && make install - && ldconfig # End Container Setup - name: Internal Build Script From ff1b3ace6c495ab2d9fffd6304b929773d879f94 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 3 Jan 2025 17:22:51 +0000 Subject: [PATCH 223/241] [nasa/cryptolib#379] Revert docker tag to 20241220 --- .github/workflows/build.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 08790e71..8be8d330 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20250102 + image: ivvitc/cryptolib:20241220 steps: - uses: actions/checkout@v4 - name: Update @@ -32,7 +32,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20250102 + image: ivvitc/cryptolib:20241220 steps: - uses: actions/checkout@v4 - name: Update @@ -113,7 +113,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20250102 + image: ivvitc/cryptolib:20241220 steps: - uses: actions/checkout@v4 - name: Update @@ -199,7 +199,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20250102 + image: ivvitc/cryptolib:20241220 steps: - uses: actions/checkout@v4 - name: Update From d5ee1074dd5e63f144ccfad69d8249628a0961fc Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 3 Jan 2025 17:25:12 +0000 Subject: [PATCH 224/241] [nasa/cryptolib#379] Remove pycryptodome install from wolf build --- .github/workflows/codeql.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9f55900c..328629c3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -166,9 +166,6 @@ jobs: apt-get update apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool - - name: Install Python Libraries - run: pip install pycryptodome - - name: Update Dependencies run: > curl -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 -o /tmp/libgpg-error-1.50.tar.bz2 From 5ae5d1bcc026054ff2ffc12a131f64bd7df2ab56 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 3 Jan 2025 17:35:15 +0000 Subject: [PATCH 225/241] [nasa/cryptolib#379] Create bashrc on rhel build --- .github/workflows/build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8be8d330..a6631bb6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -174,6 +174,11 @@ jobs: # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov + - name: create bashrc + run: > + echo "export LD_LIBRARY_PATH=/usr/local/lib/:/usr/local/include:$LD_LIBRARY_PATH" >> ~/.bashrc + && source ~/.bashrc + && ldconfig # End Container Setup - name: RHEL Build Script From 9188a3e007b90452c6b439f6186f5606bfc6e798 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Fri, 3 Jan 2025 17:38:41 +0000 Subject: [PATCH 226/241] [nasa/cryptolib#379] Restore libgcrypt install on rhel build --- .github/workflows/build.yml | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a6631bb6..2ab516f9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -174,11 +174,25 @@ jobs: # Might want to trim this down, but these dependencies should work for KMC - name: install lcov run: yum install -y --enablerepo=epel lcov - - name: create bashrc + - name: Install Libgcrypt run: > - echo "export LD_LIBRARY_PATH=/usr/local/lib/:/usr/local/include:$LD_LIBRARY_PATH" >> ~/.bashrc - && source ~/.bashrc - && ldconfig + curl + -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 + -o /tmp/libgpg-error-1.50.tar.bz2 + && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ + && cd /tmp/libgpg-error-1.50 + && ./configure + && make install + && curl + -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 + -o /tmp/libgcrypt-1.11.0.tar.bz2 + && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ + && cd /tmp/libgcrypt-1.11.0 + && ./configure + && make install + && echo "export LD_LIBRARY_PATH=/usr/local/lib/:/usr/local/include:$LD_LIBRARY_PATH" >> ~/.bashrc + && source ~/.bashrc + && ldconfig # End Container Setup - name: RHEL Build Script From 4f22edf7c2d7b93a3397e6b066b950e6c8dea647 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Tue, 7 Jan 2025 15:23:09 +0000 Subject: [PATCH 227/241] [nasa/cryptolib#379] Hard-tagged ubuntu docker image --- support/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/support/Dockerfile b/support/Dockerfile index c274d991..ba9f7a9a 100644 --- a/support/Dockerfile +++ b/support/Dockerfile @@ -17,7 +17,7 @@ # ARG WOLFSSL_VERSION=5.6.0-stable -FROM ubuntu:latest AS cl0 +FROM ubuntu:noble-20241118.1 AS cl0 ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update -y \ From 46410da739acdc61e3010554a4499f2305977730 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Wed, 8 Jan 2025 15:44:37 -0500 Subject: [PATCH 228/241] [nasa/Cryptolib#382] Sphinx Documentation Refresh POC --- .github/workflows/build.yml | 8 +- Makefile | 4 + {doc => docs}/CryptoLib_Indv_CLA.pdf | Bin {doc => docs}/requirements.md | 0 docs/wiki/Environment_Building.md | 100 +++++++++++++++++++++ docs/wiki/Home.md | 39 ++++++++ docs/wiki/Makefile | 20 +++++ docs/wiki/Releases.md | 29 ++++++ docs/wiki/Testing_Validation.md | 127 +++++++++++++++++++++++++++ docs/wiki/Usage.md | 118 +++++++++++++++++++++++++ docs/wiki/_static/custom.css | 30 +++++++ docs/wiki/conf.py | 41 +++++++++ docs/wiki/index.rst | 19 ++++ docs/wiki/make.bat | 35 ++++++++ support/Dockerfile | 7 +- support/scripts/build_docs.sh | 15 ++++ support/scripts/env.sh | 2 +- 17 files changed, 588 insertions(+), 6 deletions(-) rename {doc => docs}/CryptoLib_Indv_CLA.pdf (100%) rename {doc => docs}/requirements.md (100%) create mode 100644 docs/wiki/Environment_Building.md create mode 100644 docs/wiki/Home.md create mode 100644 docs/wiki/Makefile create mode 100644 docs/wiki/Releases.md create mode 100644 docs/wiki/Testing_Validation.md create mode 100644 docs/wiki/Usage.md create mode 100644 docs/wiki/_static/custom.css create mode 100644 docs/wiki/conf.py create mode 100644 docs/wiki/index.rst create mode 100644 docs/wiki/make.bat create mode 100644 support/scripts/build_docs.sh diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2ab516f9..4da4f41d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250108 steps: - uses: actions/checkout@v4 - name: Update @@ -32,7 +32,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250108 steps: - uses: actions/checkout@v4 - name: Update @@ -113,7 +113,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250108 steps: - uses: actions/checkout@v4 - name: Update @@ -218,7 +218,7 @@ jobs: # Container Setup runs-on: ubuntu-latest container: - image: ivvitc/cryptolib:20241220 + image: ivvitc/cryptolib:20250108 steps: - uses: actions/checkout@v4 - name: Update diff --git a/Makefile b/Makefile index a9453554..99c9a687 100644 --- a/Makefile +++ b/Makefile @@ -21,10 +21,14 @@ all: clean: rm -rf ./build + rm -rf ./docs/wiki/_build debug: ./support/scripts/docker_debug.sh +docs: + ./support/scripts/build_docs.sh + internal: ./support/scripts/internal_docker_build.sh diff --git a/doc/CryptoLib_Indv_CLA.pdf b/docs/CryptoLib_Indv_CLA.pdf similarity index 100% rename from doc/CryptoLib_Indv_CLA.pdf rename to docs/CryptoLib_Indv_CLA.pdf diff --git a/doc/requirements.md b/docs/requirements.md similarity index 100% rename from doc/requirements.md rename to docs/requirements.md diff --git a/docs/wiki/Environment_Building.md b/docs/wiki/Environment_Building.md new file mode 100644 index 00000000..3e7585db --- /dev/null +++ b/docs/wiki/Environment_Building.md @@ -0,0 +1,100 @@ +# Environment + +Environment and dependency details may be found within `./support/Dockerfile`. If running via docker, dependencies will be installed automatically. + +If building locally, ensure all dependencies below are met. + + +*Note:* Theses dependencies are for the default internal build, other builds may vary. + +## Dependencies +### Running +| __Apt:__ | | +|-----------------|-----------------------| +| autoconf | automake | +| ca-certificates | cmake | +| curl | g++-multilib | +| gcc-multilib | gettext | +| git | gdb | +| lcov | libcurl4-openssl-dev | +| libmariadb-dev | libmariadb-dev-compat | +| libtool | unzip | +| make | python3-dev | +| python3-pip | | + +<br /> + +| __Web:__ | | +|--------------------|-----------------------| +| libgpg-error 1.50 | libgcrypt 1.11.0 | + +<br /> +<br /> + +### Testing +| __Pip3:__ | +|--------------| +| pycryptodome | + +<br /> +<br /> + +## Building +There are numerous configurations when building CryptoLib. References to necessary build flags can be found within `./support/scripts/`. For example to build the current internal build: + +> Clone the CryptoLib repo. Switch to the desired branch. Currently, integration efforts are occurring in the _main_ branch. +> * cd Cryptolib +> * cmake -DCODECOV=1 -DDEBUG=1 -DTEST=1 -DTEST_ENC=1 . +> * make +> * make test + +This will build the internal debug environment, with code coverage, testing, and encryption testing. + +*Other Build Configurations:* +> * KMC, Minimal, WolfSSL, and other configurations have convenience scripts which can be referenced within the `./support/scripts/` directory. + +*Code Coverage:* +With the DCODECOV Flag set, users may produce code coverage results similarly to the code below: +> * cmake -DMYSQL=1 -DENCTEST=1 -DDEBUG=1 -DCODECOV=1 ../ +> * make +> * make gcov + +This will produce local coverage reports in /build/coverage, with the HTML results within /build/coverage/results/index.html + +*Cleanup:* +> * make clean -- Cleans Build +> * make scrub -- Cleans Code Coverage + +The two flags (DEBUG and TEST_ENC) can be used simultaneously, or separately. + +*All Build Flags:* +> * CODECOV -- "Code Coverage" -- Default OFF +> * CRYPTO_LIBGCRYPT -- "Cryptography Module - Libgcrypt" -- Default ON +> * CRYPTO_KMC -- "Cryptography Module - KMC" -- Default OFF +> * CRYPTO_WOLFSSL -- "Cryptography Module - WolfSSL" -- Default OFF +> * CRYPTO_CUSTOM -- "Cryptography Module - CUSTOM" -- Default OFF +> * CRYPTO_CUSTOM_PATH -- "Cryptography Module - CUSTOM PATH" -- Default OFF +> * DEBUG -- "Debug" -- Default OFF +> * KEY_CUSTOM -- "Key Module - Custom"-- Default OFF +> * KEY_CUSTOM_PATH -- "Custom Key Path" -- Default OFF +> * KEY_INTERNAL -- "Key Module - Internal" -- Default ON +> * KEY_KMC -- "Key Module - KMC"-- Default OFF +> * MC_CUSTOM -- "Monitoring and Control - Custom" -- Default OFF +> * MC_CUSTOM_PATH -- "Custom Monitoring and Control path" -- Default OFF +> * MC_DISABLED -- "Monitoring and Control - Disabled" -- Default OFF +> * MC_INTERNAL -- "Monitoring and Control - Internal" -- Default ON +> * SA_CUSTOM -- "Security Association - Custom" -- Default OFF +> * SA_CUSTOM_PATH -- "Custom Security Association Path" -- Default OFF +> * SA_INTERNAL -- "Security Association - Internal" -- Default ON +> * SA_MARIADB -- "Security Association - MariaDB" -- Default OFF +> * SUPPORT -- "Support" -- Default OFF +> * SYSTEM_INSTALL -- "SystemInstall" -- Default OFF +> * TEST -- "Test" -- Default OFF +> * TEST_ENC -- "Tests - Encryption"-- Default OFF +> * SA_FILE -- "Save Security Association to File" -- Default OFF +> * KEY_VALIDATION -- "Validate existence of key duplication"-- Default OFF + +> * KMC_MDB_RH "KMC-MDB-RedHat-Integration-Testing" -- Default OFF +> * KMC_MDB_DB "KMC-MDB-Debian-Integration-Testing" -- Default OFF +> * KMC_CFFI_EXCLUDE "KMC-Exclude-Problematic-CFFI-Code" -- Default OFF + diff --git a/docs/wiki/Home.md b/docs/wiki/Home.md new file mode 100644 index 00000000..68154d4b --- /dev/null +++ b/docs/wiki/Home.md @@ -0,0 +1,39 @@ +![CryptoLib logo Final All orange](https://github.com/user-attachments/assets/acb15175-9ba5-44a5-ae86-c9615400fcb7) + +This documentation is designed to provide information on how to build, test, and utilize the CryptoLib library. + +# CryptoLib +CryptoLib provides a C-based software-only implementation of the CCSDS Space Data Link Security Protocol (SDLS), and SDLS Extended Procedures (SDLS-EP) to secure communications between a spacecraft flight software and ground station. Originally designed as a Core Flight System (cFS) spacecraft library, CryptoLib has expanded in scope to allow generic support for multiple space and ground implementations. At its core, CryptoLib can be configured to make use of multiple encryption libraries, including WolfSSL, LibGcrypt, and JPL's Key Management and Cryptography (KMC) encryption interfaces. + +Specific communications protocols that are supported include: +> * Telecommand (TC) +> * Telemetry (TM) +> * Advanced Orbiting Systems (AOS) + +CryptoLib includes a standalone module that allows for generic coupling with Ground Systems that lack SDLS support. + +## Documentation + +* [Environment and Building](Environment_Building.md) + +* [Releases](Releases.md) + +* [Testing and Validation](Testing_Validation.md) + +## Usage + +* [Usage](Usage.md) + +## References +### Bluebook References + +* [SDLS](https://public.ccsds.org/Pubs/355x0b1.pdf) + +* [SDLS-EP](https://public.ccsds.org/Pubs/355x1b1.pdf) + +* [CCSDS Cryptographic Algorithms](https://public.ccsds.org/Pubs/352x0b2.pdf) + +### Greenbook References + +* [The Application of Security to CCSDS Protocols](https://public.ccsds.org/Pubs/350x0g3.pdf) + diff --git a/docs/wiki/Makefile b/docs/wiki/Makefile new file mode 100644 index 00000000..d4bb2cbb --- /dev/null +++ b/docs/wiki/Makefile @@ -0,0 +1,20 @@ +# Minimal makefile for Sphinx documentation +# + +# You can set these variables from the command line, and also +# from the environment for the first two. +SPHINXOPTS ?= +SPHINXBUILD ?= sphinx-build +SOURCEDIR = . +BUILDDIR = _build + +# Put it first so that "make" without argument is like "make help". +help: + @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) + +.PHONY: help Makefile + +# Catch-all target: route all unknown targets to Sphinx using the new +# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). +%: Makefile + @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) diff --git a/docs/wiki/Releases.md b/docs/wiki/Releases.md new file mode 100644 index 00000000..8345ea1e --- /dev/null +++ b/docs/wiki/Releases.md @@ -0,0 +1,29 @@ +# Releases + +* [v1.3.1](https://github.com/nasa/CryptoLib/releases/tag/v1.3.1) + +* [v1.3.0](https://github.com/nasa/CryptoLib/releases/tag/v1.3.0) + +* [v1.2.3](https://github.com/nasa/CryptoLib/releases/tag/v1.2.3) + +* [v1.2.2](https://github.com/nasa/CryptoLib/releases/tag/v1.2.2) + +* [v1.2.1](https://github.com/nasa/CryptoLib/releases/tag/v1.2.1) + +* [v1.2.0](https://github.com/nasa/CryptoLib/releases/tag/v1.2.0) + +* [v1.1.1](https://github.com/nasa/CryptoLib/releases/tag/v1.1.1) + +* [v1.0.3](https://github.com/nasa/CryptoLib/releases/tag/v1.0.3) + +* [v1.0.2](https://github.com/nasa/CryptoLib/releases/tag/v1.0.2) + +* [v1.0.1](https://github.com/nasa/CryptoLib/releases/tag/v1.0.1) + +* [v1.0.0](https://github.com/nasa/CryptoLib/releases/tag/v1.0.0) + +* [v0.1.0](https://github.com/nasa/CryptoLib/releases/tag/v0.1-engineering-release) + + + + diff --git a/docs/wiki/Testing_Validation.md b/docs/wiki/Testing_Validation.md new file mode 100644 index 00000000..7e171514 --- /dev/null +++ b/docs/wiki/Testing_Validation.md @@ -0,0 +1,127 @@ +# Testing and Validation + +## Version History + +| Version # | Author | Revision Date | Peer Reviewer | Revision Reason | +| --------- | ------ | ------------- | ------------- | --------------- | +| Test Plan and Procedures 11/19/2021 | R. Brown, D. Cutright, S. Zemerick | 11/19/2021 | Justin Morris, John Lucas | Initial | +| 1.0 | R. Brown, D. Cutright, S. Zemerick | 12/02/2021 | Justin Morris, John Lucas | Scheduled Release | +| 1.0.2 | R. Brown, D. Cutright, S. Zemerick | 01/31/2022 | Justin Morris, John Lucas | Scheduled Release | +| 1.1.0 | R. Brown, D. Cutright, S. Zemerick | 03/11/2022 | Justin Morris, John Lucas | Scheduled Release | +| 1.1.1 | R. Brown, J. Lucas, S.Zemerick | 09/20/2022 | Justin Morris | Wiki Updates | +| 1.3.0 | R. Brown, D. Cutright | 12/13/2023 | J. Lucas | Scheduled Release | + +*** + + +## Reference Documentation + +| # | Document | Title | Description | +| - | -------- | ----- | ----------- | +| 1 | CryptoLib_FY22_Task_Plan_draft01.docx | CryptoLib Task Plan, Draft 01, 10/29/2021 | Task Plan developed by both ITC and JPL MGSS | +| 2 | 2021-11-05 CryptoLib Engineering Release Draft Docs Final.pdf | CryptoLib: 1st Engineering Release and API Draft Documentation 11/05/2021 | Engineering Release, API Documentation, and Task Plan Management Document | + + +*** + +## Introduction + +This Test Plan and Procedures document describes the CryptoLib V&V testing that will be performed by the NASA IV&V Independent Test Capability (ITC) Team. The ITC Team is collaborating with the JPL AMMOS team to provide a telecommand (TC) CCSDS SDLS encryption C library. This plan describes in detail the testing scope, testing methods, frameworks, and how the results will be managed and maintained. This plan is meant to serve as a “living” document and will be updated as the Test Plan changes and matures. + +This wiki document maintains and tracks the methods necessary to adequately test CryptoLib. The sections herein will be used to define an approach that will be used to fully test CryptoLib's functionality in different scenarios. These scenarios include but are not limited to, unit testing, validation testing, and system testing. + +*** + +## CryptoLib Introduction + +The CryptoLib library is a C library with public API functions that are meant to be called from a library user. For example, for TC encryption, the user provides an unencrypted transfer frame (TF) to the Crypto_TC_ApplySecurity() function and the function returns an encrypted TF for uplinking to the spacecraft. + +*** + +## Testing Strategy + +The Testing Strategy for each category is described below. Each category will utilize a combination of test strategies that can include: 1) Compatibility Testing, 2) Unit Testing, 3) Validation Testing, 4) System Testing, 5) Regression Testing, and 6) Static Code Analysis using [Klocwork](https://www.perforce.com/products/klocwork). + +*** + +## API Functionality + +The API functionality will primarily be tested through Unit Tests. Unit Tests are designed to test the inputs, outputs, and functionality of the API functions. Also, Unit Tests will be executed automatically on the github.com server and serve as first-check regression testing for new functionality. The Table below lists the API functions that are currently being Unit Tested. Please note that this is a current snapshot and Unit Tests are added often. + +Each of the unit tests are named in such a manner that what is being tested is mostly distinguishable by their naming convention. Tests can easily be listed by calling the specific unit testing application with the –lists-tests flag. These tests will be listed in set.name fashion. As can be seen above the current tests are being utilized to test nominal paths, and the functionality of TC_ApplySecurity when functions like CryptoInit are not called, or bad information is passed. They are also being utilized to test that encryption is being applied properly, and that libgcrypt is being utilized in a correct manner. + +*** + +## Compatibility Testing + +The codebase must be capable of building within the Ubuntu, and RedHat Operating Systems. + +The testing of CryptoLib within the Ubuntu operating system has all been automated through the use of GitHub’s Continuous Integration and Continuous Deployment (CI/CD) capabilities. When code is pushed to main branches, or pull requests are created, several containers are created that test various builds with differing flags used to enable different features within the software – some of which include debug builds, MySQL capabilities, and the ability to swap between LibGCrypt and KMC capabilities. Each of these automated containers verify the different types of builds and combination of builds, and in addition to this, verify that unit tests and validation tests properly execute and pass. Code coverage is also automatically performed to guarantee that all functionality has been properly tested within the codebase. +Redhat based tests will need to be run manually by a developer. A KMC-centric container is in development which will allow for automated RHEL testing, however this is currently a manual process. + +Pass or fail criteria is based on the ability of the codebase to be built within the respective operating systems (cmake / make), as well as the ability to run unit and validation tests (make test). The inability to do so will result in a failure of these scenarios. + +Testing begins upon the trigger of new code to a main branch of the CryptoLib repository, or upon a new pull request. Additionally, a new tag or release of the codebase will trigger Test Entry automatically for Ubuntu through the GitHub automated CI/CD, and manual efforts for the CentOS environment. + +Testing is not performed in an automated fashion within feature or bug branches within the project repository. This testing is done manually by developers prior to merging branches, or creating pull requests. Automated testing resumes during and after a branch’s merge. + +*** + +### Current Tests + +All Unit Testing, Performance Testing, and Validation testing files are stored in the following location: + +/util/src_util/ ut_*, pt_*, et_dt_* + +The results of tests are stored within the pipeline and noted on the front page of the repository when new functionality is added to the main or dev branches. + +*** + +## Encryption / Decryption / Validation Functionality +Standard AES-256 test vectors are being generated with predefined shared keys and known inputs to ensure that the functions Crypto_TC_ApplySecurity() and Crypto_TC_ProcessSecurity() correctly utilize the libgcrypt library. Known and existing plaintext/ciphertext test vectors will be utilized as inputs and outputs, and a comparison will be performed to verify that the Crypto_TC_ApplySecurity() function is encrypting as expectedn and that Crypto_TC_ProcessSecurity is decryping as expected. Please note that these tests are not designed to test the libgcrypt library, but instead, test ITC’s usage and configuration of the library. + +The NIST test cases are found at [https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/CAVP-TESTING-BLOCK-CIPHER-MODES](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/CAVP-TESTING-BLOCK-CIPHER-MODES). The general idea will be to make use of these vectors within a testing framework that utilizes the Crypto_TC_ApplySecurity and Crypto_TC_ProcessSecurity functions. The vector plain text will have an appended header and FECF trailer. The test frame vector will then be digested by these functions and the payload output compared to the cipher text. + +*** + +### Validation Tests + +Validation testing has been automated within the project’s GitHub repository for the Ubuntu Operating System (OS). Manual efforts are performed to verify testing within the RHEL environments. Tests are run when code is committed to the main branches of the repository, or upon merge/pull request to these branches. + +The tests should be verified as having been performed successfully within the Ubuntu, RHEL OSes. Manual tests need to be performed within RHEL when the code undergoes a release or tag. + +Tests pass if all subtests within a test set complete successfully with expected return values. The entire test scenario is considered a failure, should any subtest within any test set has failed to successfully complete. + +Tests are performed automatically when merges or commits are made to the main branches of the repository. These automated tests are only for the Ubuntu OS. Other operating system tests are performed manually when there is a tag or release of the codebase. + +All automated test results are maintained within the project repository. These are stored within the actions tab. Snapshots of the repository are archived when a release or tag is generated for the repository. + +Validation testing is not automatically performed within feature or bug branches of the repository. In order for this to be accomplished, changes to the workflow must be made within the branch to include it within the CI/CD Actions. Otherwise, these tests must be manually performed. All developers should perform due-diligence with running tests and verifying that they successfully pass before creating a pull-request, committing to a main repository, or when merging features or bug fixes. + +The validation tests make use of NIST vectors with known outputs to verify that TC_APPLYSECURITY and TC_PROCESSSECURITY generate the output that is expected via known output tests through the NIST standard, and referenced from the following page and document: [https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/CAVP-TESTING-BLOCK-CIPHER-MODES](https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/CAVP-TESTING-BLOCK-CIPHER-MODES). + +*** + +## System Testing + +| Item to Test | Test Description | +| ------------ | ---------------- | +| Ground to Spacecraft Communication | Ground -> CryptoLib -> TCP/UDP -> CryptoLib -> Spacecraft | +| Spacecraft to Ground Communication | Spacecraft -> CryptoLib -> TCP/UDP -> CryptoLib -> Ground | + +This testing approach would utilize two instances of CryptoLib. One side would make use of the library coupled with a ground station, and the second instance would make use of CryptoLib integrated within a spacecraft. The overall test would verify the communication successfully from one instance to the other (and the reverse) through the CryptoLib software. This testing would lay the groundwork for implementing the ability to swap out different SDLS implementations on spacecrafts and ground stations. + +The test would be performed on the Ubuntu OS within two instances. One instance being configured for ground station usage, and the second configured for the spacecraft and integrated with representative flight software. + +System testing is considered to have passed, if all subtests within test sets complete successfully and return expected values from one instance to the next. Any type of failure within any subtest or test set is considered a test failure. + +This testing will need to be manually performed upon each release or tag of the repository once the system testing has been fully implemented. + +Test for a specific release will be stored within a test results directory that will be archived within that tag or release within the GitHub repository. + +*** + +## CCSDS SDLS Standard + +CryptoLib, and its functions all assume valid frames are passed into the system. It is up to the user or calling program calling the API to verify and validate these frames as they are passed into the library. + diff --git a/docs/wiki/Usage.md b/docs/wiki/Usage.md new file mode 100644 index 00000000..bd0de4af --- /dev/null +++ b/docs/wiki/Usage.md @@ -0,0 +1,118 @@ +# Usage + +## Extended Procedures + +Extended Procedures is currently a work in progress, and is not considered mature enough for use in operations. + +To enable EP, utilize the -DCRYPTO_EPROC flag. + +## Apply/Process Functions + +### Crypto_TC_ApplySecurity + +int32 Crypto_TC_ApplySecurity(const uint8* p_in_frame, const uint16 in_frame_length, uint8 **pp_in_frame, uint16 *p_enc_frame_len) + +Performs various types of encryption on the passed input frame. This could be, Encryption only, Authentication only, and Authenticated Encryption. + +**Function inputs:** + > **_p_in_frame_**: Frame to be encrypted. Must match an expected format, and properly activated security association. Proper formatting includes valid transfer frame version number. Valid Spacecraft Id, Virtual Channel ID, Map ID, Command Control Flag, and an operational Security Association. + + > **_in_frame_length_**: The int16 length of p_in_frame. + + > **_pp_in_frame_**: pointer to pointer of a uint8 buffer where data will be stored once fully encrypted. + + > **_p_enc_frame_len_**: pointer to uint16 that will store the length of the pointed to pp_in_frame. + +**Function Return: Error / Success codes of functions:** + > All Error Codes and Status Codes can be found within the `include/crypto_error.h` header file. + + + +*** + + +### Crypto_TC_ProcessSecurity + +int32 Crypto_TC_ProcessSecurity(char* ingest, int* len_ingest, TC_t* tc_sdls_processed_frame) + +Loads the ingest frame into the global tc_frame while performing various types of decryption. This could be decryption only, authentication only, or authenticated decryption. + +**Function Inputs:** + > **_ingest_**: Pointer to a character array that holds the encrypted ingest frame. + + > **_len_ingest_**: Pointer to the integer that holds the length of the ingest frame. + + > **_tc_sdls_processed_frame_**: Pointer to the TC_t structure that holds the header, sec_header, pdu, pdu_len, and sec_trailer. Many of these structure types themselves that are used to break apart and give various specific information about the processed frame. + +**Function Return Values:** + > All Error Codes and Status Codes can be found within the `include/crypto_error.h` header file. + + +*** + +### Crypto_TM_ApplySecurity + +int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t uint8_t* pTfBuffer) + +Accepts a pointer to a plain-text telemetry frame, and performs the in-place encryption or authentication while populating SDLS fields as required. The specifics of encryption or authentication are determined by bits set within the frame header, which are then used to correlate the appropriate security association. + +**Function Inputs** + > **_pTfBuffer_**: Pointer to the transfer frame buffer which will be used for in-place encryption or authentication. + +**Function Return Values:** + > All Error Codes and Status Codes can be found within the `include/crypto_error.h` header file. + +*** + +### Crypto_TM_ProcessSecurity + +int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length) + +Performs various types of decryption on the passed input frame. This could be, Decryption only, Authentication only, and Authenticated Decryption. + +**Function inputs:** + > **_p_ingest_**: Frame to be decrypted. Must match an expected format, and have a properly activated security association. Proper formatting includes valid transfer frame version number, Spacecraft Id, Virtual Channel ID, and a Security Parameter Index (SPI) that is mapped to an operational Security Association. + + > **_len_ingest_**: The int16 length of p_ingest. + + > **_pp_processed_frame_**: pointer to pointer of a uint8 buffer where data will be stored once fully decrypted. + + > **_p_decrypted_length_**: pointer to uint16 that will store the length of the pointed to pp_processed_frame. + +**Function Return: Error / Success codes of functions:** + > All Error Codes and Status Codes can be found within the `include/crypto_error.h` header file. + +*** + +### Crypto_AOS_ApplySecurity + +int32_t Crypto_AOS_ApplySecurity(SecurityAssociation_t uint8_t* pTfBuffer) + +Accepts a pointer to a plain-text telemetry frame, and performs the in-place encryption or authentication while populating SDLS fields as required. The specifics of encryption or authentication are determined by bits set within the frame header, which are then used to correlate the appropriate security association. + +**Function Inputs** + > **_pTfBuffer_**: Pointer to the transfer frame buffer which will be used for in-place encryption or authentication. + +**Function Return Values:** + > All Error Codes and Status Codes can be found within the `include/crypto_error.h` header file. + +*** + +### Crypto_AOS_ProcessSecurity + +int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t* p_decrypted_length) + +Performs various types of decryption on the passed input frame. This could be, Decryption only, Authentication only, and Authenticated Decryption. + +**Function inputs:** + > **_p_ingest_**: Frame to be decrypted. Must match an expected format, and have a properly activated security association. Proper formatting includes valid transfer frame version number, Spacecraft Id, Virtual Channel ID, and a Security Parameter Index (SPI) that is mapped to an operational Security Association. + + > **_len_ingest_**: The int16 length of p_ingest. + + > **_pp_processed_frame_**: pointer to pointer of a uint8 buffer where data will be stored once fully decrypted. + + > **_p_decrypted_length_**: pointer to uint16 that will store the length of the pointed to pp_processed_frame. + +**Function Return: Error / Success codes of functions:** + > All Error Codes and Status Codes can be found within the `include/crypto_error.h` header file. + diff --git a/docs/wiki/_static/custom.css b/docs/wiki/_static/custom.css new file mode 100644 index 00000000..945617f1 --- /dev/null +++ b/docs/wiki/_static/custom.css @@ -0,0 +1,30 @@ +/* Center the content and give it a maximum width */ +body { + margin: 0; + padding: 0; +} + +.wy-nav-content, .content, .main-content { + max-width: 100%; /* Adjust this to reduce the width */ + margin: 10 auto; /* Center the content */ + padding: 30px; /* Add padding for better readability */ + box-sizing: border-box; /* Ensure padding doesn't affect width calculation */ +} + +/* Optional: Adjust background or border styles for aesthetics */ +body { + background-color: #FFFFFF; /* Light background color */ +} + +.wy-nav-content, .content, .main-content { + background-color: #FFFFFF; /* Content background color */ + border-radius: 8px; /* Rounded corners */ + box-shadow: 0px 4px 6px rgba(0, 0, 0, 0.1); /* Subtle shadow */ +} + +@media (max-width: 768px) { + .wy-nav-content, .content, .main-content { + max-width: 95%; + padding: 10px; + } +} diff --git a/docs/wiki/conf.py b/docs/wiki/conf.py new file mode 100644 index 00000000..1684b181 --- /dev/null +++ b/docs/wiki/conf.py @@ -0,0 +1,41 @@ +# Configuration file for the Sphinx documentation builder. +# +# For the full list of built-in configuration values, see the documentation: +# https://www.sphinx-doc.org/en/master/usage/configuration.html + +# -- Project information ----------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information + +project = 'CryptoLib' +copyright = '2025, NASA-JSTAR' +author = 'JSTAR' +release = '01/08/2025' + +# -- General configuration --------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration + +extensions = [ + 'myst_parser', +] + +source_suffix = { + '.rst': 'restructuredtext', + '.md': 'markdown', +} + +templates_path = ['_templates'] +exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store'] + +# -- Options for HTML output ------------------------------------------------- +# https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output + +html_theme = 'sphinx_rtd_theme' +html_theme_options = { + "collapse_navigation": False, + "navigation_depth": 4, + "titles_only": False, +} + +html_use_index = False +html_static_path = ['_static'] +html_css_files = ['custom.css'] diff --git a/docs/wiki/index.rst b/docs/wiki/index.rst new file mode 100644 index 00000000..ea93cd9f --- /dev/null +++ b/docs/wiki/index.rst @@ -0,0 +1,19 @@ +.. CryptoLib documentation master file, created by + sphinx-quickstart on Wed Jan 8 16:20:58 2025. + You can adapt this file completely to your liking, but it should at least + contain the root `toctree` directive. + +CryptoLib documentation +======================= + +.. toctree:: + :maxdepth: 4 + :caption: Contents: + + Home.md + Environment_Building.md + Usage.md + Testing_Validation.md + Releases.md + + diff --git a/docs/wiki/make.bat b/docs/wiki/make.bat new file mode 100644 index 00000000..954237b9 --- /dev/null +++ b/docs/wiki/make.bat @@ -0,0 +1,35 @@ +@ECHO OFF + +pushd %~dp0 + +REM Command file for Sphinx documentation + +if "%SPHINXBUILD%" == "" ( + set SPHINXBUILD=sphinx-build +) +set SOURCEDIR=. +set BUILDDIR=_build + +%SPHINXBUILD% >NUL 2>NUL +if errorlevel 9009 ( + echo. + echo.The 'sphinx-build' command was not found. Make sure you have Sphinx + echo.installed, then set the SPHINXBUILD environment variable to point + echo.to the full path of the 'sphinx-build' executable. Alternatively you + echo.may add the Sphinx directory to PATH. + echo. + echo.If you don't have Sphinx installed, grab it from + echo.https://www.sphinx-doc.org/ + exit /b 1 +) + +if "%1" == "" goto help + +%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O% +goto end + +:help +%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O% + +:end +popd diff --git a/support/Dockerfile b/support/Dockerfile index ba9f7a9a..899b248f 100644 --- a/support/Dockerfile +++ b/support/Dockerfile @@ -40,6 +40,9 @@ RUN apt-get update -y \ make \ python3-dev \ python3-pip \ + python3-sphinx \ + python3-sphinx-rtd-theme \ + python3-myst-parser \ unzip \ && rm -rf /var/lib/apt/lists/* @@ -79,4 +82,6 @@ RUN curl \ && cmake -DWOLFSSL_AESCCM=yes -DWOLFSSL_AESSIV=yes -DWOLFSSL_CMAC=yes .. \ && cmake --build . \ && make install \ - && ldconfig \ No newline at end of file + && ldconfig + + diff --git a/support/scripts/build_docs.sh b/support/scripts/build_docs.sh new file mode 100644 index 00000000..0e64e32d --- /dev/null +++ b/support/scripts/build_docs.sh @@ -0,0 +1,15 @@ +#!/bin/bash -i +# +# Convenience script for CryptoLib development +# +# ./build_docs.sh +# + +SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +source $SCRIPT_DIR/env.sh + +cd $BASE_DIR/docs/wiki > /dev/null 2>&1 +echo "Creating Documentation Wiki Pages" +sphinx-build -b html . _build +echo "" + diff --git a/support/scripts/env.sh b/support/scripts/env.sh index 8b9d1bd4..a5060712 100755 --- a/support/scripts/env.sh +++ b/support/scripts/env.sh @@ -10,4 +10,4 @@ export BASE_DIR=$(cd `dirname $SCRIPT_DIR`/.. && pwd) DFLAGS="docker run --rm -it -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro -u $(id -u $(stat -c '%U' $SCRIPT_DIR/env.sh)):$(getent group $(stat -c '%G' $SCRIPT_DIR/env.sh) | cut -d: -f3)" -DBOX="ivvitc/cryptolib:20250102" +DBOX="ivvitc/cryptolib:20250108" From c047e9f9481ed1ab65e3ab94c2886132fb6c060c Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Wed, 8 Jan 2025 16:06:01 -0500 Subject: [PATCH 229/241] [nasa/cryptolib#382] Update gcov commands. --- test/CMakeLists.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index fbf69484..154c7e74 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -200,8 +200,8 @@ if(${CODECOV}) # | grep -A 5 "Adder.cpp" > CoverageSummary.tmp #COMMAND cat CoverageSummary.tmp #COMMAND echo "-- Coverage files have been output to ${PROJECT_BINARY_DIR}/coverage" - COMMAND lcov -c --directory ${OBJECT_DIR} --output-file ${PROJECT_BINARY_DIR}/coverage/results.info - COMMAND genhtml ${PROJECT_BINARY_DIR}/coverage/results.info --output-directory ${PROJECT_BINARY_DIR}/coverage/results + #COMMAND lcov -c --directory ${OBJECT_DIR} --output-file ${PROJECT_BINARY_DIR}/coverage/results.info + #COMMAND genhtml ${PROJECT_BINARY_DIR}/coverage/results.info --output-directory ${PROJECT_BINARY_DIR}/coverage/results WORKING_DIRECTORY ${PROJECT_BINARY_DIR}/coverage ) add_dependencies(gcov ut_tc_apply) From 7545da6118891b9d7eb7f98384998f0fc081b335 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Wed, 8 Jan 2025 16:09:39 -0500 Subject: [PATCH 230/241] [nasa/cryptolib#382] Update gcov commands. --- test/CMakeLists.txt | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 154c7e74..0317d315 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -204,16 +204,16 @@ if(${CODECOV}) #COMMAND genhtml ${PROJECT_BINARY_DIR}/coverage/results.info --output-directory ${PROJECT_BINARY_DIR}/coverage/results WORKING_DIRECTORY ${PROJECT_BINARY_DIR}/coverage ) - add_dependencies(gcov ut_tc_apply) + #add_dependencies(gcov ut_tc_apply) # Make sure to clean up the coverage folder - set_property(DIRECTORY APPEND PROPERTY ADDITIONAL_MAKE_CLEAN_FILES coverage) + #set_property(DIRECTORY APPEND PROPERTY ADDITIONAL_MAKE_CLEAN_FILES coverage) # Create the gcov-clean target. This cleans the build as well as generated # .gcda and .gcno files. - add_custom_target(scrub - COMMAND ${CMAKE_MAKE_PROGRAM} clean - COMMAND rm -f ${OBJECT_DIR}/*.gcno - COMMAND rm -f ${OBJECT_DIR}/*.gcda - WORKING_DIRECTORY ${PROJECT_BINARY_DIR} - ) + #add_custom_target(scrub + #COMMAND ${CMAKE_MAKE_PROGRAM} clean + #COMMAND rm -f ${OBJECT_DIR}/*.gcno + #COMMAND rm -f ${OBJECT_DIR}/*.gcda + #WORKING_DIRECTORY ${PROJECT_BINARY_DIR} + #) endif(${CODECOV}) From a291c043d4755599b140baa5e35ec1d0e9198241 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Wed, 8 Jan 2025 16:25:48 -0500 Subject: [PATCH 231/241] [nasa/cryptolib#382] Update gcov commands. - Flags --- .github/workflows/build.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4da4f41d..1d71b6a7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,11 +43,13 @@ jobs: - name: Internal Build Script working-directory: ${{github.workspace}} - run: bash ${GITHUB_WORKSPACE}/support/scripts/build_internal.sh + run: | + export CFLAGS="-fprofile-arcs -ftest-coverage -fcondition-coverage -g" + bash ${GITHUB_WORKSPACE}/support/scripts/build_internal.sh - - name: Code-Coverage - working-directory: ${{github.workspace}} - run: make gcov + # - name: Code-Coverage + # working-directory: ${{github.workspace}} + # run: make gcov - name: Upload uses: codecov/codecov-action@v4 From 0b5a2723b82744c360eb78e2f6ce54787faf7906 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Wed, 8 Jan 2025 16:31:16 -0500 Subject: [PATCH 232/241] [nasa/Cryptolib#382] Update Code Coverage Build Workflow --- .github/workflows/build.yml | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1d71b6a7..e0b57f9d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -145,11 +145,13 @@ jobs: - name: Wolf Build Script working-directory: ${{github.workspace}} - run: bash ${GITHUB_WORKSPACE}/support/scripts/build_wolf.sh + run: | + export CFLAGS="-fprofile-arcs -ftest-coverage -fcondition-coverage -g" + bash ${GITHUB_WORKSPACE}/support/scripts/build_wolf.sh - - name: Code-Coverage - working-directory: ${{github.workspace}} - run: make gcov + # - name: Code-Coverage + # working-directory: ${{github.workspace}} + # run: make gcov - name: Upload uses: codecov/codecov-action@v4 @@ -199,11 +201,13 @@ jobs: - name: RHEL Build Script working-directory: ${{github.workspace}} - run: source ~/.bashrc && ${GITHUB_WORKSPACE}/support/scripts/build_rhel.sh + run: | + export CFLAGS="-fprofile-arcs -ftest-coverage -fcondition-coverage -g" + source ~/.bashrc && ${GITHUB_WORKSPACE}/support/scripts/build_rhel.sh - - name: Code-Coverage - working-directory: ${{github.workspace}} - run: source ~/.bashrc && make gcov + # - name: Code-Coverage + # working-directory: ${{github.workspace}} + # run: source ~/.bashrc && make gcov - name: Upload uses: codecov/codecov-action@v4 @@ -231,11 +235,13 @@ jobs: - name: Internal Build Script working-directory: ${{github.workspace}} - run: bash ${GITHUB_WORKSPACE}/support/scripts/build_ep.sh + run: | + export CFLAGS="-fprofile-arcs -ftest-coverage -fcondition-coverage -g" + bash ${GITHUB_WORKSPACE}/support/scripts/build_ep.sh - - name: Code-Coverage - working-directory: ${{github.workspace}} - run: make gcov + # - name: Code-Coverage + # working-directory: ${{github.workspace}} + # run: make gcov - name: Upload uses: codecov/codecov-action@v4 From 12b41176640af9a73f618e46ba9f7f1501282f17 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Wed, 8 Jan 2025 16:35:41 -0500 Subject: [PATCH 233/241] [nasa/cryptolib#382] Update gcov commands. - Revert RHEL --- .github/workflows/build.yml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e0b57f9d..0f483b51 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -201,13 +201,11 @@ jobs: - name: RHEL Build Script working-directory: ${{github.workspace}} - run: | - export CFLAGS="-fprofile-arcs -ftest-coverage -fcondition-coverage -g" - source ~/.bashrc && ${GITHUB_WORKSPACE}/support/scripts/build_rhel.sh + run: source ~/.bashrc && ${GITHUB_WORKSPACE}/support/scripts/build_rhel.sh - # - name: Code-Coverage - # working-directory: ${{github.workspace}} - # run: source ~/.bashrc && make gcov + - name: Code-Coverage + working-directory: ${{github.workspace}} + run: source ~/.bashrc && make gcov - name: Upload uses: codecov/codecov-action@v4 From e23a6e5aa292b8367046da73aa921a20b811371b Mon Sep 17 00:00:00 2001 From: "Lucas, John P." <John.P.Lucas@nasa.gov> Date: Thu, 9 Jan 2025 21:43:40 -0500 Subject: [PATCH 234/241] [nasa/nos3#352] Updates to build in NOS3 RC 1.7.2; --- CMakeLists.txt | 1 - src/CMakeLists.txt | 7 +------ 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 3c018653..dd454968 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -171,7 +171,6 @@ endif() # Project Specifics # set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Werror -g -O0") -set(CMAKE_CROSSCOMPILING "FALSE") include_directories(include) add_subdirectory(src) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index b0c62d97..004fe41c 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -128,14 +128,9 @@ endif() # Create the app module if(DEFINED CFE_SYSTEM_PSPNAME) - set(CMAKE_INSTALL_RPATH "./${INSTALL_SUBDIR}") + set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/cpu${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR}") add_cfe_app(crypto ${LIB_SRC_FILES}) target_include_directories(crypto PUBLIC ../include) - if(NOT CMAKE_CROSSCOMPILING) - install(TARGETS crypto RUNTIME_DEPENDENCIES DESTINATION ${CMAKE_INSTALL_PREFIX}/${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR}) - else() - install(TARGETS crypto) - endif() else() # Standalone build add_library(crypto SHARED ${LIB_SRC_FILES}) From d6d066a16f1a623260f60aabf6ec15bebe2dd147 Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Fri, 10 Jan 2025 12:03:45 -0500 Subject: [PATCH 235/241] [nasa/cryptolib#382] Documentation Updates --- docs/wiki/Environment_Building.md | 13 +++++++------ docs/wiki/Testing_Validation.md | 2 +- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/docs/wiki/Environment_Building.md b/docs/wiki/Environment_Building.md index 3e7585db..72478fa1 100644 --- a/docs/wiki/Environment_Building.md +++ b/docs/wiki/Environment_Building.md @@ -20,7 +20,7 @@ If building locally, ensure all dependencies below are met. | libmariadb-dev | libmariadb-dev-compat | | libtool | unzip | | make | python3-dev | -| python3-pip | | +| python3-pip | build-essential | <br /> @@ -31,10 +31,11 @@ If building locally, ensure all dependencies below are met. <br /> <br /> -### Testing -| __Pip3:__ | -|--------------| -| pycryptodome | +### Documentation +| __Apt:__ | | +|---------------------|--------------------------| +| python3-sphinx | python3-sphinx-rtd-theme | +| python3-myst-parser | <br /> <br /> @@ -90,7 +91,6 @@ The two flags (DEBUG and TEST_ENC) can be used simultaneously, or separately. > * SUPPORT -- "Support" -- Default OFF > * SYSTEM_INSTALL -- "SystemInstall" -- Default OFF > * TEST -- "Test" -- Default OFF -> * TEST_ENC -- "Tests - Encryption"-- Default OFF > * SA_FILE -- "Save Security Association to File" -- Default OFF > * KEY_VALIDATION -- "Validate existence of key duplication"-- Default OFF @@ -98,3 +98,4 @@ The two flags (DEBUG and TEST_ENC) can be used simultaneously, or separately. > * KMC_MDB_DB "KMC-MDB-Debian-Integration-Testing" -- Default OFF > * KMC_CFFI_EXCLUDE "KMC-Exclude-Problematic-CFFI-Code" -- Default OFF +> * CRYPTO_EPROC "Enables building of Extended Procedures -- Default OFF (CURRENTLY A WIP - Not ready for Operations) \ No newline at end of file diff --git a/docs/wiki/Testing_Validation.md b/docs/wiki/Testing_Validation.md index 7e171514..2cc66418 100644 --- a/docs/wiki/Testing_Validation.md +++ b/docs/wiki/Testing_Validation.md @@ -10,7 +10,7 @@ | 1.1.0 | R. Brown, D. Cutright, S. Zemerick | 03/11/2022 | Justin Morris, John Lucas | Scheduled Release | | 1.1.1 | R. Brown, J. Lucas, S.Zemerick | 09/20/2022 | Justin Morris | Wiki Updates | | 1.3.0 | R. Brown, D. Cutright | 12/13/2023 | J. Lucas | Scheduled Release | - +| 1.3.1 | R.Brown | 01/10/2024 | J. Lucas | Scheduled Documentation Refresh | *** From 6a4248fb2a8bd24fd1ab52b7a2379a990f00a1fb Mon Sep 17 00:00:00 2001 From: "NDC\\rjbrown6" <Robert.J.Brown@nasa.gov> Date: Fri, 10 Jan 2025 12:26:57 -0500 Subject: [PATCH 236/241] [nasa/Cryptolib#382] Updates to gitignore. Push Documentation build into docker container. --- .gitignore | 3 +++ Makefile | 2 +- support/scripts/documentation_build.sh | 14 ++++++++++++++ 3 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 support/scripts/documentation_build.sh diff --git a/.gitignore b/.gitignore index ca2c700e..8885a61a 100644 --- a/.gitignore +++ b/.gitignore @@ -30,3 +30,6 @@ test/cmake_install.cmake test/CTestTestfile.cmake test/CMakeFiles/* Testing/Temporary/* +docs/wiki/_build +docs/wiki/_templates + diff --git a/Makefile b/Makefile index 99c9a687..d9d54a09 100644 --- a/Makefile +++ b/Makefile @@ -27,7 +27,7 @@ debug: ./support/scripts/docker_debug.sh docs: - ./support/scripts/build_docs.sh + ./support/scripts/documentation_build.sh internal: ./support/scripts/internal_docker_build.sh diff --git a/support/scripts/documentation_build.sh b/support/scripts/documentation_build.sh new file mode 100644 index 00000000..057882b6 --- /dev/null +++ b/support/scripts/documentation_build.sh @@ -0,0 +1,14 @@ +#!/bin/bash -i +# +# Convenience script for CryptoLib development +# +# ./documentation_build.sh +# + +SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +source $SCRIPT_DIR/env.sh + +echo "Building Sphinx Documentation..." +$DFLAGS -v $BASE_DIR:$BASE_DIR -w $BASE_DIR/docs/wiki $DBOX bash -c \ + "../../support/scripts/build_docs.sh" +echo "" From bd6edc7c922c3b39d26b907156e1db0594b34f33 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Mon, 13 Jan 2025 20:51:17 +0000 Subject: [PATCH 237/241] [nasa/cryptolib#373] Formatted Code --- include/crypto_config.h | 2 +- include/crypto_error.h | 1 - src/core/crypto.c | 70 +++---- src/core/crypto_aos.c | 1 - src/core/crypto_key_mgmt.c | 94 ++++----- src/core/crypto_mc.c | 32 ++-- src/core/crypto_print.c | 2 +- src/core/crypto_tc.c | 22 +-- .../internal/sa_interface_inmemory.template.c | 52 ++--- test/unit/ut_aos_apply.c | 113 ++++++----- test/unit/ut_aos_process.c | 58 +++--- test/unit/ut_crypto.c | 25 ++- test/unit/ut_ep_key_mgmt.c | 44 ++--- test/unit/ut_ep_mc.c | 98 +++++----- test/unit/ut_ep_sa_mgmt.c | 148 +++++++------- test/unit/ut_tc_apply.c | 14 +- test/unit/ut_tc_process.c | 50 ++--- test/unit/ut_tm_apply.c | 161 ++++++++-------- test/unit/ut_tm_process.c | 180 +++++++++--------- 19 files changed, 586 insertions(+), 581 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 78112d9d..6d597282 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -109,7 +109,7 @@ // Generic Defines #define NUM_SA 64 -#define SPI_LEN 2 /* bytes */ +#define SPI_LEN 2 /* bytes */ #define SPI_MIN 0 #define SPI_MAX NUM_SA - 1 #define KEY_SIZE 512 /* bytes */ diff --git a/include/crypto_error.h b/include/crypto_error.h index 01a7111c..5f9c51d8 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -143,7 +143,6 @@ #define CRYPTO_CORE_ERROR_CODES_MAX -69 - // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 #define CAM_ERROR_CODES_MAX 610 diff --git a/src/core/crypto.c b/src/core/crypto.c index 9b12d6ff..1799322a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -761,7 +761,6 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin return status; } - /** * @brief Function: Crypto_Process_Extended_Procedure_Pdu * @param tc_sdls_processed_frame: TC_t* @@ -776,7 +775,7 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uint8_t *ingest) { int32_t status = CRYPTO_LIB_SUCCESS; - ingest = ingest; // Suppress unused variable error depending on build + ingest = ingest; // Suppress unused variable error depending on build // Check for null pointers if (tc_sdls_processed_frame == NULL) @@ -786,7 +785,8 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Validate correct SA for EPs uint8_t valid_ep_sa = CRYPTO_FALSE; - if ((tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX)) + if ((tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || + (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX)) { valid_ep_sa = CRYPTO_TRUE; } @@ -798,7 +798,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin { #ifdef CRYPTO_EPROC // Check validity of SAs used for EP - if(valid_ep_sa == CRYPTO_TRUE) + if (valid_ep_sa == CRYPTO_TRUE) { #ifdef DEBUG printf(KGRN "Received SDLS command w/ packet header:\n\t " RESET); @@ -817,8 +817,8 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Using PUS Header if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) - { - // If ECSS PUS Header is being used + { + // If ECSS PUS Header is being used sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); @@ -827,7 +827,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); - // SDLS TLV PDU + // SDLS TLV PDU sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; @@ -836,7 +836,8 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; // Subtract headers from total frame length - // uint16_t max_tlv = tc_sdls_processed_frame->tc_header.fl - CCSDS_HDR_SIZE - CCSDS_PUS_SIZE - SDLS_TLV_HDR_SIZE; + // uint16_t max_tlv = tc_sdls_processed_frame->tc_header.fl - CCSDS_HDR_SIZE - CCSDS_PUS_SIZE - + // SDLS_TLV_HDR_SIZE; if (sdls_frame.hdr.pkt_length < TLV_DATA_SIZE) // && (sdls_frame.hdr.pkt_length < max_tlv)) { for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) @@ -853,14 +854,14 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Not using PUS Header else { - // SDLS TLV PDU + // SDLS TLV PDU sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[6] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[6] & 0x30) >> 4; sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[7] << 8) | tc_sdls_processed_frame->tc_pdu[8]; - + // Make sure TLV isn't larger than we have allocated, and it is sane given total frame length uint16_t max_tlv = tc_sdls_processed_frame->tc_header.fl - CCSDS_HDR_SIZE - SDLS_TLV_HDR_SIZE; if ((sdls_frame.hdr.pkt_length < TLV_DATA_SIZE) && (sdls_frame.hdr.pkt_length < max_tlv)) @@ -877,51 +878,51 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } } - - #ifdef CCSDS_DEBUG Crypto_ccsdsPrint(&sdls_frame); #endif - - // Determine type of PDU - status = Crypto_PDU(ingest, tc_sdls_processed_frame); + + // Determine type of PDU + status = Crypto_PDU(ingest, tc_sdls_processed_frame); } // Received EP PDU on invalid SA else { #ifdef CCSDS_DEBUG - printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); + printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, + tc_sdls_processed_frame->tc_sec_header.spi); #endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; } - #else // Received an EP command without EPs being built +#else // Received an EP command without EPs being built valid_ep_sa = valid_ep_sa; // Suppress build error - status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; - #endif //CRYPTO_EPROC + status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; +#endif // CRYPTO_EPROC } // If not a specific APID, check if using VCIDs for SDLS PDUs with no packet layer - else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) + else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) { - #ifdef CRYPTO_EPROC +#ifdef CRYPTO_EPROC // Check validity of SAs used for EP - if(valid_ep_sa == CRYPTO_TRUE) - { + if (valid_ep_sa == CRYPTO_TRUE) + { #ifdef CCSDS_DEBUG printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; for (int x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) { - // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely - // fails. Must consider Uplink Sessions (sequence numbers). + // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most + // likely fails. Must consider Uplink Sessions (sequence numbers). sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; } @@ -932,13 +933,13 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); } - #else // Received an EP command without EPs being built +#else // Received an EP command without EPs being built #ifdef CCSDS_DEBUG printf(KRED "PDU DEBUG %s %d\n" RESET, __FILE__, __LINE__); #endif valid_ep_sa = valid_ep_sa; // Suppress build error - status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; - #endif //CRYPTO_EPROC + status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; +#endif // CRYPTO_EPROC } } return status; @@ -1255,7 +1256,8 @@ int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t *sa_ptr) void Crypto_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) { - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF || current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF || + current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { Telemetry_Frame_Ocf_Fsr_t temp_report; byte_idx += (pdu_len + sa_ptr->stmacf_len); diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index 62ef7f3b..d9aead6b 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -1214,7 +1214,6 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 crypto_key_t *ekp = NULL; crypto_key_t *akp = NULL; - if (sa_ptr->est == 1) { ekp = key_if->get_key(sa_ptr->ekid); diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 1a759cc6..73693fe4 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -45,7 +45,8 @@ int32_t Crypto_Key_OTAR(void) int y; int32_t status = CRYPTO_LIB_SUCCESS; // uint16_t pdu_len = (uint16_t) sdls_frame.pdu.hdr.pdu_len[1] << 8 | sdls_frame.pdu.hdr.pdu_len[0]; - int pdu_keys = (sdls_frame.pdu.hdr.pdu_len - SDLS_KEYID_LEN - SDLS_IV_LEN - MAC_SIZE) / (SDLS_KEYID_LEN + SDLS_KEY_LEN); + int pdu_keys = + (sdls_frame.pdu.hdr.pdu_len - SDLS_KEYID_LEN - SDLS_IV_LEN - MAC_SIZE) / (SDLS_KEYID_LEN + SDLS_KEY_LEN); int w; crypto_key_t *ekp = NULL; @@ -101,31 +102,32 @@ int32_t Crypto_Key_OTAR(void) } // Check key state - if(ekp->key_state != KEY_ACTIVE) + if (ekp->key_state != KEY_ACTIVE) { return CRYPTO_LIB_ERR_KEY_STATE_INVALID; } uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; // Per SDLS baseline - status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output - (size_t)(pdu_keys * (SDLS_KEYID_LEN + SDLS_KEY_LEN)), // length of data - NULL, // in place decryption - 0, // in data length - &(ekp->value[0]), // key - ekp->key_len, // key length - NULL, // SA reference - &(packet.iv[0]), // IV - SDLS_IV_LEN, // IV length - &(packet.mac[0]), // tag input - MAC_SIZE, // tag size - NULL, // AAD - 0, // AAD Length - CRYPTO_TRUE, // decrypt - CRYPTO_TRUE, // authenticate - CRYPTO_FALSE, // AAD Bool - &ecs, // encryption cipher - NULL, // authentication cipher - NULL // cam_cookies + status = cryptography_if->cryptography_aead_decrypt( + &(sdls_frame.pdu.data[14]), // plaintext output + (size_t)(pdu_keys * (SDLS_KEYID_LEN + SDLS_KEY_LEN)), // length of data + NULL, // in place decryption + 0, // in data length + &(ekp->value[0]), // key + ekp->key_len, // key length + NULL, // SA reference + &(packet.iv[0]), // IV + SDLS_IV_LEN, // IV length + &(packet.mac[0]), // tag input + MAC_SIZE, // tag size + NULL, // AAD + 0, // AAD Length + CRYPTO_TRUE, // decrypt + CRYPTO_TRUE, // authenticate + CRYPTO_FALSE, // AAD Bool + &ecs, // encryption cipher + NULL, // authentication cipher + NULL // cam_cookies ); // If decryption errors, return @@ -351,8 +353,9 @@ int32_t Crypto_Key_inventory(uint8_t *ingest) // Prepare for Reply range = packet.kid_last - packet.kid_first + 1; sdls_frame.pdu.hdr.pdu_len = (SDLS_KEY_INVENTORY_RPLY_SIZE * (range)) * BYTE_LEN; - sdls_frame.hdr.pkt_length = - CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1 + 2; // 2 = Num Keys Returned Field (2 Bytes) + sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1 + + 2; // 2 = Num Keys Returned Field (2 Bytes) count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); sdls_ep_reply[count++] = ((range & 0xFF00) >> BYTE_LEN); @@ -413,7 +416,8 @@ int32_t Crypto_Key_verify(TC_t *tc_frame) for (x = 0; x < pdu_keys; x++) { // Key ID - packet.blk[x].kid = ((uint8_t)sdls_frame.pdu.data[count] << BYTE_LEN) | ((uint8_t)sdls_frame.pdu.data[count + 1]); + packet.blk[x].kid = + ((uint8_t)sdls_frame.pdu.data[count] << BYTE_LEN) | ((uint8_t)sdls_frame.pdu.data[count + 1]); count += 2; #ifdef PDU_DEBUG printf("\tCrypto_Key_verify: Block %d Key ID is %d ", x, packet.blk[x].kid); @@ -484,32 +488,34 @@ int32_t Crypto_Key_verify(TC_t *tc_frame) // Encrypt challenge uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; - status = cryptography_if->cryptography_aead_encrypt(&(sdls_ep_keyv_reply.blk[x].challenged[0]), // ciphertext output - (size_t)CHALLENGE_SIZE, // length of data - &(packet.blk[x].challenge[0]), // plaintext input - (size_t)CHALLENGE_SIZE, // in data length - &(ekp->value[0]), // Key Index - SDLS_KEY_LEN, // Key Length - NULL, // SA Reference for key - &(sdls_ep_keyv_reply.blk[x].iv[0]), // IV - SDLS_IV_LEN, // IV Length - &(sdls_ep_keyv_reply.blk[x].mac[0]), // MAC - CHALLENGE_MAC_SIZE, // MAC Size - NULL, 0, - CRYPTO_TRUE, // Encrypt - CRYPTO_TRUE, // Authenticate - CRYPTO_FALSE, // AAD - &ecs, // encryption cipher - NULL, // authentication cipher - NULL // cam_cookies - ); + status = + cryptography_if->cryptography_aead_encrypt(&(sdls_ep_keyv_reply.blk[x].challenged[0]), // ciphertext output + (size_t)CHALLENGE_SIZE, // length of data + &(packet.blk[x].challenge[0]), // plaintext input + (size_t)CHALLENGE_SIZE, // in data length + &(ekp->value[0]), // Key Index + SDLS_KEY_LEN, // Key Length + NULL, // SA Reference for key + &(sdls_ep_keyv_reply.blk[x].iv[0]), // IV + SDLS_IV_LEN, // IV Length + &(sdls_ep_keyv_reply.blk[x].mac[0]), // MAC + CHALLENGE_MAC_SIZE, // MAC Size + NULL, 0, + CRYPTO_TRUE, // Encrypt + CRYPTO_TRUE, // Authenticate + CRYPTO_FALSE, // AAD + &ecs, // encryption cipher + NULL, // authentication cipher + NULL // cam_cookies + ); // If encryption errors, capture something about it for testing // We need to continue on, other keys could be successful if (status != CRYPTO_LIB_SUCCESS) { #ifdef DEBUG - printf(KRED "Error: OTAR Key Verification encryption failed for new key index %d with error %d \n" RESET, x, status); + printf(KRED "Error: OTAR Key Verification encryption failed for new key index %d with error %d \n" RESET, x, + status); #endif } diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 997bc7c0..ae52fc5d 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -37,8 +37,9 @@ int32_t Crypto_MC_ping(uint8_t *ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = 0; - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; - count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); + sdls_frame.hdr.pkt_length = + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); #ifdef PDU_DEBUG printf("MC Ping Reply: \t 0x"); @@ -65,8 +66,9 @@ int32_t Crypto_MC_status(uint8_t *ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * BYTE_LEN; - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; - count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); + sdls_frame.hdr.pkt_length = + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // PDU sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> BYTE_LEN; count++; @@ -106,8 +108,9 @@ int32_t Crypto_MC_dump(uint8_t *ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = (SDLS_MC_DUMP_RPLY_SIZE * log_count) * BYTE_LEN; - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; - count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); + sdls_frame.hdr.pkt_length = + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // PDU for (x = 0; x < log_count; x++) { @@ -180,8 +183,9 @@ int32_t Crypto_MC_erase(uint8_t *ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_LOG_RPLY_SIZE * BYTE_LEN; // 4 - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; - count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); + sdls_frame.hdr.pkt_length = + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // PDU sdls_ep_reply[count] = (log_summary.num_se & 0xFF00) >> BYTE_LEN; count++; @@ -223,9 +227,10 @@ int32_t Crypto_MC_selftest(uint8_t *ingest) // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_MC_ST_RPLY_SIZE * BYTE_LEN; - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; - sdls_frame.pdu.data[0] = result; - count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); + sdls_frame.hdr.pkt_length = + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + sdls_frame.pdu.data[0] = result; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); sdls_ep_reply[count] = result; count++; @@ -276,8 +281,9 @@ int32_t Crypto_SA_readARSN(uint8_t *ingest) { // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = (SPI_LEN + sa_ptr->arsn_len) * BYTE_LEN; // bits - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; - uint8_t count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); + sdls_frame.hdr.pkt_length = + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + uint8_t count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // Write SPI to reply sdls_ep_reply[count] = (spi & 0xFF00) >> BYTE_LEN; diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index ec78cc70..6a7646db 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -183,7 +183,7 @@ void Crypto_ccsdsPrint(CCSDS_t *sdls_frame) printf("\t\t seq = 0x%01x \n", sdls_frame->hdr.seq); printf("\t\t pktid = 0x%04x \n", sdls_frame->hdr.pktid); printf("\t\t pkt_length = 0x%04x \n", sdls_frame->hdr.pkt_length); - if(crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { printf("\t PUS Header\n"); printf("\t\t shf = 0x%01x \n", sdls_frame->pus.shf); diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index cca8a8fa..92b65284 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -346,12 +346,12 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat uint16_t *index_p, const uint8_t *p_in_frame, char *cam_cookies, uint32_t pkcs_padding) { - int32_t status = CRYPTO_LIB_SUCCESS; - uint16_t index = *index_p; - crypto_key_t *akp = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t index = *index_p; + crypto_key_t *akp = NULL; /* Get Key */ - + if (sa_ptr->est == 1) { ekp = key_if->get_key(sa_ptr->ekid); @@ -1607,7 +1607,6 @@ int32_t Crypto_TC_Get_Keys(crypto_key_t **ekp, crypto_key_t **akp, SecurityAssoc mc_if->mc_log(status); } } - return status; } @@ -1906,7 +1905,6 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc memcpy((tc_sdls_processed_frame->tc_sec_header.pad), &(ingest[TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len]), sa_ptr->shplf_len); - // Parse MAC, prepare AAD status = Crypto_TC_Prep_AAD(tc_sdls_processed_frame, fecf_len, sa_service_type, ecs_is_aead_algorithm, &aad_len, @@ -1964,7 +1962,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc return status; // Cryptography IF call failed, return. } // Extended PDU processing, if applicable - + if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); @@ -2051,18 +2049,18 @@ uint8_t *Crypto_Prepare_TC_AAD(uint8_t *buffer, uint16_t len_aad, uint8_t *abm_b static int32_t validate_sa_index(SecurityAssociation_t *sa) { - int32_t returnval = -1; + int32_t returnval = -1; SecurityAssociation_t *temp_sa; sa_if->sa_get_from_spi(sa->spi, &temp_sa); int sa_index = -1; - sa_index = (int)(sa - temp_sa); // Based on array memory location + sa_index = (int)(sa - temp_sa); // Based on array memory location #ifdef DEBUG - if(sa_index == 0) + if (sa_index == 0) printf("SA Index matches SPI\n"); else printf("Malformed SA SPI based on SA Index!\n"); #endif - if(sa_index == 0) + if (sa_index == 0) returnval = 0; return returnval; } @@ -2076,7 +2074,7 @@ static int32_t validate_sa_index(SecurityAssociation_t *sa) **/ static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa) { - if(validate_sa_index(sa) != 0) + if (validate_sa_index(sa) != 0) { return CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH; } diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index 870ccee6..c8850c33 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -37,7 +37,6 @@ static int32_t sa_delete(TC_t *tc_frame); // Security Association Local Functions int32_t sa_verify_data(SecurityAssociation_t *); - /* ** Global Variables */ @@ -1101,13 +1100,13 @@ static int32_t sa_start(TC_t *tc_frame) static int32_t sa_stop(TC_t *tc_frame) { // Local variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint16_t spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t spi = 0x0000; uint16_t control_spi = 0x0000; int x; // Read ingest - spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; + spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; control_spi = tc_frame->tc_sec_header.spi; #ifdef DEBUG @@ -1347,9 +1346,9 @@ static int32_t sa_expire(TC_t *tc_frame) static int32_t sa_create(TC_t *tc_frame) { // Local variables - int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t count = 6; - uint16_t spi = 0x0000; + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t count = 6; + uint16_t spi = 0x0000; uint16_t control_spi = 0x0000; int x; @@ -1381,7 +1380,7 @@ static int32_t sa_create(TC_t *tc_frame) // 3-4 : Service Group Field (sg) // 5-8 : Procedure Identification Field (pid) temp_sa->lpid = (sdls_frame.pdu.hdr.type << 7) | (sdls_frame.pdu.hdr.uf << 6) | (sdls_frame.pdu.hdr.sg << 4) | - sdls_frame.pdu.hdr.pid; + sdls_frame.pdu.hdr.pid; // Write SA Configuration temp_sa->est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; @@ -1406,7 +1405,7 @@ static int32_t sa_create(TC_t *tc_frame) temp_sa->acs = ((uint8_t)sdls_frame.pdu.data[count++]); } temp_sa->abm_len = (uint8_t)((sdls_frame.pdu.data[count] << BYTE_LEN) | (sdls_frame.pdu.data[count + 1])); - count = count + 2; + count = count + 2; for (x = 0; x < temp_sa->abm_len; x++) { temp_sa->abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); @@ -1431,20 +1430,20 @@ static int32_t sa_create(TC_t *tc_frame) if (status == CRYPTO_LIB_SUCCESS) { // Copy data from temp_sa to sa[spi] - sa[spi].lpid = temp_sa->lpid; - sa[spi].est = temp_sa->est; - sa[spi].ast = temp_sa->ast; - sa[spi].shivf_len = temp_sa->shivf_len; - sa[spi].shsnf_len = temp_sa->shsnf_len; - sa[spi].shplf_len = temp_sa->shplf_len; + sa[spi].lpid = temp_sa->lpid; + sa[spi].est = temp_sa->est; + sa[spi].ast = temp_sa->ast; + sa[spi].shivf_len = temp_sa->shivf_len; + sa[spi].shsnf_len = temp_sa->shsnf_len; + sa[spi].shplf_len = temp_sa->shplf_len; sa[spi].stmacf_len = temp_sa->stmacf_len; - sa[spi].ecs_len = temp_sa->ecs_len; - sa[spi].ecs = temp_sa->ecs; + sa[spi].ecs_len = temp_sa->ecs_len; + sa[spi].ecs = temp_sa->ecs; for (x = 0; x < sa[spi].shivf_len; x++) { sa[spi].iv[x] = temp_sa->iv[x]; } - sa[spi].acs = temp_sa->acs; + sa[spi].acs = temp_sa->acs; sa[spi].abm_len = temp_sa->abm_len; for (x = 0; x < sa[spi].abm_len; x++) { @@ -1456,8 +1455,8 @@ static int32_t sa_create(TC_t *tc_frame) *(sa[spi].arsn + x) = *(temp_sa->arsn + x); } sa[spi].arsnw_len = temp_sa->arsnw_len; - sa[spi].arsnw = temp_sa->arsnw; - sa[spi].sa_state = temp_sa->sa_state; + sa[spi].arsnw = temp_sa->arsnw; + sa[spi].sa_state = temp_sa->sa_state; } #ifdef PDU_DEBUG @@ -1481,7 +1480,7 @@ static int32_t sa_create(TC_t *tc_frame) static int32_t sa_delete(TC_t *tc_frame) { // Local variables - uint16_t spi = 0x0000; + uint16_t spi = 0x0000; uint16_t control_spi = 0x0000; int32_t status = CRYPTO_LIB_SUCCESS; @@ -1548,12 +1547,12 @@ static int32_t sa_setARSN(TC_t *tc_frame) // Local variables uint16_t spi = 0x0000; uint16_t control_spi = 0x0000; - int32_t status = CRYPTO_LIB_SUCCESS; + int32_t status = CRYPTO_LIB_SUCCESS; int x; // Read ingest spi = ((uint8_t)sdls_frame.pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.pdu.data[1]; - + control_spi = tc_frame->tc_sec_header.spi; if (spi == control_spi) { @@ -1690,8 +1689,9 @@ static int32_t sa_status(uint8_t *ingest) printf("SIZE: %ld\n", SDLS_SA_STATUS_RPLY_SIZE); // Prepare for Reply sdls_frame.pdu.hdr.pdu_len = SDLS_SA_STATUS_RPLY_SIZE * BYTE_LEN; - sdls_frame.hdr.pkt_length = CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; - count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); + sdls_frame.hdr.pkt_length = + CCSDS_HDR_SIZE + CCSDS_PUS_SIZE + SDLS_TLV_HDR_SIZE + (sdls_frame.pdu.hdr.pdu_len / BYTE_LEN) - 1; + count = Crypto_Prep_Reply(sdls_ep_reply, CRYPTOLIB_APPID); // PDU sdls_ep_reply[count++] = (spi & 0xFF00) >> BYTE_LEN; sdls_ep_reply[count++] = (spi & 0x00FF); @@ -1720,7 +1720,7 @@ static int32_t sa_status(uint8_t *ingest) return status; } -int32_t sa_verify_data(SecurityAssociation_t * sa_ptr) +int32_t sa_verify_data(SecurityAssociation_t *sa_ptr) { int32_t status = CRYPTO_LIB_SUCCESS; if (sa_ptr->shivf_len > IV_SIZE) diff --git a/test/unit/ut_aos_apply.c b/test/unit/ut_aos_apply.c index eac6ea09..0b7bf59d 100644 --- a/test/unit/ut_aos_apply.c +++ b/test/unit/ut_aos_apply.c @@ -255,13 +255,13 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF) SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(10, &test_association); - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -390,13 +390,13 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(10, &test_association); - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -526,13 +526,13 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_FECF) SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(10, &test_association); - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -663,13 +663,13 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_OID_FECF) SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(10, &test_association); - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -808,13 +808,13 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_1) sa_if->sa_get_from_spi(10, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1111,13 +1111,13 @@ UTEST(AOS_APPLY, AES_GCM) aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); sa_if->sa_get_from_spi(10, &sa_ptr); - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1269,13 +1269,13 @@ UTEST(AOS_APPLY, AOS_KEY_STATE_TEST) sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 16; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1379,18 +1379,17 @@ UTEST(AOS_APPLY, AEAD_GCM_BITMASK_1) sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 16; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_DEACTIVATED; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_DEACTIVATED; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_DEACTIVATED; status = Crypto_AOS_ApplySecurity((uint8_t *)test_aos_b); ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); - free(test_aos_b); Crypto_Shutdown(); } diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index a470af7f..5bf8d97f 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -1535,13 +1535,13 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) test_association->shsnf_len = 0; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask of ones - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; @@ -1804,13 +1804,13 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 sa_ptr->sa_state = SA_NONE; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); @@ -1824,7 +1824,7 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) UTEST(AOS_PROCESS, AOS_OCF_TEST) { remove("sa_save_file.bin"); - + // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; uint8_t *ptr_processed_frame = NULL; @@ -1850,10 +1850,10 @@ UTEST(AOS_PROCESS, AOS_OCF_TEST) SecurityAssociation_t *sa_ptr = NULL; SaInterface sa_if = get_sa_interface_inmemory(); sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 5 - sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->shivf_len = 0; - sa_ptr->gvcid_blk.tfvn = 1; - sa_ptr->gvcid_blk.vcid = 0; + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->shivf_len = 0; + sa_ptr->gvcid_blk.tfvn = 1; + sa_ptr->gvcid_blk.vcid = 0; sa_ptr->gvcid_blk.mapid = 0; status = @@ -1899,16 +1899,16 @@ UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) sa_ptr->sa_state = SA_KEYED; sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->est = 1; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_DEACTIVATED; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_DEACTIVATED; + sa_ptr->est = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_DEACTIVATED; status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 35ad07ee..0d5e55d2 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -114,11 +114,11 @@ UTEST(CRYPTO_C, PDU_SWITCH) Crypto_Init(); sdls_frame.pdu.hdr.type = PDU_TYPE_COMMAND; - sdls_frame.pdu.hdr.uf = PDU_USER_FLAG_FALSE; + sdls_frame.pdu.hdr.uf = PDU_USER_FLAG_FALSE; printf("SG_KEY_MGMT\n"); - sdls_frame.pdu.hdr.sg = SG_KEY_MGMT; + sdls_frame.pdu.hdr.sg = SG_KEY_MGMT; // sdls_frame.pdu.hdr.pid = PID_OTAR; - uint8_t *ingest = NULL; + uint8_t *ingest = NULL; TC_t tc_frame; // status = Crypto_PDU(ingest, &tc_frame); @@ -132,8 +132,8 @@ UTEST(CRYPTO_C, PDU_SWITCH) status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - sdls_frame.pdu.hdr.pid = PID_KEY_VERIFICATION; - status = Crypto_PDU(ingest, &tc_frame); + sdls_frame.pdu.hdr.pid = PID_KEY_VERIFICATION; + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_KEY_DESTRUCTION; @@ -251,7 +251,7 @@ UTEST(CRYPTO_C, PDU_SWITCH) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.hdr.pid = PID_MODIFY_VCID; - status = Crypto_PDU(ingest, &tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.hdr.pid = 8; @@ -264,7 +264,6 @@ UTEST(CRYPTO_C, PDU_SWITCH) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } - /** * @brief Unit Test: Crypto Extended Procedures PDU Test **/ @@ -282,7 +281,7 @@ UTEST(CRYPTO_C, EXT_PROC_PDU) status = Crypto_Process_Extended_Procedure_Pdu(tc_frame, ingest); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } -#endif //CRYPTO_EPROC +#endif // CRYPTO_EPROC /** * @brief Unit Test: Crypto ACS Get Algorithm response @@ -362,21 +361,21 @@ UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) ASSERT_EQ(SDLS_TLV_HDR_SIZE, (size_t)3); ASSERT_EQ(SDLS_TLV_SIZE, (size_t)497); ASSERT_EQ(SDLS_EKB_SIZE, (size_t)514); - ASSERT_EQ(SDLS_OTAR_SIZE, (size_t)(2 + 16 + 30*514 + 16)); + ASSERT_EQ(SDLS_OTAR_SIZE, (size_t)(2 + 16 + 30 * 514 + 16)); ASSERT_EQ(SDLS_KEY_SIZE, (size_t)2); ASSERT_EQ(SDLS_KEY_INVENTORY_CMD_SIZE, (size_t)4); ASSERT_EQ(SDLS_KEY_INVENTORY_RPLY_SIZE, (size_t)3); ASSERT_EQ(SDLS_KEYV_CMD_BLK_SIZE, (size_t)18); - ASSERT_EQ(SDLS_KEYV_CMD_SIZE, (size_t)(29*18)); + ASSERT_EQ(SDLS_KEYV_CMD_SIZE, (size_t)(29 * 18)); ASSERT_EQ(SDLS_KEYV_RPLY_BLK_SIZE, (size_t)50); - ASSERT_EQ(SDLS_KEYV_RPLY_SIZE, (size_t)(50*29)); + ASSERT_EQ(SDLS_KEYV_RPLY_SIZE, (size_t)(50 * 29)); ASSERT_EQ(SDLS_KEYDB_CMD_SIZE, (size_t)12); ASSERT_EQ(SDLS_KEYDB_RPLY_SIZE, (size_t)38); ASSERT_EQ(SDLS_SA_STATUS_RPLY_SIZE, (size_t)3); ASSERT_EQ(SDLS_SA_READ_ARSN_RPLY_SIZE, (size_t)22); ASSERT_EQ(SDLS_MC_LOG_RPLY_SIZE, (size_t)4); ASSERT_EQ(SDLS_MC_DUMP_RPLY_SIZE, (size_t)7); - ASSERT_EQ(SDLS_MC_DUMP_BLK_RPLY_SIZE, (size_t)(7*50)); + ASSERT_EQ(SDLS_MC_DUMP_BLK_RPLY_SIZE, (size_t)(7 * 50)); ASSERT_EQ(SDLS_MC_ST_RPLY_SIZE, (size_t)1); ASSERT_EQ(SDLS_MC_SN_RPLY_SIZE, (size_t)16); ASSERT_EQ(TC_FRAME_PRIMARYHEADER_STRUCT_SIZE, (size_t)5); @@ -468,5 +467,5 @@ UTEST(CRYPTO_C, OTAR_0_140_142_FAIL_TEST) free(buffer_nist_key_b); free(buffer_OTAR_b); } -#endif //CRYPTO_EPROC +#endif // CRYPTO_EPROC UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index fee64c54..08a5140a 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -251,7 +251,6 @@ UTEST(EP_KEY_MGMT, INVENTORY_132_134) char *buffer_nist_iv_h = "000000000000000000000000"; // The last valid IV that was seen by the SA char *buffer_INVENTORY_h = "2003001e00ff000000001880d03b000a197f0b00070004008400861f6d82ebe4fc55555555"; - uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_INVENTORY_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_INVENTORY_len = 0; @@ -368,17 +367,17 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) // Activate SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ecs_len = 0; - test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->est = 0; - test_association->ast = 0; - test_association->shsnf_len = 2; - test_association->arsn_len = 2; - test_association->arsnw_len = 1; - test_association->arsnw = 5; - test_association->shivf_len = 0; - test_association->iv_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 0; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw_len = 1; + test_association->arsnw = 5; + test_association->shivf_len = 0; + test_association->iv_len = 0; test_association->gvcid_blk.scid = 0; // Insert key into keyring of SA 9 @@ -427,7 +426,7 @@ UTEST(EP_KEY_MGMT, VERIFY_132_134) } /* -** Test that an OTAR attempt with non-active Master Key will bubble up to a top-level error. +** Test that an OTAR attempt with non-active Master Key will bubble up to a top-level error. */ UTEST(EP_KEY_MGMT, OTAR_0_140_142_MK_NOT_ACTIVE) { @@ -473,7 +472,8 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_MK_NOT_ACTIVE) // |0b| = sst, sid, spare // |0001| = PDU Tag // |0084| = PDU Length - // |007F| = Master Key ID - Valid id, invalid that it isn't set up in the keyring! + // |007F| = Master Key ID - Valid id, invalid that + // it isn't set up in the keyring! // |344892bbc54f5395297d4c37| = IV // |172f| = Encrypted // Key ID @@ -531,7 +531,7 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_MK_NOT_ACTIVE) } /* -** Test that a fail OTAR key decryption will bubble up to a top-level error. +** Test that a fail OTAR key decryption will bubble up to a top-level error. */ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) { @@ -555,9 +555,9 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); Crypto_Init(); - SaInterface sa_if = get_sa_interface_inmemory(); - crypto_key_t* ekp = NULL; - int status = CRYPTO_LIB_SUCCESS; + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; @@ -577,7 +577,8 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) // |0b| = sst, sid, spare // |0001| = PDU Tag // |0084| = PDU Length - // |007F| = Master Key ID - Valid id, invalid that it isn't set up in the keyring! + // |007F| = Master Key ID - Valid id, invalid that + // it isn't set up in the keyring! // |344892bbc54f5395297d4c37| = IV // |172f| = Encrypted // Key ID @@ -614,7 +615,7 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) test_association->ekid = 127; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - ekp = key_if->get_key(test_association->ekid); + ekp = key_if->get_key(test_association->ekid); ekp->key_state = KEY_ACTIVE; // memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); @@ -760,7 +761,7 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS_BAD_TLV) // Activate SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->sa_state = SA_OPERATIONAL; + test_association->sa_state = SA_OPERATIONAL; test_association->ecs = CRYPTO_CIPHER_NONE; test_association->est = 0; test_association->ast = 0; @@ -794,7 +795,6 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS_BAD_TLV) free(buffer_DEACTIVATE_b); } - UTEST(EP_KEY_MGMT, DEACTIVATE_142_PUS_BAD_TLV) { remove("sa_save_file.bin"); diff --git a/test/unit/ut_ep_mc.c b/test/unit/ut_ep_mc.c index 1e6e24fc..a0d1ca73 100644 --- a/test/unit/ut_ep_mc.c +++ b/test/unit/ut_ep_mc.c @@ -49,14 +49,14 @@ UTEST(EP_MC, MC_REGULAR_PING) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -133,14 +133,14 @@ UTEST(EP_MC, MC_STATUS) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -214,14 +214,14 @@ UTEST(EP_MC, MC_DUMP) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -298,14 +298,14 @@ UTEST(EP_MC, MC_ERASE) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -381,14 +381,14 @@ UTEST(EP_MC, MC_SELF_TEST) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -451,7 +451,7 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) // NOTE: Added Transfer Frame header to the plaintext char *buffer_ALARM_h = "2003001a00ff000000001880d2c70008197f0b00370000b1fe312855"; - + uint8_t *buffer_ALARM_b = NULL; int buffer_ALARM_len = 0; @@ -463,14 +463,14 @@ UTEST(EP_MC, MC_ALARM_FLAG_RESET) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); diff --git a/test/unit/ut_ep_sa_mgmt.c b/test/unit/ut_ep_sa_mgmt.c index 4d009c4d..f7396fe0 100644 --- a/test/unit/ut_ep_sa_mgmt.c +++ b/test/unit/ut_ep_sa_mgmt.c @@ -27,7 +27,7 @@ UTEST(EP_SA_MGMT, SA_6_REKEY_133) // NOTE: Added Transfer Frame header to the plaintext char *buffer_REKEY_h = "2003002a00ff000000001880d0ac0018197f0b0016000c00060085000000000000000000000000da959fc8555555555555"; - + uint8_t *buffer_REKEY_b = NULL; int buffer_REKEY_len = 0; @@ -39,14 +39,14 @@ UTEST(EP_SA_MGMT, SA_6_REKEY_133) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -96,14 +96,14 @@ UTEST(EP_SA_MGMT, SA_START_6) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Convert frames that will be processed hex_conversion(buffer_START_h, (char **)&buffer_START_b, &buffer_START_len); @@ -126,7 +126,6 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - GvcidManagedParameters_t TC_0_Managed_Parameters = { 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); @@ -150,14 +149,14 @@ UTEST(EP_SA_MGMT, SA_6_READ_ARSN) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -238,14 +237,14 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSNW) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -297,14 +296,14 @@ UTEST(EP_SA_MGMT, SA_6_SET_ARSN) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -369,14 +368,14 @@ UTEST(EP_SA_MGMT, SA_6_STATUS) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -449,14 +448,14 @@ UTEST(EP_SA_MGMT, SA_STOP_6) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); @@ -489,7 +488,6 @@ UTEST(EP_SA_MGMT, SA_EXPIRE_6) Crypto_Init(); - int status = CRYPTO_LIB_SUCCESS; // NOTE: Added Transfer Frame header to the plaintext @@ -518,14 +516,14 @@ UTEST(EP_SA_MGMT, SA_EXPIRE_6) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Convert frames that will be processed hex_conversion(buffer_EXPIRE_h, (char **)&buffer_EXPIRE_b, &buffer_EXPIRE_len); @@ -571,14 +569,14 @@ UTEST(EP_SA_MGMT, SA_STOP_SELF) // Modify SA 0 sa_if->sa_get_from_spi(0, &test_association); - test_association->shivf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - test_association->iv_len = 12; - test_association->shsnf_len = 2; - test_association->arsnw = 5; - test_association->arsnw_len = 1; - test_association->arsn_len = 2; - test_association->gvcid_blk.scid = SCID & 0x3FF; + test_association->shivf_len = 0; + test_association->sa_state = SA_OPERATIONAL; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsnw = 5; + test_association->arsnw_len = 1; + test_association->arsn_len = 2; + test_association->gvcid_blk.scid = SCID & 0x3FF; // Modify SA 6 sa_if->sa_get_from_spi(6, &test_association); diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index a487c1cf..f12b1c38 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -1455,15 +1455,15 @@ UTEST(TC_APPLY_SECURITY, TC_KEY_STATE_TEST) test_association->sa_state = SA_KEYED; sa_if->sa_get_from_spi(4, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->ekid = 130; + test_association->ekid = 130; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_DEACTIVATED; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_DEACTIVATED; - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_DEACTIVATED; + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_DEACTIVATED; return_val = Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index a098c3de..7b1b44ca 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -707,13 +707,13 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) test_association->ekid = 130; test_association->sa_state = SA_OPERATIONAL; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; // Convert input test frame hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); @@ -789,13 +789,13 @@ UTEST(TC_PROCESS, DECRYPT_CBC_1B) test_association->ekid = 130; test_association->sa_state = SA_OPERATIONAL; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; // Convert input test frame hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); @@ -871,13 +871,13 @@ UTEST(TC_PROCESS, DECRYPT_CBC_16B) test_association->sa_state = SA_OPERATIONAL; test_association->ekid = 130; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; // Convert input test frame hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); @@ -1238,15 +1238,15 @@ UTEST(TC_PROCESS, TC_KEY_STATE_TEST) SecurityAssociation_t *test_association; sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_OPERATIONAL; - test_association->est = 1; + test_association->est = 1; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_DEACTIVATED; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_DEACTIVATED; - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_DEACTIVATED; + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_DEACTIVATED; // Convert input test frame hex_conversion(test_frame_pt_h, (char **)&test_frame_pt_b, &test_frame_pt_len); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index b54f84c7..a06c1aa8 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -412,13 +412,13 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) sa_ptr->arsnw = 5; sa_ptr->gvcid_blk.vcid = 0; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -550,13 +550,13 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) sa_ptr->gvcid_blk.vcid = 0; sa_ptr->gvcid_blk.scid = 44; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -709,13 +709,13 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->gvcid_blk.scid = 44; sa_ptr->gvcid_blk.vcid = 0; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Determine managed parameters by GVCID, which nominally happens in TO status = @@ -866,13 +866,13 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1040,13 +1040,13 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1209,13 +1209,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1376,13 +1376,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1545,14 +1545,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->akid = 136; // Update key length for SHA512 - akp = key_if->get_key(sa_ptr->akid); - akp->key_len = 64; + akp = key_if->get_key(sa_ptr->akid); + akp->key_len = 64; akp->key_state = KEY_ACTIVE; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1722,13 +1721,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->akid = 136; // Update key length for SHA512 - akp = key_if->get_key(sa_ptr->akid); - akp->key_len = 64; + akp = key_if->get_key(sa_ptr->akid); + akp->key_len = 64; akp->key_state = KEY_ACTIVE; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1879,13 +1878,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) sa_ptr->iv_len = 16; sa_ptr->shivf_len = 16; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; @@ -2055,13 +2054,13 @@ UTEST(TM_APPLY_ENC_VAL, AEAD_AES_GCM_BITMASK_1) sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 16; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; @@ -2242,13 +2241,13 @@ UTEST(TM_APPLY_ENC_VAL, TM_KEY_STATE_TEST) sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 16; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_DEACTIVATED; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_DEACTIVATED; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_DEACTIVATED; // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index ecc604ba..81f6f3a5 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -295,13 +295,13 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) sa_if->sa_get_from_spi(5, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -450,13 +450,13 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) sa_ptr->shivf_len = 16; sa_ptr->stmacf_len = 0; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -615,13 +615,13 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Determine managed parameters by GVCID, which nominally happens in TO // status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, @@ -772,13 +772,13 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -949,13 +949,13 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1124,13 +1124,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1299,13 +1299,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->ekid = 0; sa_ptr->akid = 136; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1477,13 +1477,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->akid = 136; // Update key length for SHA512 - akp = key_if->get_key(sa_ptr->akid); - akp->key_len = 64; + akp = key_if->get_key(sa_ptr->akid); + akp->key_len = 64; akp->key_state = KEY_ACTIVE; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1655,13 +1655,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->akid = 136; // Update key length for SHA512 - akp = key_if->get_key(sa_ptr->akid); - akp->key_len = 64; + akp = key_if->get_key(sa_ptr->akid); + akp->key_len = 64; akp->key_state = KEY_ACTIVE; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -1833,13 +1833,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) test_association->iv_len = 16; test_association->shivf_len = 16; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; @@ -2019,13 +2019,13 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) test_association->shivf_len = 16; test_association->stmacf_len = 16; - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(test_association->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(test_association->akid); + akp->key_state = KEY_ACTIVE; // Set a more obvious IV for test purposes char *iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; @@ -2170,13 +2170,13 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) SecurityAssociation_t *sa_ptr; sa_if->sa_get_from_spi(44, &sa_ptr); - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_ACTIVE; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_ACTIVE; + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_ACTIVE; status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); @@ -2219,16 +2219,16 @@ UTEST(TM_PROCESS, TM_KEY_STATE_TEST) SecurityAssociation_t *sa_ptr; sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->est = 1; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - - crypto_key_t *ekp = NULL; - ekp = key_if->get_key(sa_ptr->ekid); - ekp->key_state = KEY_DEACTIVATED; - - crypto_key_t *akp = NULL; - akp = key_if->get_key(sa_ptr->akid); - akp->key_state = KEY_DEACTIVATED; + sa_ptr->est = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_DEACTIVATED; + + crypto_key_t *akp = NULL; + akp = key_if->get_key(sa_ptr->akid); + akp->key_state = KEY_DEACTIVATED; status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); From 9c5f6f8265b1a17a7e0dacf4adb733fd517ddbbf Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 23 Jan 2025 18:51:56 +0000 Subject: [PATCH 238/241] [nasa/cryptolib#391] Switch codecov token to a reusable variable --- .github/workflows/build.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0f483b51..ae584c35 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,5 +1,8 @@ name: CryptoLib +global_env: + CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a + on: pull_request: branches: [ main, dev ] @@ -54,7 +57,7 @@ jobs: - name: Upload uses: codecov/codecov-action@v4 env: - CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a + CODECOV_TOKEN: ${{ matrix.global_env.CODECOV_TOKEN }} with: files: 'coverage/*.c.gcov' verbose: true @@ -103,7 +106,7 @@ jobs: # - name: Upload # uses: codecov/codecov-action@v4 # env: - # CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a + # CODECOV_TOKEN: ${{ matrix.global_env.CODECOV_TOKEN }} # with: # files: 'coverage/*.c.gcov' # verbose: true @@ -156,7 +159,7 @@ jobs: - name: Upload uses: codecov/codecov-action@v4 env: - CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a + CODECOV_TOKEN: ${{ matrix.global_env.CODECOV_TOKEN }} with: files: 'coverage/*.c.gcov' verbose: true @@ -210,7 +213,7 @@ jobs: - name: Upload uses: codecov/codecov-action@v4 env: - CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a + CODECOV_TOKEN: ${{ matrix.global_env.CODECOV_TOKEN }} with: files: 'coverage/*.c.gcov' verbose: true @@ -244,7 +247,7 @@ jobs: - name: Upload uses: codecov/codecov-action@v4 env: - CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a + CODECOV_TOKEN: ${{ matrix.global_env.CODECOV_TOKEN }} with: files: 'coverage/*.c.gcov' verbose: true From 39968a0b36a7f6dbe93d9557247472b4999147dc Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 23 Jan 2025 18:55:20 +0000 Subject: [PATCH 239/241] [nasa/cryptolib#391] wrap negative define in parenthesis --- support/standalone/standalone.h | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/support/standalone/standalone.h b/support/standalone/standalone.h index af5a7c68..b13e2361 100644 --- a/support/standalone/standalone.h +++ b/support/standalone/standalone.h @@ -75,14 +75,14 @@ extern "C" #define CRYPTO_MAX_INPUT_TOKENS 32 #define CRYPTO_MAX_INPUT_TOKEN_SIZE 64 -#define CRYPTO_CMD_UNKNOWN -1 -#define CRYPTO_CMD_HELP 0 -#define CRYPTO_CMD_EXIT 1 -#define CRYPTO_CMD_NOOP 2 -#define CRYPTO_CMD_RESET 3 -#define CRYPTO_CMD_VCID 4 -#define CRYPTO_CMD_TC_DEBUG 5 -#define CRYPTO_CMD_TM_DEBUG 6 +#define CRYPTO_CMD_UNKNOWN (-1) +#define CRYPTO_CMD_HELP 0 +#define CRYPTO_CMD_EXIT 1 +#define CRYPTO_CMD_NOOP 2 +#define CRYPTO_CMD_RESET 3 +#define CRYPTO_CMD_VCID 4 +#define CRYPTO_CMD_TC_DEBUG 5 +#define CRYPTO_CMD_TM_DEBUG 6 /* ** Structures From ca3063f82e89f799efd8a7d586843529d928be21 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <dri0001@mix.wvu.edu> Date: Thu, 23 Jan 2025 18:57:07 +0000 Subject: [PATCH 240/241] [nasa/cryptolib#391] ran formatter --- support/standalone/standalone.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/support/standalone/standalone.h b/support/standalone/standalone.h index b13e2361..09da09ef 100644 --- a/support/standalone/standalone.h +++ b/support/standalone/standalone.h @@ -76,13 +76,13 @@ extern "C" #define CRYPTO_MAX_INPUT_TOKEN_SIZE 64 #define CRYPTO_CMD_UNKNOWN (-1) -#define CRYPTO_CMD_HELP 0 -#define CRYPTO_CMD_EXIT 1 -#define CRYPTO_CMD_NOOP 2 -#define CRYPTO_CMD_RESET 3 -#define CRYPTO_CMD_VCID 4 -#define CRYPTO_CMD_TC_DEBUG 5 -#define CRYPTO_CMD_TM_DEBUG 6 +#define CRYPTO_CMD_HELP 0 +#define CRYPTO_CMD_EXIT 1 +#define CRYPTO_CMD_NOOP 2 +#define CRYPTO_CMD_RESET 3 +#define CRYPTO_CMD_VCID 4 +#define CRYPTO_CMD_TC_DEBUG 5 +#define CRYPTO_CMD_TM_DEBUG 6 /* ** Structures From c0c89731b2d2ba5c8593c92d5512c69ee3b0bef5 Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Thu, 23 Jan 2025 17:36:29 -0500 Subject: [PATCH 241/241] 393 add readthedocs yaml (#394) * [nasa/cryptolib#393] Add readthedocs.yaml * [nasa/cryptolib#393] Add Requirements for RTD * Rename requirements.txt to docs/wiki/requirements.txt --- docs/wiki/requirements.txt | 3 +++ readthedocs.yaml | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+) create mode 100644 docs/wiki/requirements.txt create mode 100644 readthedocs.yaml diff --git a/docs/wiki/requirements.txt b/docs/wiki/requirements.txt new file mode 100644 index 00000000..4cceb7b6 --- /dev/null +++ b/docs/wiki/requirements.txt @@ -0,0 +1,3 @@ +myst-parser +sphinx>=8.0 +sphinx_rtd_theme diff --git a/readthedocs.yaml b/readthedocs.yaml new file mode 100644 index 00000000..3089a65f --- /dev/null +++ b/readthedocs.yaml @@ -0,0 +1,35 @@ +# Read the Docs configuration file for Sphinx projects +# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details + +# Required +version: 2 + +# Set the OS, Python version and other tools you might need +build: + os: ubuntu-22.04 + tools: + python: "3.12" + # You can also specify other tool versions: + # nodejs: "20" + # rust: "1.70" + # golang: "1.20" + +# Build documentation in the "docs/" directory with Sphinx +sphinx: + configuration: docs/wiki/conf.py + # You can configure Sphinx to use a different builder, for instance use the dirhtml builder for simpler URLs + # builder: "dirhtml" + # Fail on all warnings to avoid broken references + # fail_on_warning: true + +# Optionally build your docs in additional formats such as PDF and ePub +# formats: +# - pdf +# - epub + +# Optional but recommended, declare the Python requirements required +# to build your documentation +# See https://docs.readthedocs.io/en/stable/guides/reproducible-builds.html +python: + install: + - requirements: docs/wiki/requirements.txt