From 330081b4877ccd603bcc958d2622121425f64be6 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Jun 2025 17:17:10 +0000 Subject: [PATCH 01/37] [nasa/cryptolib#471] Switched TM_Process to return struct --- include/crypto.h | 8 +- include/crypto_structs.h | 17 +++- src/core/crypto.c | 2 +- src/core/crypto_tm.c | 68 +++++++++++++- test/unit/ut_crypto.c | 8 +- test/unit/ut_tm_process.c | 184 ++++++++++++++++++++------------------ 6 files changed, 182 insertions(+), 105 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 4831211a..22971de7 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -166,7 +166,7 @@ void Crypto_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, // Telemetry (TM) extern int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest); -extern int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame, +extern int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t *pp_processed_frame, uint16_t *p_decrypted_length); // Advanced Orbiting Systems (AOS) @@ -226,7 +226,7 @@ void Crypto_TM_Calc_PDU_MAC(uint16_t *pdu_len, uint16_t byte_idx, SecurityAss int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint8_t ecs_is_aead_algorithm, uint16_t byte_idx, uint8_t *p_new_dec_frame, uint16_t pdu_len, uint8_t *p_ingest, crypto_key_t *ekp, crypto_key_t *akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, - uint8_t *aad, uint8_t **pp_processed_frame, uint16_t *p_decrypted_length); + uint8_t *aad, TM_t *pp_processed_frame, uint16_t *p_decrypted_length); void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr); extern int32_t Crypto_increment(uint8_t *num, int length); @@ -312,8 +312,8 @@ extern char *crypto_deep_copy_string(char *src_string); extern CCSDS_t sdls_frame; extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; extern uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; -// extern TM_t tm_frame; -extern uint8_t tm_frame[1786]; +extern TM_t tm_frame; +//extern uint8_t tm_frame[1786]; extern TM_FramePrimaryHeader_t tm_frame_pri_hdr; extern TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // exterm AOS_t aos_frame diff --git a/include/crypto_structs.h b/include/crypto_structs.h index cb2f1251..747d315e 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -526,8 +526,13 @@ typedef struct */ typedef struct { - uint16_t spi; // Security Parameter Index - uint8_t iv[IV_SIZE]; // Initialization Vector for encryption + uint16_t spi; // Security Parameter Index + uint8_t iv[IV_SIZE]; // Initialization Vector for encryption + uint8_t iv_field_len; + uint8_t sn[SN_SIZE]; // Sequence Number for anti-replay + uint8_t sn_field_len; + uint8_t pad; // Count of the used fill Bytes + uint8_t pad_field_len; } TM_FrameSecurityHeader_t; #define TM_FRAME_SECHEADER_SIZE (sizeof(TM_FrameSecurityHeader_t)) @@ -537,7 +542,9 @@ typedef struct typedef struct { uint8_t mac[MAC_SIZE]; // Message Authentication Code + uint8_t mac_field_len; uint8_t ocf[OCF_SIZE]; // Operational Control Field + uint8_t ocf_field_len; uint16_t fecf; // Frame Error Control Field } TM_FrameSecurityTrailer_t; #define TM_FRAME_SECTRAILER_SIZE (sizeof(TM_FrameSecurityTrailer_t)) @@ -551,6 +558,7 @@ typedef struct TM_FramePrimaryHeader_t tm_header; TM_FrameSecurityHeader_t tm_sec_header; uint8_t tm_pdu[TM_FRAME_DATA_SIZE]; + uint16_t tm_pdu_len; TM_FrameSecurityTrailer_t tm_sec_trailer; } TM_t; #define TM_SIZE (sizeof(TM_t)) @@ -616,9 +624,10 @@ typedef struct */ typedef struct { - AOS_FramePrimaryHeader_t tm_header; - AOS_FrameSecurityHeader_t tm_sec_header; + AOS_FramePrimaryHeader_t aos_header; + AOS_FrameSecurityHeader_t aos_sec_header; uint8_t aos_pdu[AOS_FRAME_DATA_SIZE]; + uint16_t aos_pdu_len; AOS_FrameSecurityTrailer_t aos_sec_trailer; } __attribute__((packed)) AOS_t; #define AOS_SIZE (sizeof(AOS_t)) diff --git a/src/core/crypto.c b/src/core/crypto.c index 1610b55e..8b3e8ac4 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -46,7 +46,7 @@ SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // Reply block for challenged keys uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; CCSDS_t sdls_frame; // TM -uint8_t tm_frame[TM_MAX_FRAME_SIZE]; // TM Global Frame +TM_t tm_frame; // TM Global Frame TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // AOS diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 9aa39638..00489572 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1539,7 +1539,7 @@ void Crypto_TM_Calc_PDU_MAC(uint16_t *pdu_len, uint16_t byte_idx, SecurityAssoci int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint8_t ecs_is_aead_algorithm, uint16_t byte_idx, uint8_t *p_new_dec_frame, uint16_t pdu_len, uint8_t *p_ingest, crypto_key_t *ekp, crypto_key_t *akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len, - uint8_t *aad, uint8_t **pp_processed_frame, uint16_t *p_decrypted_length) + uint8_t *aad, TM_t *pp_processed_frame, uint16_t *p_decrypted_length) { int32_t status = CRYPTO_LIB_SUCCESS; if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) @@ -1576,10 +1576,71 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ printf("\n"); #endif - *pp_processed_frame = p_new_dec_frame; + // pp_processed_frame = p_new_dec_frame; + // TODO maybe not just return this without doing the math ourselves *p_decrypted_length = current_managed_parameters_struct.max_frame_size; + // Copy data into struct + byte_idx = 0; + + // Primary Header + pp_processed_frame->tm_header.tfvn = (p_new_dec_frame[0] & 0xC0) >> 6; + pp_processed_frame->tm_header.scid = (((uint16_t)p_new_dec_frame[0] & 0x3F) << 4) | (((uint16_t)p_new_dec_frame[1] & 0xF0) >> 4); + pp_processed_frame->tm_header.vcid = (p_new_dec_frame[1] & 0x0E) >> 1; + pp_processed_frame->tm_header.ocff = (p_new_dec_frame[1] & 0x01); + pp_processed_frame->tm_header.mcfc = (p_new_dec_frame[2]); + pp_processed_frame->tm_header.vcfc = (p_new_dec_frame[3]); + pp_processed_frame->tm_header.tfsh = (p_new_dec_frame[4] & 0x80) >> 7; + pp_processed_frame->tm_header.sf = (p_new_dec_frame[4] & 0x40) >> 6; + pp_processed_frame->tm_header.pof = (p_new_dec_frame[4] & 0x20) >> 5; + pp_processed_frame->tm_header.slid = ((p_new_dec_frame[4] & 0x18) >> 3); + pp_processed_frame->tm_header.fhp = (((uint16_t)p_new_dec_frame[4] & 0x07) << 8) | p_new_dec_frame[5]; + byte_idx += 6; + + // Security Header + pp_processed_frame->tm_sec_header.spi = (((uint16_t)p_new_dec_frame[byte_idx]) << 8) | ((uint16_t)p_new_dec_frame[byte_idx + 1]); + byte_idx += 2; + for (int i = 0; i < sa_ptr->shivf_len; i++) + { + memcpy(pp_processed_frame->tm_sec_header.iv + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += sa_ptr->shivf_len; + pp_processed_frame->tm_sec_header.iv_field_len = sa_ptr->shivf_len; + for (int i = 0; i < sa_ptr->shsnf_len; i++) + { + memcpy(pp_processed_frame->tm_sec_header.sn + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += sa_ptr->shsnf_len; + pp_processed_frame->tm_sec_header.sn_field_len = sa_ptr->shsnf_len; + for (int i = 0; i < sa_ptr->shplf_len; i++) + { + pp_processed_frame->tm_sec_header.pad += p_new_dec_frame[byte_idx + i]; + } + byte_idx += sa_ptr->shplf_len; + pp_processed_frame->tm_sec_header.pad_field_len = sa_ptr->shplf_len; + + // PDU + memcpy(pp_processed_frame->tm_pdu, &p_new_dec_frame[byte_idx], pdu_len); + pp_processed_frame->tm_pdu_len = pdu_len; + byte_idx += pdu_len; + + // Security Trailer + for (int i = 0; i < sa_ptr->stmacf_len; i++) + { + memcpy(pp_processed_frame->tm_sec_trailer.mac + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += sa_ptr->stmacf_len; + pp_processed_frame->tm_sec_trailer.mac_field_len = sa_ptr->stmacf_len; + for (int i = 0; i < OCF_SIZE; i++) + { + memcpy(pp_processed_frame->tm_sec_trailer.ocf + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += OCF_SIZE; + pp_processed_frame->tm_sec_trailer.ocf_field_len = OCF_SIZE; + pp_processed_frame->tm_sec_trailer.fecf = ((uint16_t)p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; + + #ifdef DEBUG printf(KYEL "----- Crypto_TM_ProcessSecurity END -----\n" RESET); #endif @@ -1627,7 +1688,7 @@ void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, Security * @param len_ingest: int* * @return int32: Success/Failure **/ -int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame, +int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t *pp_processed_frame, uint16_t *p_decrypted_length) { // Local Variables @@ -1663,6 +1724,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_ **/ // Get SPI spi = (uint8_t)p_ingest[byte_idx] << 8 | (uint8_t)p_ingest[byte_idx + 1]; + pp_processed_frame->tm_sec_header.spi = spi; // Move index to past the SPI byte_idx += 2; diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index bcced0a1..91408282 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -389,13 +389,13 @@ UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) ASSERT_EQ(TELEMETRY_FRAME_OCF_CLCW_SIZE, (size_t)4); ASSERT_EQ(TELEMETRY_FRAME_OCF_FSR_SIZE, (size_t)4); ASSERT_EQ(TM_FRAME_PRIMARYHEADER_SIZE, (size_t)6); - ASSERT_EQ(TM_FRAME_SECHEADER_SIZE, (size_t)18); - ASSERT_EQ(TM_FRAME_SECTRAILER_SIZE, (size_t)22); - ASSERT_EQ(TM_SIZE, (size_t)(6 + 18 + 1786 + 22)); + ASSERT_EQ(TM_FRAME_SECHEADER_SIZE, (size_t)38); + ASSERT_EQ(TM_FRAME_SECTRAILER_SIZE, (size_t)24); + ASSERT_EQ(TM_SIZE, (size_t)(6 + 38 + 1786 + 24 + 2)); ASSERT_EQ(AOS_FRAME_PRIMARYHEADER_SIZE, (size_t)8); ASSERT_EQ(AOS_FRAME_SECHEADER_SIZE, (size_t)18); ASSERT_EQ(AOS_FRAME_SECTRAILER_SIZE, (size_t)22); - ASSERT_EQ(AOS_SIZE, (size_t)(8 + 18 + 1786 + 22)); + ASSERT_EQ(AOS_SIZE, (size_t)(8 + 18 + 1786 + 22 + 2)); } #ifndef CRYPTO_EPROC diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 5cd2836e..752c685c 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -36,7 +36,7 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) // Local variables int32_t status = CRYPTO_LIB_ERROR; int framed_tm_len = 0; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; char *framed_tm_h = @@ -101,7 +101,7 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) // (uint8_t)framed_tm_b[1], // (((uint8_t)framed_tm_b[2] & 0xFC) >> 2), map_id, &sa); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); @@ -119,7 +119,6 @@ UTEST(TM_PROCESS_SECURITY, NO_CONFIG) // Local variables int32_t status = CRYPTO_LIB_ERROR; int framed_tm_len = 0; - uint8_t *ptr_processed_frame = NULL; uint16_t processed_tm_len; char *framed_tm_h = @@ -171,7 +170,7 @@ UTEST(TM_PROCESS_SECURITY, NO_CONFIG) // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); printf("STATUS is %d\n", status); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); @@ -192,7 +191,7 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -303,23 +302,25 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + printf("Checking %02x against %02X\n", (uint8_t)tm_frame.tm_pdu[i], (uint8_t)*(truth_tm_b + offset + i)); + ASSERT_EQ((uint8_t)tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); + } /** @@ -333,7 +334,7 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -457,23 +458,25 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", tm_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); + } /** @@ -488,7 +491,7 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -627,19 +630,20 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) // status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, // gvcid_managed_parameters, ¤t_managed_parameters); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); + } /** @@ -650,7 +654,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -797,7 +801,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -805,16 +809,17 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); + } /** @@ -825,7 +830,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // uint8_t map_id = TYPE_TM; // Not used in TM, but simplifies getting SA @@ -975,7 +980,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -983,16 +988,17 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // 2) SPI is zeroed // 3) MAC is zeroed // 4) FECF is zeroed - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); + } /** @@ -1003,7 +1009,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1151,7 +1157,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -1159,16 +1165,16 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); } /** @@ -1179,7 +1185,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1327,7 +1333,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -1335,16 +1341,16 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); } /** @@ -1355,7 +1361,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1506,7 +1512,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -1514,16 +1520,16 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); } /** @@ -1534,7 +1540,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1685,7 +1691,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -1693,16 +1699,16 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - free(ptr_processed_frame); } /** @@ -1714,7 +1720,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // SecurityAssociation_t *sa_ptr = NULL; @@ -1833,15 +1839,15 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) ekp = key_if->get_key(test_association->ekid); ekp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - printf("Decrypted frame contents:\n\t"); - for (int i = 0; i < 1786; i++) - { - printf("%02x", ptr_processed_frame[i]); - // ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - } + // printf("Decrypted frame contents:\n\t"); + // for (int i = 0; i < 1786; i++) + // { + // printf("%02x", ptr_processed_frame[i]); + // // ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + // } printf("\n Truth Contents\n\t"); for (int i = 0; i < 1786; i++) @@ -1854,10 +1860,11 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) printf("\n"); printf("\nDoing final checks:\n\t"); - for (int i = 0; i < 1786; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + test_association->shsnf_len + test_association->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { - printf("%02x", ptr_processed_frame[i]); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + printf("%02x", tm_frame.tm_pdu[i]); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } printf("\n\n"); @@ -1876,7 +1883,7 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // SecurityAssociation_t *sa_ptr = NULL; @@ -2021,20 +2028,21 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) // hex_conversion(iv_h, &iv_b, &iv_len); // memcpy(test_association->iv, iv_b, iv_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - printf("Decrypted frame contents:\n\t"); - for (int i = 0; i < 1786; i++) - { - printf("%02x", ptr_processed_frame[i]); - } + // printf("Decrypted frame contents:\n\t"); + // for (int i = 0; i < 1786; i++) + // { + // printf("%02x", ptr_processed_frame[i]); + // } printf("\nDoing final checks:\n\t"); - for (int i = 0; i < 1786; i++) + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + test_association->shsnf_len + test_association->shplf_len; + for (int i = 0; i < tm_frame.tm_pdu_len; i++) { - printf("%02x", ptr_processed_frame[i]); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); + printf("%02x", tm_frame.tm_pdu[i]); + ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) *(truth_tm_b + offset + i)); } printf("\n\n"); @@ -2049,7 +2057,7 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -2073,19 +2081,18 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); Crypto_Shutdown(); free(framed_tm_b); - free(ptr_processed_frame); } UTEST(TM_PROCESS, TM_OCF_TEST) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -2116,21 +2123,20 @@ UTEST(TM_PROCESS, TM_OCF_TEST) sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("FSR: %08X\n", Crypto_Get_FSR()); Crypto_Shutdown(); free(framed_tm_b); - free(ptr_processed_frame); } UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -2164,7 +2170,7 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); free(framed_tm_b); @@ -2175,7 +2181,7 @@ UTEST(TM_PROCESS, TM_KEY_STATE_TEST) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -2214,7 +2220,7 @@ UTEST(TM_PROCESS, TM_KEY_STATE_TEST) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_DEACTIVATED; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); free(framed_tm_b); @@ -2228,7 +2234,7 @@ UTEST(TM_PROCESS, TM_PROCESS_HEAP_UNDERFLOW_TEST) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -2257,7 +2263,7 @@ UTEST(TM_PROCESS, TM_PROCESS_HEAP_UNDERFLOW_TEST) ekp = key_if->get_key(sa_ptr->ekid); ekp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW, status); free(framed_tm_b); @@ -2272,7 +2278,7 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_OVERFLOW_TEST) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -2292,7 +2298,7 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_OVERFLOW_TEST) int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_TM_SECONDARY_HDR_SIZE, status); free(framed_tm_b); @@ -2306,7 +2312,7 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_Spec_Violation) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -2327,7 +2333,7 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_Spec_Violation) int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_TM_SECONDARY_HDR_VN, status); free(framed_tm_b); @@ -2341,7 +2347,7 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_One_Too_Big) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_tm_len; // Configure Parameters @@ -2362,7 +2368,7 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_One_Too_Big) int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_TM_SECONDARY_HDR_SIZE, status); free(framed_tm_b); From fdfdf37ddfadb83b4023e3d25019ec65fbae574f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Jun 2025 17:51:14 +0000 Subject: [PATCH 02/37] [nasa/cryptolib#471] Resolved memory leaks --- include/crypto.h | 2 +- src/core/crypto.c | 2 +- src/core/crypto_tm.c | 22 +++- test/unit/ut_tm_process.c | 223 +++++++++++++++++++++++++------------- 4 files changed, 168 insertions(+), 81 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 724d99e9..67cdf0fc 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -312,7 +312,7 @@ extern char *crypto_deep_copy_string(char *src_string); extern CCSDS_t sdls_frame; extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; extern uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; -extern TM_t tm_frame; +//extern TM_t tm_frame; //extern uint8_t tm_frame[1786]; extern TM_FramePrimaryHeader_t tm_frame_pri_hdr; extern TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication diff --git a/src/core/crypto.c b/src/core/crypto.c index d30c8013..a687f41a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -46,7 +46,7 @@ SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // Reply block for challenged keys uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; CCSDS_t sdls_frame; // TM -TM_t tm_frame; // TM Global Frame +//TM_t tm_frame; // TM Global Frame TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // AOS diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 4a064117..1ba6b288 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1633,14 +1633,24 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ } byte_idx += sa_ptr->stmacf_len; pp_processed_frame->tm_sec_trailer.mac_field_len = sa_ptr->stmacf_len; - for (int i = 0; i < OCF_SIZE; i++) + if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { - memcpy(pp_processed_frame->tm_sec_trailer.ocf + i, &p_new_dec_frame[byte_idx + i], 1); + for (int i = 0; i < OCF_SIZE; i++) + { + memcpy(pp_processed_frame->tm_sec_trailer.ocf + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += OCF_SIZE; + pp_processed_frame->tm_sec_trailer.ocf_field_len = OCF_SIZE; } - byte_idx += OCF_SIZE; - pp_processed_frame->tm_sec_trailer.ocf_field_len = OCF_SIZE; - pp_processed_frame->tm_sec_trailer.fecf = ((uint16_t)p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; - + else + { + pp_processed_frame->tm_sec_trailer.ocf_field_len = 0; + } + if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + { + pp_processed_frame->tm_sec_trailer.fecf = ((uint16_t)p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; + } + free(p_new_dec_frame); #ifdef DEBUG printf(KYEL "----- Crypto_TM_ProcessSecurity END -----\n" RESET); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 0c694de3..69fce4e5 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -39,6 +39,10 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) uint16_t processed_tm_len; + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + char *framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -101,12 +105,13 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) // (uint8_t)framed_tm_b[1], // (((uint8_t)framed_tm_b[2] & 0xFC) >> 2), map_id, &sa); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_tm_b); + free(tm_frame); Crypto_Shutdown(); } @@ -121,6 +126,10 @@ UTEST(TM_PROCESS_SECURITY, NO_CONFIG) int framed_tm_len = 0; uint16_t processed_tm_len; + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + char *framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -170,13 +179,14 @@ UTEST(TM_PROCESS_SECURITY, NO_CONFIG) // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); printf("STATUS is %d\n", status); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_h, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_tm_b); + free(tm_frame); Crypto_Shutdown(); } @@ -208,6 +218,10 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + // Test frame setup // Note: SPI 5 (0x05) char *framed_tm_h = @@ -302,7 +316,7 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = @@ -311,16 +325,16 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) // Now, byte by byte verify the static frame in memory is equivalent to what we started with uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { - printf("Checking %02x against %02X\n", (uint8_t)tm_frame.tm_pdu[i], (uint8_t)*(truth_tm_b + offset + i)); - ASSERT_EQ((uint8_t)tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + printf("Checking %02x against %02X\n", (uint8_t)tm_frame->tm_pdu[i], (uint8_t)*(truth_tm_b + offset + i)); + ASSERT_EQ((uint8_t)tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - + free(tm_frame); } /** @@ -458,7 +472,11 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = @@ -467,16 +485,16 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) // Now, byte by byte verify the static frame in memory is equivalent to what we started with uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", tm_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - + free(tm_frame); } /** @@ -589,8 +607,9 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max - memcpy(&tm_frame, framed_tm_b, framed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -630,20 +649,20 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) // status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, // gvcid_managed_parameters, ¤t_managed_parameters); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - + free(tm_frame); } /** @@ -753,9 +772,6 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max - memcpy(&tm_frame, framed_tm_b, framed_tm_len); - // Expose/setup SA for testing // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); @@ -798,10 +814,14 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -810,16 +830,16 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - + free(tm_frame); } /** @@ -931,9 +951,6 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max - memcpy(&tm_frame, framed_tm_b, framed_tm_len); - // Expose/setup SA for testing // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); @@ -977,10 +994,14 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -989,16 +1010,16 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // 3) MAC is zeroed // 4) FECF is zeroed uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); - + free(tm_frame); } /** @@ -1108,9 +1129,6 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max - memcpy(&tm_frame, framed_tm_b, framed_tm_len); - // Expose/setup SA for testing // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); @@ -1154,10 +1172,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -1166,15 +1188,16 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); + free(tm_frame); } /** @@ -1284,9 +1307,6 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max - memcpy(&tm_frame, framed_tm_b, framed_tm_len); - // Expose/setup SA for testing // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); @@ -1330,10 +1350,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -1342,15 +1366,16 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); + free(tm_frame); } /** @@ -1462,9 +1487,6 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max - memcpy(&tm_frame, framed_tm_b, framed_tm_len); - // Expose/setup SA for testing // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); @@ -1509,10 +1531,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -1521,15 +1547,16 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); + free(tm_frame); } /** @@ -1641,9 +1668,6 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); - // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max - memcpy(&tm_frame, framed_tm_b, framed_tm_len); - // Expose/setup SA for testing // Configure SA 12 sa_if->sa_get_from_spi(12, &sa_ptr); @@ -1688,10 +1712,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + // Pass these references to ProcessSecurity to avoid duplications of call in real setup onboard // e.g. so TO doesn't make the call, and then it's doubled within ProcessSecurity // managed_parameters are a global, don't need passed - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Byte by byte verify: @@ -1700,15 +1728,16 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); + free(tm_frame); } /** @@ -1839,7 +1868,11 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) ekp = key_if->get_key(test_association->ekid); ekp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // printf("Decrypted frame contents:\n\t"); @@ -1861,17 +1894,17 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) printf("\nDoing final checks:\n\t"); uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + test_association->shsnf_len + test_association->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { - printf("%02x", tm_frame.tm_pdu[i]); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); + printf("%02x", tm_frame->tm_pdu[i]); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } printf("\n\n"); free(truth_tm_b); free(framed_tm_b); - free(ptr_processed_frame); + free(tm_frame); // free(iv_b); } @@ -2029,7 +2062,11 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) // hex_conversion(iv_h, &iv_b, &iv_len); // memcpy(test_association->iv, iv_b, iv_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // printf("Decrypted frame contents:\n\t"); @@ -2040,10 +2077,10 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) printf("\nDoing final checks:\n\t"); uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + test_association->shsnf_len + test_association->shplf_len; - for (int i = 0; i < tm_frame.tm_pdu_len; i++) + for (int i = 0; i < tm_frame->tm_pdu_len; i++) { - printf("%02x", tm_frame.tm_pdu[i]); - ASSERT_EQ(tm_frame.tm_pdu[i], (uint8_t) *(truth_tm_b + offset + i)); + printf("%02x", tm_frame->tm_pdu[i]); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) *(truth_tm_b + offset + i)); } printf("\n\n"); @@ -2051,7 +2088,7 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) Crypto_Shutdown(); free(truth_tm_b); free(framed_tm_b); - free(ptr_processed_frame); + free(tm_frame); // free(iv_b); } @@ -2083,11 +2120,16 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); Crypto_Shutdown(); free(framed_tm_b); + free(tm_frame); } UTEST(TM_PROCESS, TM_OCF_TEST) @@ -2111,6 +2153,10 @@ UTEST(TM_PROCESS, TM_OCF_TEST) status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + // Test frame setup char *framed_tm_h = "02C0000D180000000000DEADBEEFFFFF"; char *framed_tm_b = NULL; @@ -2125,13 +2171,14 @@ UTEST(TM_PROCESS, TM_OCF_TEST) sa_if->sa_get_from_spi(0, &test_association); test_association->sa_state = SA_OPERATIONAL; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("FSR: %08X\n", Crypto_Get_FSR()); Crypto_Shutdown(); free(framed_tm_b); + free(tm_frame); } UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) @@ -2172,10 +2219,15 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); free(framed_tm_b); + free(tm_frame); Crypto_Shutdown(); } @@ -2222,10 +2274,15 @@ UTEST(TM_PROCESS, TM_KEY_STATE_TEST) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_DEACTIVATED; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); free(framed_tm_b); + free(tm_frame); Crypto_Shutdown(); } @@ -2265,10 +2322,15 @@ UTEST(TM_PROCESS, TM_PROCESS_HEAP_UNDERFLOW_TEST) ekp = key_if->get_key(sa_ptr->ekid); ekp->key_state = KEY_ACTIVE; - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW, status); free(framed_tm_b); + free(tm_frame); Crypto_Shutdown(); } @@ -2300,10 +2362,15 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_OVERFLOW_TEST) int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_TM_SECONDARY_HDR_SIZE, status); free(framed_tm_b); + free(tm_frame); Crypto_Shutdown(); } @@ -2335,10 +2402,15 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_Spec_Violation) int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_TM_SECONDARY_HDR_VN, status); free(framed_tm_b); + free(tm_frame); Crypto_Shutdown(); } @@ -2370,10 +2442,15 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_One_Too_Big) int framed_tm_len = 0; hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &tm_frame, &processed_tm_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + + status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_ERR_TM_SECONDARY_HDR_SIZE, status); free(framed_tm_b); + free(tm_frame); Crypto_Shutdown(); } From 048bc8a94521505d9e613ef511f10db381a8f377 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Jun 2025 21:17:01 +0000 Subject: [PATCH 03/37] [nasa/cryptolib#471] AOS return struct and resolved memory leaks --- include/crypto.h | 2 +- include/crypto_config.h | 1 + include/crypto_structs.h | 36 ++-- src/core/crypto_aos.c | 116 ++++++++++--- src/core/crypto_tm.c | 4 +- test/unit/ut_aos_process.c | 325 +++++++++++++++++++++++-------------- test/unit/ut_crypto.c | 6 +- 7 files changed, 324 insertions(+), 166 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 67cdf0fc..12fd8eab 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -171,7 +171,7 @@ extern int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, // Advanced Orbiting Systems (AOS) extern int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest); -extern int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame, +extern int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t *pp_processed_frame, uint16_t *p_decrypted_length); // Crypo Error Support Functions diff --git a/include/crypto_config.h b/include/crypto_config.h index d4bba63f..f38911fe 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -134,6 +134,7 @@ #define BYTE_LEN 8 /* bits */ #define CRYPTOLIB_APPID 128 #define MAX_IV_LEN 32 /* bytes */ +#define MAX_IZ_LEN 32 // Configurable via build flags #ifndef NUM_SA diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 747d315e..9438ad8a 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -518,7 +518,7 @@ typedef struct uint16_t fhp : 11; // First Header Pointer // Sync Flag 0 = Contains position of the first byte of the first packet in the data field // Sync Flag 1 = undefined -} TM_FramePrimaryHeader_t; +} __attribute__((packed)) TM_FramePrimaryHeader_t; #define TM_FRAME_PRIMARYHEADER_SIZE (sizeof(TM_FramePrimaryHeader_t)) /* @@ -533,7 +533,7 @@ typedef struct uint8_t sn_field_len; uint8_t pad; // Count of the used fill Bytes uint8_t pad_field_len; -} TM_FrameSecurityHeader_t; +} __attribute__((packed)) TM_FrameSecurityHeader_t; #define TM_FRAME_SECHEADER_SIZE (sizeof(TM_FrameSecurityHeader_t)) /* @@ -546,7 +546,7 @@ typedef struct uint8_t ocf[OCF_SIZE]; // Operational Control Field uint8_t ocf_field_len; uint16_t fecf; // Frame Error Control Field -} TM_FrameSecurityTrailer_t; +} __attribute__((packed)) TM_FrameSecurityTrailer_t; #define TM_FRAME_SECTRAILER_SIZE (sizeof(TM_FrameSecurityTrailer_t)) /* @@ -560,11 +560,10 @@ typedef struct uint8_t tm_pdu[TM_FRAME_DATA_SIZE]; uint16_t tm_pdu_len; TM_FrameSecurityTrailer_t tm_sec_trailer; -} TM_t; +} __attribute__((packed)) TM_t; #define TM_SIZE (sizeof(TM_t)) -#define TM_MIN_SIZE \ - (TM_FRAME_PRIMARYHEADER_SIZE + TM_FRAME_SECHEADER_SIZE + TM_FRAME_SECTRAILER_SIZE + TM_FRAME_CLCW_SIZE) +#define TM_MIN_SIZE 7 /* ** Advanced Orbiting Systems (AOS) Definitions @@ -591,10 +590,8 @@ typedef struct uint8_t vfcc : 4; // VC Frame Count cycle // Sync Flag 0 = Shall be 11 // Sync Flag 1 = Undefined - uint16_t fhp : 16; // First Header Pointer - // Sync Flag 0 = Contains position of the first byte of the first packet in the data field - // Sync Flag 1 = undefined -} AOS_FramePrimaryHeader_t; + uint16_t fhecf : 16; // Frame header error control field +} __attribute__((packed)) AOS_FramePrimaryHeader_t; #define AOS_FRAME_PRIMARYHEADER_SIZE (sizeof(AOS_FramePrimaryHeader_t)) /* @@ -602,9 +599,15 @@ typedef struct */ typedef struct { - uint16_t spi; // Security Parameter Index - uint8_t iv[IV_SIZE]; // Initialization Vector for encryption -} AOS_FrameSecurityHeader_t; + uint8_t iz[MAX_IZ_LEN]; + uint16_t spi; // Security Parameter Index + uint8_t iv[IV_SIZE]; // Initialization Vector for encryption + uint8_t iv_field_len; + uint8_t sn[SN_SIZE]; // Sequence Number for anti-replay + uint8_t sn_field_len; + uint8_t pad; // Count of the used fill Bytes + uint8_t pad_field_len; +} __attribute__((packed)) AOS_FrameSecurityHeader_t; #define AOS_FRAME_SECHEADER_SIZE (sizeof(AOS_FrameSecurityHeader_t)) /* @@ -613,9 +616,11 @@ typedef struct typedef struct { uint8_t mac[MAC_SIZE]; // Message Authentication Code + uint8_t mac_field_len; uint8_t ocf[OCF_SIZE]; // Operational Control Field + uint8_t ocf_field_len; uint16_t fecf; // Frame Error Control Field -} AOS_FrameSecurityTrailer_t; +} __attribute__((packed)) AOS_FrameSecurityTrailer_t; #define AOS_FRAME_SECTRAILER_SIZE (sizeof(AOS_FrameSecurityTrailer_t)) /* @@ -632,7 +637,6 @@ typedef struct } __attribute__((packed)) AOS_t; #define AOS_SIZE (sizeof(AOS_t)) -#define AOS_MIN_SIZE \ - (AOS_FRAME_PRIMARYHEADER_SIZE + AOS_FRAME_SECHEADER_SIZE + AOS_FRAME_SECTRAILER_SIZE + AOS_FRAME_OCF_SIZE) +#define AOS_MIN_SIZE 7 #endif // CRYPTO_STRUCTS_H \ No newline at end of file diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index a98f0673..f3a35de6 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -807,7 +807,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) * * CCSDS Compliance: CCSDS 355.0-B-2 Section 5 (AOS Protocol), CCSDS 732.0-B-4 **/ -int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame, +int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t *pp_processed_frame, uint16_t *p_decrypted_length) { // Local Variables @@ -1115,12 +1115,12 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 } // Increment byte_idx past Security Header Fields based on SA values byte_idx += sa_ptr->shivf_len; - byte_idx += (sa_ptr->arsn_len - sa_ptr->shsnf_len); + byte_idx += sa_ptr->shsnf_len; byte_idx += sa_ptr->shplf_len; #ifdef SA_DEBUG printf(KYEL "IV length of %d bytes\n" RESET, sa_ptr->shivf_len); - printf(KYEL "ARSN length of %d bytes\n" RESET, sa_ptr->arsn_len - sa_ptr->shsnf_len); + printf(KYEL "SHSNF length of %d bytes\n" RESET, sa_ptr->shsnf_len); printf(KYEL "PAD length field of %d bytes\n" RESET, sa_ptr->shplf_len); printf(KYEL "First byte past Security Header is at index %d\n" RESET, byte_idx); #endif @@ -1398,10 +1398,99 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 printf("\n"); #endif - *pp_processed_frame = p_new_dec_frame; // TODO maybe not just return this without doing the math ourselves *p_decrypted_length = current_managed_parameters_struct.max_frame_size; + // Copy data into struct + byte_idx = 0; + + // Primary Header + pp_processed_frame->aos_header.tfvn = (p_new_dec_frame[0] & 0xC0) >> 6; + pp_processed_frame->aos_header.scid = (((uint16_t)p_new_dec_frame[0] & 0x3F) << 2) | (((uint16_t)p_new_dec_frame[1] & 0xC0) >> 6); + pp_processed_frame->aos_header.vcid = (p_new_dec_frame[1] & 0x3F); + pp_processed_frame->aos_header.vcfc = (p_new_dec_frame[2] << 16) | (p_new_dec_frame[3] << 8) | (p_new_dec_frame[4]); + pp_processed_frame->aos_header.rf = (p_new_dec_frame[5] & 0x80) >> 7; + pp_processed_frame->aos_header.sf = (p_new_dec_frame[5] & 0x40) >> 6; + pp_processed_frame->aos_header.spare = (p_new_dec_frame[5] & 0x30) >> 4; + pp_processed_frame->aos_header.vfcc = (p_new_dec_frame[5] & 0x0F); + if (current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) + { + pp_processed_frame->aos_header.fhecf = (p_new_dec_frame[6] << 8) | p_new_dec_frame[7]; + byte_idx += 8; + } + else + { + byte_idx += 6; + } + + // Security Header + if (current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) + { + for (int i = 0; i < current_managed_parameters_struct.aos_iz_len; i++) + { + memcpy(pp_processed_frame->aos_sec_header.iz + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += current_managed_parameters_struct.aos_iz_len; + } + + pp_processed_frame->aos_sec_header.spi = (((uint16_t)p_new_dec_frame[byte_idx]) << 8) | ((uint16_t)p_new_dec_frame[byte_idx + 1]); + byte_idx += 2; + + for (int i = 0; i < sa_ptr->shivf_len; i++) + { + memcpy(pp_processed_frame->aos_sec_header.iv + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += sa_ptr->shivf_len; + pp_processed_frame->aos_sec_header.iv_field_len = sa_ptr->shivf_len; + + for (int i = 0; i < sa_ptr->shsnf_len; i++) + { + memcpy(pp_processed_frame->aos_sec_header.sn + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += sa_ptr->shsnf_len; + pp_processed_frame->aos_sec_header.sn_field_len = sa_ptr->shsnf_len; + + for (int i = 0; i < sa_ptr->shplf_len; i++) + { + pp_processed_frame->aos_sec_header.pad += (p_new_dec_frame[byte_idx + i] << ((sa_ptr->shplf_len - 1 - i) * 8)); + } + byte_idx += sa_ptr->shplf_len; + pp_processed_frame->aos_sec_header.pad_field_len = sa_ptr->shplf_len; + + // PDU + memcpy(pp_processed_frame->aos_pdu, &p_new_dec_frame[byte_idx], pdu_len); + pp_processed_frame->aos_pdu_len = pdu_len; + byte_idx += pdu_len; + + // Security Trailer + for (int i = 0; i < sa_ptr->stmacf_len; i++) + { + memcpy(pp_processed_frame->aos_sec_trailer.mac + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += sa_ptr->stmacf_len; + pp_processed_frame->aos_sec_trailer.mac_field_len = sa_ptr->stmacf_len; + + if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + { + for (int i = 0; i < OCF_SIZE; i++) + { + memcpy(pp_processed_frame->aos_sec_trailer.ocf + i, &p_new_dec_frame[byte_idx + i], 1); + } + byte_idx += OCF_SIZE; + pp_processed_frame->aos_sec_trailer.ocf_field_len = OCF_SIZE; + } + else + { + pp_processed_frame->aos_sec_trailer.ocf_field_len = 0; + } + + if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + { + printf("Byte_idx: %d\n", byte_idx); + pp_processed_frame->aos_sec_trailer.fecf = (uint16_t)(p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; + } + free(p_new_dec_frame); + #ifdef DEBUG printf(KYEL "----- Crypto_AOS_ProcessSecurity END -----\n" RESET); #endif @@ -1409,25 +1498,6 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 return status; } -/** - * @brief Function: Crypto_Get_aosLength - * Returns the total length of the current aos_frame in BYTES! - * @param len: int - * @return int32_t Length of AOS - * - * CCSDS Compliance: CCSDS 732.0-B-4 Section 4.1 (AOS Transfer Frame Format) - **/ -int32_t Crypto_Get_aosLength(int len) -{ -#ifdef FILL - len = AOS_FILL_SIZE; -#else - len = - AOS_FRAME_PRIMARYHEADER_SIZE + AOS_FRAME_SECHEADER_SIZE + len + AOS_FRAME_SECTRAILER_SIZE + AOS_FRAME_CLCW_SIZE; -#endif - - return len; -} /** * @brief Function: Crypto_Prepare_AOS_AAD diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 1ba6b288..bc9f0e05 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1825,12 +1825,12 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * } // Increment byte_idx past Security Header Fields based on SA values byte_idx += sa_ptr->shivf_len; - byte_idx += (sa_ptr->arsn_len - sa_ptr->shsnf_len); + byte_idx += sa_ptr->shsnf_len; byte_idx += sa_ptr->shplf_len; #ifdef SA_DEBUG printf(KYEL "IV length of %d bytes\n" RESET, sa_ptr->shivf_len); - printf(KYEL "ARSN length of %d bytes\n" RESET, sa_ptr->arsn_len - sa_ptr->shsnf_len); + printf(KYEL "SHSNF length of %d bytes\n" RESET, sa_ptr->shsnf_len); printf(KYEL "PAD length field of %d bytes\n" RESET, sa_ptr->shplf_len); printf(KYEL "First byte past Security Header is at index %d\n" RESET, byte_idx); #endif diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index ec291095..5677657f 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -39,7 +39,6 @@ UTEST(AOS_PROCESS, NO_CONFIG) // Local variables int32_t status = CRYPTO_LIB_ERROR; int framed_aos_len = 0; - uint8_t *ptr_processed_frame = NULL; uint16_t processed_aos_len; char *framed_aos_h = @@ -79,14 +78,19 @@ UTEST(AOS_PROCESS, NO_CONFIG) char *framed_aos_b = NULL; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_aos_b); + free(aos_frame); Crypto_Shutdown(); } @@ -100,7 +104,7 @@ UTEST(AOS_PROCESS, NO_INIT) // Local variables int32_t status = CRYPTO_LIB_ERROR; int framed_aos_len = 0; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // No Crypto_Init(), but we still Configure It: @@ -162,14 +166,19 @@ UTEST(AOS_PROCESS, NO_INIT) ASSERT_EQ(aos_frame_pri_hdr.scid, 0x03); // SCID 3 ASSERT_EQ(aos_frame_pri_hdr.vcid, 0x00); // VCID 0 + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); ASSERT_STREQ("CRYPTO_LIB_ERR_NO_CONFIG", error_enum); free(framed_aos_b); + free(aos_frame); Crypto_Shutdown(); } @@ -184,7 +193,7 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Configure Parameters @@ -193,7 +202,7 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -289,25 +298,30 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->arsn_len = 0; sa_ptr->shsnf_len = 0; + + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } // /** @@ -322,7 +336,7 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Configure Parameters @@ -422,8 +436,12 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) sa_ptr->arsn_len = 0; sa_ptr->shsnf_len = 0; + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = @@ -431,16 +449,17 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + 2 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", aos_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", aos_frame[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ(aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } /** @@ -454,7 +473,7 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Configure Parameters @@ -463,7 +482,7 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -559,24 +578,29 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) sa_ptr->arsn_len = 0; sa_ptr->shsnf_len = 0; + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + 10 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t)truth_aos_b[i]); + printf("Checking %02x against %02X\n", aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); + ASSERT_EQ(aos_frame->aos_pdu[i], (uint8_t)truth_aos_b[i + offset]); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } /** @@ -590,7 +614,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -663,6 +687,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) sa_ptr->gvcid_blk.scid = 0x44; sa_ptr->iv_len = 0; sa_ptr->shivf_len = 0; + sa_ptr->shplf_len = 0; // Truth frame setup char *truth_aos_h = @@ -703,24 +728,29 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } /** @@ -736,7 +766,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -746,7 +776,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -812,7 +842,8 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) sa_ptr->gvcid_blk.scid = 0x44; sa_ptr->iv_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->shsnf_len = 2; + sa_ptr->arsn_len = 2; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones // Truth frame setup @@ -854,24 +885,29 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } /** @@ -885,7 +921,7 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -895,7 +931,7 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -1000,27 +1036,32 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) sa_ptr->gvcid_blk.scid = 0x44; sa_ptr->iv_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->shsnf_len = 2; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of zeros + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } /** @@ -1036,7 +1077,7 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1046,7 +1087,7 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -1148,27 +1189,32 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) sa_ptr->gvcid_blk.scid = 0x44; sa_ptr->iv_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->shsnf_len = 2; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } /** @@ -1182,7 +1228,7 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1192,7 +1238,7 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -1298,27 +1344,32 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) sa_ptr->gvcid_blk.scid = 0x44; sa_ptr->iv_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->shsnf_len = 2; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of zeros + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } /** @@ -1332,7 +1383,7 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1342,7 +1393,7 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -1448,27 +1499,32 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) sa_ptr->gvcid_blk.scid = 0x44; sa_ptr->iv_len = 0; sa_ptr->shivf_len = 0; - sa_ptr->shsnf_len = 0; + sa_ptr->shsnf_len = 2; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } /** @@ -1480,7 +1536,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Setup & Initialize CryptoLib @@ -1488,7 +1544,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -1626,19 +1682,23 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) hex_conversion(iv_h, &iv_b, &iv_len); memcpy(test_association->iv, iv_b, iv_len); + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // printf("Decrypted frame contents:\n\t"); - // for (int i = 0; i < 1786; i++) + // for (int i = 0; i < aos_frame->aos_pdu_len; i++) // { - // printf("%02x", ptr_processed_frame[i]); - // // ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); + // printf("%02x", aos_frame->aos_pdu[i]); + // // ASSERT_EQ(aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); // } // printf("\n Truth Contents\n\t"); - // for (int i = 0; i < 1786; i++) + // for (int i = 0; i < aos_frame->aos_pdu_len; i++) // { // // printf("[%d]: %02x -> %02x \n", i, aos_frame[i], truth_aos_b[i]); // printf("%02x", (uint8_t)*(truth_aos_b+i)); @@ -1648,15 +1708,16 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // printf("\n"); // printf("\nDoing final checks:\n\t"); - for (int i = 0; i < 1786; i++) + uint16_t offset = 6 + SPI_LEN + test_association->shivf_len + test_association->shsnf_len + test_association->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("%02x", ptr_processed_frame[i]); - ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("%02x", aos_frame->aos_pdu[i]); + ASSERT_EQ(aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } // printf("\n\n"); Crypto_Shutdown(); - free(ptr_processed_frame); + free(aos_frame); free(truth_aos_b); free(framed_aos_b); free(iv_b); @@ -1675,7 +1736,7 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1685,7 +1746,7 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -1790,28 +1851,33 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) sa_ptr->gvcid_blk.scid = 44; sa_ptr->iv_len = 16; sa_ptr->shivf_len = 16; - sa_ptr->shsnf_len = 0; + sa_ptr->shsnf_len = 2; sa_ptr->shplf_len = 0; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < aos_frame->aos_pdu_len; i++) { - // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); - free(ptr_processed_frame); + free(aos_frame); } UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) @@ -1820,7 +1886,7 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Configure Parameters @@ -1829,7 +1895,7 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -1843,13 +1909,17 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); Crypto_Shutdown(); free(framed_aos_b); - free(ptr_processed_frame); + free(aos_frame); } UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) @@ -1858,7 +1928,7 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Configure Parameters @@ -1867,7 +1937,7 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 18, AOS_NO_OCF, 1}; @@ -1896,13 +1966,17 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_ACTIVE; + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); Crypto_Shutdown(); free(framed_aos_b); - free(ptr_processed_frame); + free(aos_frame); } UTEST(AOS_PROCESS, AOS_OCF_TEST) @@ -1911,7 +1985,7 @@ UTEST(AOS_PROCESS, AOS_OCF_TEST) // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Configure Parameters @@ -1945,22 +2019,26 @@ UTEST(AOS_PROCESS, AOS_OCF_TEST) sa_ptr->arsnw_len = 0; sa_ptr->arsn_len = 0; + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("FSR: %08X\n", Crypto_Get_FSR()); Crypto_Shutdown(); free(framed_aos_b); - free(ptr_processed_frame); + free(aos_frame); } UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Configure Parameters @@ -1969,7 +2047,7 @@ UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 18, AOS_NO_OCF, 1}; @@ -1982,6 +2060,7 @@ UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + printf("FL: %d", framed_aos_len); SecurityAssociation_t *sa_ptr = NULL; sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 @@ -2001,13 +2080,17 @@ UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_DEACTIVATED; + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); Crypto_Shutdown(); free(framed_aos_b); - free(ptr_processed_frame); + free(aos_frame); } UTEST(AOS_PROCESS, AOS_PROCESS_HEAP_UNDERFLOW_TEST) @@ -2015,7 +2098,7 @@ UTEST(AOS_PROCESS, AOS_PROCESS_HEAP_UNDERFLOW_TEST) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; // Configure Parameters @@ -2024,7 +2107,7 @@ UTEST(AOS_PROCESS, AOS_PROCESS_HEAP_UNDERFLOW_TEST) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x0003, 0, AOS_NO_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -2049,14 +2132,18 @@ UTEST(AOS_PROCESS, AOS_PROCESS_HEAP_UNDERFLOW_TEST) ekp = key_if->get_key(sa_ptr->ekid); ekp->key_state = KEY_ACTIVE; + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_AOS_FL_LT_MAX_FRAME_SIZE, status); Crypto_Shutdown(); free(framed_aos_b); - free(ptr_processed_frame); + free(aos_frame); } UTEST(AOS_PROCESS, AOS_FHECF_TEST) @@ -2064,14 +2151,9 @@ UTEST(AOS_PROCESS, AOS_FHECF_TEST) remove("sa_save_file.bin"); // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; - uint8_t *ptr_processed_frame = NULL; + uint16_t processed_aos_len; - for (int i = 0; i < RS_PARITY; i++) - { - printf("Parity[%d] is: %01X\n", i, parity[i]); - } - // Configure Parameters Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, @@ -2104,19 +2186,20 @@ UTEST(AOS_PROCESS, AOS_FHECF_TEST) ekp = key_if->get_key(sa_ptr->ekid); ekp->key_state = KEY_ACTIVE; + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - for (int i = 6; i < 6 + (RS_PARITY / 2); i++) // bytes 6-8 of header - { - printf("Framed: %02x\nProcessed: %02x\n", (uint8_t) * (framed_aos_b + i), (uint8_t)ptr_processed_frame[i]); - ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (framed_aos_b + i)); - } + printf("Framed: %04x\nProcessed: %04x\n", (uint16_t)(((uint8_t)framed_aos_b[6] << 8) | (uint8_t)framed_aos_b[7]) , aos_frame->aos_header.fhecf); + ASSERT_EQ(aos_frame->aos_header.fhecf, (uint16_t)(((uint8_t)framed_aos_b[6] << 8) | (uint8_t)framed_aos_b[7])); Crypto_Shutdown(); free(framed_aos_b); - free(ptr_processed_frame); + free(aos_frame); } UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index e42b6483..220e0403 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -395,9 +395,9 @@ UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) ASSERT_EQ(TM_FRAME_SECTRAILER_SIZE, (size_t)24); ASSERT_EQ(TM_SIZE, (size_t)(6 + 38 + 1786 + 24 + 2)); ASSERT_EQ(AOS_FRAME_PRIMARYHEADER_SIZE, (size_t)8); - ASSERT_EQ(AOS_FRAME_SECHEADER_SIZE, (size_t)18); - ASSERT_EQ(AOS_FRAME_SECTRAILER_SIZE, (size_t)22); - ASSERT_EQ(AOS_SIZE, (size_t)(8 + 18 + 1786 + 22 + 2)); + ASSERT_EQ(AOS_FRAME_SECHEADER_SIZE, (size_t)70); + ASSERT_EQ(AOS_FRAME_SECTRAILER_SIZE, (size_t)24); + ASSERT_EQ(AOS_SIZE, (size_t)(8 + 70 + 1786 + 24 + 2)); } #ifndef CRYPTO_EPROC From b0aef339ee377aa83084706af9d1228d378ddbac Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Jun 2025 21:46:49 +0000 Subject: [PATCH 04/37] [nasa/cryptolib#471] Add TM struct print --- src/core/crypto_print.c | 31 ++++++++++++++++++++++++++++--- test/unit/ut_tm_process.c | 25 ++++++++++++++++++++++++- 2 files changed, 52 insertions(+), 4 deletions(-) diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index eadae288..b39dbbb0 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -60,13 +60,38 @@ void Crypto_tcPrint(TC_t *tc_frame) * Prints the current TM in memory. * @param tm_frame: TM_t* **/ -// TODO - START HERE WORK ON PRINT HERE void Crypto_tmPrint(TM_t *tm_frame) { - tm_frame = tm_frame; printf("Current TM in memory is: \n"); printf("\t Header\n"); - printf("\t**** THIS IS BLANKED OUT CURRENTLY!!!!!!!***\n"); + printf("\t\t tfvn = %d \n", tm_frame->tm_header.tfvn); + printf("\t\t scid = %d \n", tm_frame->tm_header.scid); + printf("\t\t vcid = %d \n", tm_frame->tm_header.vcid); + printf("\t\t ocff = %d \n", tm_frame->tm_header.ocff); + printf("\t\t mcfc = %d \n", tm_frame->tm_header.mcfc); + printf("\t\t vcfc = %d \n", tm_frame->tm_header.vcfc); + printf("\t\t sf = %d \n", tm_frame->tm_header.sf); + printf("\t\t pof = %d \n", tm_frame->tm_header.pof); + printf("\t\t slid = %d \n", tm_frame->tm_header.slid); + printf("\t\t fhp = %d \n", tm_frame->tm_header.fhp); + printf("\t SDLS Header\n"); + printf("\t\t spi = %d \n", tm_frame->tm_sec_header.spi); + printf("\t\t iv[0] = 0x%02x \n", tm_frame->tm_sec_header.iv[0]); + printf("\t\t iv_len = %d \n", tm_frame->tm_sec_header.iv_field_len); + printf("\t\t sn[0] = 0x%02x \n", tm_frame->tm_sec_header.sn[0]); + printf("\t\t sn_len = %d \n", tm_frame->tm_sec_header.sn_field_len); + printf("\t\t pad = %d \n", tm_frame->tm_sec_header.pad); + printf("\t\t pad_len= %d \n", tm_frame->tm_sec_header.pad_field_len); + printf("\t Payload \n"); + printf("\t\t data[0]= 0x%02x \n", tm_frame->tm_pdu[0]); + printf("\t\t data[1]= 0x%02x \n", tm_frame->tm_pdu[1]); + printf("\t\t data[2]= 0x%02x \n", tm_frame->tm_pdu[2]); + printf("\t SDLS Trailer\n"); + printf("\t\t MAC[0] = 0x%02x \n", tm_frame->tm_sec_trailer.mac[0]); + printf("\t\t MAC_len= %d \n", tm_frame->tm_sec_trailer.mac_field_len); + printf("\t\t OCF[0] = 0x%02x \n", tm_frame->tm_sec_trailer.ocf[0]); + printf("\t\t OCF_len= %d \n", tm_frame->tm_sec_trailer.ocf_field_len); + printf("\t\t FECF = 0x%04x \n", tm_frame->tm_sec_trailer.fecf); printf("\n"); } diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 69fce4e5..d5b45701 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -331,6 +331,8 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) ASSERT_EQ((uint8_t)tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -491,6 +493,8 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -659,6 +663,8 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -836,6 +842,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -1016,6 +1024,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -1194,6 +1204,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -1372,6 +1384,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -1553,6 +1567,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -1734,6 +1750,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(truth_tm_b); @@ -1770,7 +1788,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) // Test frame setup Header |SPI| IV | Data char *framed_tm_h = - "02c0000018000006deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4" + "02c0B0B018000006deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4" "b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a1" "25d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10" "e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6" @@ -1902,6 +1920,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) printf("\n\n"); + Crypto_tmPrint(tm_frame); + free(truth_tm_b); free(framed_tm_b); free(tm_frame); @@ -2084,6 +2104,7 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) } printf("\n\n"); + Crypto_tmPrint(tm_frame); Crypto_Shutdown(); free(truth_tm_b); @@ -2176,6 +2197,8 @@ UTEST(TM_PROCESS, TM_OCF_TEST) printf("FSR: %08X\n", Crypto_Get_FSR()); + Crypto_tmPrint(tm_frame); + Crypto_Shutdown(); free(framed_tm_b); free(tm_frame); From 27dbe8e91cb6dda35bb3ab9405ab76e1ff7bd2e0 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Jun 2025 23:24:04 +0000 Subject: [PATCH 05/37] [nasa/cryptolib#471] Found major issues in AOS, now passing memtest --- include/crypto_print.h | 7 + src/core/crypto.c | 1 + src/core/crypto_aos.c | 6 +- src/core/crypto_print.c | 40 ++++ ...ryptography_interface_libgcrypt.template.c | 50 ++-- test/unit/ut_aos_process.c | 215 ++++++------------ 6 files changed, 149 insertions(+), 170 deletions(-) diff --git a/include/crypto_print.h b/include/crypto_print.h index 6d979e8b..dcf087ea 100644 --- a/include/crypto_print.h +++ b/include/crypto_print.h @@ -43,6 +43,13 @@ void Crypto_tcPrint(TC_t *tc_frame); **/ void Crypto_tmPrint(TM_t *tm_frame); +/** + * @brief Function: Crypto_aosPrint + * Prints the current AOS in memory. + * @param aos_frame: AOS_t* + **/ +void Crypto_aosPrint(AOS_t *aos_frame); + /** * @brief Function: Crypto_clcwPrint * @param clcw: Telemetry_Frame_Clcw_t* diff --git a/src/core/crypto.c b/src/core/crypto.c index a687f41a..6aa03018 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -465,6 +465,7 @@ uint16_t Crypto_Calc_FHECF(uint8_t *data) memset(parity, 0, RS_PARITY); for (i = 0; i < RS_DATA; i++) { + printf("data[%d] = 0x%02x\n", i, data[i]); feedback = (data[i] ^ parity[0]) % (GF_SIZE - 1); for (j = 0; j < RS_PARITY - 1; j++) { diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index f3a35de6..515b26e3 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -828,8 +828,8 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t // Bit math to give concise access to values in the ingest aos_frame_pri_hdr.tfvn = ((uint8_t)p_ingest[0] & 0xC0) >> 6; - aos_frame_pri_hdr.scid = (((uint16_t)p_ingest[0] & 0x3F) << 4) | (((uint16_t)p_ingest[1] & 0xF0) >> 4); - aos_frame_pri_hdr.vcid = ((uint8_t)p_ingest[1] & 0x0E) >> 1; + aos_frame_pri_hdr.scid = (((uint16_t)p_ingest[0] & 0x3F) << 2) | (((uint16_t)p_ingest[1] & 0xC0) >> 6); + aos_frame_pri_hdr.vcid = ((uint8_t)p_ingest[1] & 0x3F); #ifdef DEBUG printf(KYEL "\n----- Crypto_AOS_ProcessSecurity START -----\n" RESET); @@ -938,6 +938,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t * Reference CCSDS SDLP 3550b1 4.1.1.1.3 **/ // Get SPI + printf("byte_idx: %d\n", byte_idx); spi = (uint8_t)p_ingest[byte_idx] << 8 | (uint8_t)p_ingest[byte_idx + 1]; // Move index to past the SPI byte_idx += 2; @@ -1486,7 +1487,6 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { - printf("Byte_idx: %d\n", byte_idx); pp_processed_frame->aos_sec_trailer.fecf = (uint16_t)(p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; } free(p_new_dec_frame); diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index b39dbbb0..163576ab 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -95,6 +95,46 @@ void Crypto_tmPrint(TM_t *tm_frame) printf("\n"); } +/** + * @brief Function: Crypto_aosPrint + * Prints the current AOS in memory. + * @param aos_frame: AOS_t* + **/ +void Crypto_aosPrint(AOS_t *aos_frame) +{ + printf("Current AOS in memory is: \n"); + printf("\t Header\n"); + printf("\t\t tfvn = %d \n", aos_frame->aos_header.tfvn); + printf("\t\t scid = %d \n", aos_frame->aos_header.scid); + printf("\t\t vcid = %d \n", aos_frame->aos_header.vcid); + printf("\t\t vcfc = %d \n", aos_frame->aos_header.vcfc); + printf("\t\t rf = %d \n", aos_frame->aos_header.rf); + printf("\t\t sf = %d \n", aos_frame->aos_header.sf); + printf("\t\t spare = %d \n", aos_frame->aos_header.spare); + printf("\t\t vfcc = %d \n", aos_frame->aos_header.vfcc); + printf("\t\t fhecf = 0x%04x \n", aos_frame->aos_header.fhecf); + printf("\t SDLS Header\n"); + printf("\t\t iz[0] = 0x%02x \n", aos_frame->aos_sec_header.iz[0]); + printf("\t\t spi = %d \n", aos_frame->aos_sec_header.spi); + printf("\t\t iv[0] = 0x%02x \n", aos_frame->aos_sec_header.iv[0]); + printf("\t\t iv_len = %d \n", aos_frame->aos_sec_header.iv_field_len); + printf("\t\t sn[0] = 0x%02x \n", aos_frame->aos_sec_header.sn[0]); + printf("\t\t sn_len = %d \n", aos_frame->aos_sec_header.sn_field_len); + printf("\t\t pad = %d \n", aos_frame->aos_sec_header.pad); + printf("\t\t pad_len= %d \n", aos_frame->aos_sec_header.pad_field_len); + printf("\t Payload \n"); + printf("\t\t data[0]= 0x%02x \n", aos_frame->aos_pdu[0]); + printf("\t\t data[1]= 0x%02x \n", aos_frame->aos_pdu[1]); + printf("\t\t data[2]= 0x%02x \n", aos_frame->aos_pdu[2]); + printf("\t SDLS Trailer\n"); + printf("\t\t MAC[0] = 0x%02x \n", aos_frame->aos_sec_trailer.mac[0]); + printf("\t\t MAC_len= %d \n", aos_frame->aos_sec_trailer.mac_field_len); + printf("\t\t OCF[0] = 0x%02x \n", aos_frame->aos_sec_trailer.ocf[0]); + printf("\t\t OCF_len= %d \n", aos_frame->aos_sec_trailer.ocf_field_len); + printf("\t\t FECF = 0x%04x \n", aos_frame->aos_sec_trailer.fecf); + printf("\n"); +} + void Crypto_Print_Sdls_Ep_Reply(void) { // Length to be pulled from packet header diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index 699f1303..5924e7e4 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -305,31 +305,31 @@ static int32_t cryptography_validate_authentication(uint8_t *data_out, size_t le #ifdef MAC_DEBUG // Commented out due to memory leaks with HMAC - // uint32_t *tmac_size = &mac_size; - // uint8_t tmac[*tmac_size]; - // gcry_error = gcry_mac_read(tmp_mac_hd, - // &tmac, // tag output - // (size_t*)&mac_size // tag size - // ); - // if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) - // { - // printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); - // status = CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR; - // return status; - // } - - // printf("Calculated Mac Size: %d\n", *tmac_size); - // printf("Calculated MAC (full length):\n\t"); - // for (uint32_t i = 0; i < *tmac_size; i++) - // { - // printf("%02X", tmac[i]); - // } - // printf("\nCalculated MAC (truncated to sa_ptr->stmacf_len):\n\t"); - // for (uint32_t i = 0; i < mac_size; i++) - // { - // printf("%02X", tmac[i]); - // } - // printf("\n"); + uint32_t *tmac_size = &mac_size; + uint8_t tmac[*tmac_size]; + gcry_error = gcry_mac_read(tmp_mac_hd, + &tmac, // tag output + (size_t*)&mac_size // tag size + ); + if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) + { + printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); + status = CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR; + return status; + } + + printf("Calculated Mac Size: %d\n", *tmac_size); + printf("Calculated MAC (full length):\n\t"); + for (uint32_t i = 0; i < *tmac_size; i++) + { + printf("%02X", tmac[i]); + } + printf("\nCalculated MAC (truncated to sa_ptr->stmacf_len):\n\t"); + for (uint32_t i = 0; i < mac_size; i++) + { + printf("%02X", tmac[i]); + } + printf("\n"); printf("Received MAC:\n\t"); for (uint32_t i = 0; i < mac_size; i++) diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index 5677657f..be07ba74 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -42,7 +42,7 @@ UTEST(AOS_PROCESS, NO_CONFIG) uint16_t processed_aos_len; char *framed_aos_h = - "42C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -214,7 +214,7 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) // Test frame setup // Note: SPI 14 (0x0E) char *framed_aos_h = - "42C000001800000908010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000908010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -246,14 +246,14 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB2d41"; + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB1144"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "42C000001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -318,6 +318,8 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -354,7 +356,7 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) // Test frame setup char *framed_aos_h = - "42C00000980039a90009AABBCCDDEEFF000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAA" + "4B0000009800f5930009AABBCCDDEEFF000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -386,14 +388,14 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBBAAC"; + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB3FA8"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "42C00000980039a90000000000000000000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAA" + "4B0000009800f5930000000000000000000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -456,6 +458,8 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) ASSERT_EQ(aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -493,7 +497,7 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) // Test frame setup | 6 byte hdr | 10 byte insert zn|spi|data -----> FECF char *framed_aos_h = - "42C000000000112233445566778899AA0009112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABB" + "4B0000000000112233445566778899AA0009112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" @@ -525,14 +529,14 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA86E9"; + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABAEC"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "42C000000000112233445566778899AA0000000000000000000000000000DDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABB" + "4B0000000000112233445566778899AA0000000000000000000000000000DDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" @@ -597,6 +601,8 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) ASSERT_EQ(aos_frame->aos_pdu[i], (uint8_t)truth_aos_b[i + offset]); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -633,7 +639,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) // Test frame setup // Note: SPI 11 (0x0B) char *framed_aos_h = - "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -665,7 +671,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABB5db19eb46f096b17bbe72c50448218d980A2"; + "AABBAABBAABBAABB5db19eb46f096b17bbe72c50448218d9BCA7"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); @@ -691,7 +697,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) // Truth frame setup char *truth_aos_h = - "42C000001800000000010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000000010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -747,6 +753,8 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -788,7 +796,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF char *framed_aos_h = - "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -820,7 +828,7 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABB53C4ADF7070DA59218F49AAE917F4DA95D4E"; + "AABBAABBAABBAABBD7DA6828A4CB3EAB8EDFB85346BF28B92846"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); @@ -844,11 +852,12 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->shsnf_len = 2; sa_ptr->arsn_len = 2; + sa_ptr->shplf_len = 0; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones // Truth frame setup char *truth_aos_h = - "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -904,6 +913,8 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -943,7 +954,7 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF char *framed_aos_h = - "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -975,14 +986,14 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBDCD9DACF7DFE95A6ED4C16C379CDEC28EB3A"; + "AABBAABBAABBAABBDCD9DACF7DFE95A6ED4C16C379CDEC28D73F"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -1037,6 +1048,7 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) sa_ptr->iv_len = 0; sa_ptr->shivf_len = 0; sa_ptr->shsnf_len = 2; + sa_ptr->shplf_len = 0; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of zeros AOS_t *aos_frame; @@ -1058,6 +1070,8 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -1099,7 +1113,7 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF char *framed_aos_h = - "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -1131,14 +1145,14 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABB0D2C91E544BEBAA356488CBD210314260099"; + "AABBAABBAABBAABBA27E93E9DDA4AC851A07DFBC0818FCC3F581"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -1211,6 +1225,8 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -1250,7 +1266,7 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF char *framed_aos_h = - "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -1282,14 +1298,14 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBDCD9DACF7DFE95A6ED4C16C379CDEC28EB3A"; + "AABBAABBAABBAABBDCD9DACF7DFE95A6ED4C16C379CDEC28D73F"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -1366,6 +1382,8 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -1405,7 +1423,7 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) // Note: SPI 11 (0x0B) // Setup: | hdr 6 |SPI| data | MAC | FECF char *framed_aos_h = - "42C000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000B08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -1437,14 +1455,14 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABB0D2C91E544BEBAA356488CBD210314260099"; + "AABBAABBAABBAABBA27E93E9DDA4AC851A07DFBC0818FCC3F581"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "42C000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "4B0000001800000000000000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -1521,6 +1539,8 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -1556,7 +1576,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // Test frame setup Header |SPI| IV | Data char *framed_aos_h = - "42C000000000000B0000000000000000000000000000000010df143c92a39b3568cc9916c9d06c715bf8017168f88ef107a8016a03207f" + "4B0000000000000B0000000000000000000000000000000010df143c92a39b3568cc9916c9d06c715bf8017168f88ef107a8016a03207f" "7d12fe4ccd79ab24043982fe6a8b9675c3b819e2d7dfad32bd85381fb54544d76668a6ab58b988158702e91afe55cd71f1ba50d72bbd1c" "cc41529101ee1a39c46ecd8a7feb503444606611239d31102dc6371b0e2152dd301e3268d0a45e1bcb58779642e883b6a26546094ba39f" "b0ce11b39c49092c9b366059e773e4789052311a465f39ba677458510c09826f1ea580fa5c9d5b9677ede38e46fc33fe8d303f9529c15c" @@ -1569,14 +1589,14 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) "311b69110985b5f7c5d47904a6f6699e93c02ea7559d4ba94d139824e9ef0840ad3e31afdaaa71f7baba8835d568443b0dab10a4f40043" "160fde9961038bcb823ab570bac0e609e17311a6b0edab4fce98f8df059194393f5109e766f6bf7e21c9a4441acff0cfd28658d4830433" "1cb0c982da833c94cf6a7aadc8e2a696b69df49efcd7efadfd2e95bd3a9ab605c221e08b5f61f3aff2496b7c89f98a76aa305116220c50" - "142cfa4490916f7a6b8732839280d39a402d87ff7e7b1f71b6a243c316307e82b16071ad18e99a548bacc4ed648df49c6eafca0db764b9" + "14B0fa4490916f7a6b8732839280d39a402d87ff7e7b1f71b6a243c316307e82b16071ad18e99a548bacc4ed648df49c6eafca0db764b9" "8c75a9e953161cb6d384421b473f95d6801d5413dbde4373abab3269c0fade85ab66a9beea1d32462796dac0024f44ade919286b5e9248" "8e52b51ada1deb0730c9b2e66b9b3c75dab5194cf452cb626ea4d9425b28e6d97a9d93d5c61d1fd02eea18d2b42058de6453abac116574" "0be3c352d7291f8df7abd0c24e90bc8fbdadc32c31942e82f09f74f3ff75e20e597d87d136998b94d99370a8d6c3eedf44503ccc2d7d56" "0a3c068f8914fb67a976cb15d3be212bc549b26613113a509079ad19e5abd26467e26571c98f17e248e31ad5b0f489a05b71e38725574e" "9a076bf55d546f970cbc1892801b6a4b4bc7e3b82723cf251dcf3bfee0cb3b8c54a51a99d5272e8165a6cf8b2b05a549d091090c8b7a62" "3541f2b29542eecc1234bc172038f8fcb0fe14413601f2d255708e4a30a789ec92a3f7bb286c80899886d2f59edfe5e120039b2e0e6fce" - "7fa81dd15b14c61afc0c334015cf975b42cb53bc33dc511c6aac87f1e38f48287c4ede88b8a22ab013200d4d894709bc0668ac5ff06add" + "7fa81dd15b14c61afc0c334015cf975b4B0b53bc33dc511c6aac87f1e38f48287c4ede88b8a22ab013200d4d894709bc0668ac5ff06add" "5c28ef3764e3a6f51ba519256574734b0ad395d80ee886018ce0a1b935b1af4747b47011eb030c2ca2ab77cf33019cfca4bbbde219d326" "66ce9a2db7a9e1f0f3fdff22a0b2cf6d245f0c5de470a40025a9f2e743c1fd626a01eb34293544c3dee8b72892c8a2d4fbe0cb2dec2bda" "572ba4a1246b811331d80e5078b310eb9090a89216b390df62671425f89e73ca736e49848368be1eca4cc5c3036df2dcee5ca648d199f6" @@ -1595,39 +1615,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // Truth frame setup char *truth_aos_h = - "42C00000000000000000000000000000000000000000000000974F555545E8114714352C43BCAB3B62E961FEE145A672C3B292FFAE9A45" - "63F5B359B8E199115C12A3A1DC24D78BB36CE3D2922E3C9567AF7D87DA9B58A13B64B5BEDE209DDEE5722C2FBC6E96346150A270BF3C12" - "A6957E57ED061A65DB0B4F8307548270670D2C9CC70BC9772E62F39CC41B8BFEC800D1AAE21935136BCAF6F6FD4C6536917F484A065594" - "ACC4A9F68AC02628FAB4B06B11F5785BEBA3091B326CFC348BDCD519ADAEB41358677850C5B168C75806D4D5218708F974A2C2D2403110" - "B6AB129D7FE0D69B6865D59A3E170AA7EB4A0B1385AC35F644F901FFBD5CB821D384B65F7442A3AF9AA8824A7C73E46AB9E66B533C39D9" - "F2988457E6E7D50B5DB046035DF52D9BD81D03646DAD98350EBE73E6D5ADC72C35B629D90B46EFD849C0B3451F627DF0FFA7D00A9B24ED" - "C346CBE73814D3DF35F53EA294A42B03CBB1AB76E71EFE6575F58AA027C30E1BB7C4CB828149D85C1615F59B482FFB2F83CEE16E9F2F43" - "B8D71A597C4444A3B901FD39E7D5B541B58EC8AD14BFC02DDD8DD83B451A962E8733012F108E5E34639D072B2DB99367234AE98A18C041" - "3316900B80EB0C15B4AD0DDA725D07560DE690252D2AC31A5391FF565F16CBA7D31DCBE4AE14E90B2D8D18BCE4F6377D1E7A5FB14D98F7" - "26582AEAAC9777F70A4AF0C2956D8B032DC97BD36524F8F6872E6EA6A8C3BADEE8717F4FDF471E32C2B170DEEED4FE807A551353853676" - "D5E68C4686FE1D87294EC27F05F5C42391CA6ED51A4D65AB3F940F32BBA4D7BBADC0A8233557218832F76C22CC660542F49F3428D3440B" - "B8E251BF32B9BA1EB6CEE36F45F5310C6A1D3EA1488B438A5960489BDF8A2B74EC3F1A29F030ABB17FE5B6299EEE10C63302E46ABB0876" - "60B065A53A21C51EBDDB43EEE219C60057FE5C853FDE54EB2C8A5DDF195F50BDD1DA749C6D6EC01FF589C6A97F0E77FDAD73B16CB45921" - "99936D6FECEE356A88C4E2ABEBA487CF8FEC48B31EA8656BE4E9F45FA5D14CC5125577E235378B090731D4CBDD623D9481D334D3483322" - "547C8A148B20D75DF232D996FE552473FD419B7908E2D93158911D2B5BBEBAA8AB58D4B7E32C0247C9A79027FF0BEA60E7E2C2F739F118" - "C423D30BA8F1DA0AE8EB259DE8985D2713986EBBB780C510C766DCCBB0A6B1E8D806C029B6978A1B358429410C6AA3256CB5805F0B0770" - "25C89239D62331324EBC6288BE3DBC8F1C14E097B0D7641FEE519AB693406616B68D956E47BDD78B5F4DE011839E87320D776EE92E2961" - "7326919131F0B450C810BEF3FBC7B24F3294DD12CB293C66BE0CD9F81C62F863642811682A8464FE959D63689A0E0141B4E3865D4457E7" - "B76F9BEFE8EDE58FAE6B6E138C165A5F491C3D3344C1DD652A61B3AF5B4F608E60C73368B6559E5E5D0BD130AFF07F77CFD72B0F54140A" - "03E0739C665EE3D73CE54AB3BEE154B401320A9D2360C179634A6F5E44F08A873B673949232B613F12FFF97236A96A24ECC977392EE26E" - "FC9A2F8736048EA10F48F211C846543E36D9D52D5AEEEE9C87803B923570C7AE89C827AAB260147D2F5DE616042740322DFC37CD05A0CA" - "48ADDA09B1AFCC6BB1291DD69B531DC7EEA9CEB2B7B516851E1EA55074548DE1F02D109A6B7DABEF210DB1F77178D239E73D748296E1D6" - "A4FFDAC5C6F265E0BEBE2FF70E86808B6B8DBF66E133A2B99FFC7729AB3409E195A91D22D00A771340A29B529671DFD648E27D3422D92C" - "F66D2BAF512CAB215DD4381FB36F4497DB7DE865EB469B26B8E24F224C73E30605AC6E3A05A0FC86E213CFE0E00D9B440916209305218A" - "DB134AF7C8247E2B761D8FFA7ED9C1B052FE8470F5E60892E07CAFC3BCF61D67CCC5F737044EDA410283FBB2838CA2B4F6FFF19F4DBC4B" - "5D20CCFCEDA7CBDB0245B42402B1BCCC95B97015BF06BB1451BC76B9EAD99CA21BC3EC702C314DCE2083F8F2E050F2BD0DB950C8553E00" - "E662D70AD86855A79A0D3FA973EF00820084606A326EF92C2B48DF8486FEA8ECF63339A9AA2570372AE6CC4D92897CF5D081B8CF2B9A92" - "3AF3D5D31FB371CE63E82E5E3937ABF1E65AAB0A5CE9A613726510267E87296117C42DD03356364ED20EF5463C73393C1902A7C92A3883" - "F1F726F43C5C6D4EA5360B4E7E4CD83CEE27BF13D2D4CEC198F9C755CA7FB6C0864737D128FE50A7ECE5B02C01C8E09EE6C455B89C7D44" - "7DEF0C6D0CE9607DD9458DC1CB3BE8DB613D70A392A6323639251AB6DA3A5431477EEE0BC3BF82EB3C3083482FADEFDC2B6EA5713BB872" - "2CD5EC36FC1C7097F150FE1CD6E4404E633E23C9525CA165B649318D8D4AF0387256EAE754C45245B2B3C6DC21879D4E27466057FEED75" - "52383C07CE7C4EDAD9310E0F12C62E75788DDEEFE70D1E8AE8EFCFECE71C3AB0BEDC048D9FAC161E071B02E7C39879FEA64EEBB825F75E" - "936C93AE48881846000000000000000000000000000000000000"; + "4B000000000000000000000000000000000000000000000058847DFB74D0BF1AB060A39CA51726484A988EF8D5D00D351D3B94C7B91A619A5FEB39554B9E7C2F18DD48C5CA6805174229A7264E0AE897C0A0706B59328A6A7BB32DC1AC4377F7C7DC58C50E88E11B48F743AAB376186D947DE9EE4626A1ECC4F2C0391417292AEBF5B56556138902B0D134F871252EFDF05A6DCF56BB59D91729E60E0385B86B0544BDA883BA7654A515660D4D19E652AF61EFC703616A306E759AB756CFF910F0AB3FFE29DC5D2A6370AE0AB99CDAB8E93DC734071FCD78FCD98DC16DB356642770CA1CDFA72EABC619D14556A4BD29D7F7DE01627A373AEE9E21AE668BF68F1AD283546C48962A32F2CB6A04B752C59B9F8284F82973076D830E9AF63CB2AC5FF0FE0CD0AF7F971CDBD028AD02776B631F6C2BFF7A87502186580D1A20019CDC4D164BE1541C203AC1ED2C7C33CEB3535B9CC31E30C30A5A79EDB9378BCD014BE404BD958D8D51BDA85F767FD7634EF72390F6DE2A956D1667B13CFC408C02AF472C896B8ACA468FB003A685802712C92FB4035AC6985E5B50D1D678522F8B3FE059CDDC380F5387E70A57A5A0E985F343EFC6825E0E2B3DBB047EBA9F30568765D95CB12E6AD30F186151F253EDA33264228EFCAC9C8503DCFF0E5700E1AEE1B90EA99A50C48A5648E05E5D5F087FDB045C6A5A6AF1CC9EFFB58CC3D43E28EF449B4938F97F08978F7D63144FCE8C5CC693432814FBCA0ABE1FB480ECD887B39367285299CCFE3E9E722DC51B5F6F02A7A55BD49C99805CE885B349DBCA848E76A230F34053A7BD4027FA0E7FF75E9F2CDB293DC2398F9C83B048EDFB80F8CADB325EFF766CAA8F8F17E3828F5C165ED6056ED83628BC051E2ED9EA5142C771A0E270200DDBC9C03B2FF92E563AE6EC8F414F1C1CEE62787AB6E67E53398733823077D535EF5DF56CA97C59E6F79EFF7C0E1639B5F7B9505243A832E4BE8A7E040171E9D02B80777DDDAB27D138EFCB7F9928571AFAB6D4865581E2CB9FAD010523FD15DF70F702392184663E80C6F8C7D816BCE2548B44FC73125114F2E0FF618556543165DDF797651FCFA22D8E30ABDCD23EC0E7440180918470F2849EF385951BA0B7DB2D33A816DC3D3D46E189A312F3B40C3DC202FF34A468362CE6DF125EC96568FA6EBCF7C2EE0F265CB9CBACA150A9D57FD77BE1CE6FA54C88D4CB40DB8B6AFEDBA3D6827858B673615A20B2A853DD07A034E0199A32E390BC2E048E78AD72DEB39C3E71319FCAF1FAE1A96F38A012C594120703C9FD8BAA0396630219CF794A2F10AB18376D5BCC06CF032D3DAA2D45DC1826C6BE2B170C7EE50D4CE02C81D567AD967C92C2FC0B3F369AA7FF4A7C684FC91439E625FE63F2F77140E4DE7735DBCA999E8D2B7E49901968DBC5318F12B3476A45649039B8368CEBFAA797F1B9C8B8740FDEDF9B5696B30AD3E5125494C0DC41894FF5E2C3C21889F994B04D7CE0C854573259E46F919A3E67A4E245566D05B06F8D3603E1AD555DE850202DEAEF8C0E83CF4D4D9A4BBC4B5C7DE9B8CD629D9C0CF22F598DC2D50163D1F14610E4271C00CEDDFAB7FC827A9CE78C6ECB56C0E90E879792F33EAA3A7DC9D91DD1E22889385F97A1EADB421AFFAF7088FF615378029372E448F8D09309F0DED4FB9195A4CFAF046D4F8D4A4F59BF2272DD6D2B23E4578E725CEC2DF1BDB02D2A8C94FD2922F6EC3758A7761DBA702C3C0FB6357E9DC2F7FDCD1606945D94C4CD2C2BB5A067F956D2E31EDD7B11A4AAD46341B37F3DEE419BA4E76CA07DD05F6FE3B86905E73C1391150EBFBCB149F7024B2A26369546E62063046A3BA4DA7D9C69E566C366D2F83122BDD79B31217450A4D04CADC97199A16233DE7031E895A2617FAEABAD2B5EE73D015E5DC2CAA67D9985D63D765A62119BE2F0113BF09F2C81F6381336F64DDEEF781F469B0F63ACFDAED5F2F3CF726E9D3F06940AD64F3DD6E27592825D43FCF56044F8FF1FD8205C3AE467E98076096388AFF0C9540516C07997437A652FFFA3448853E04202E212DEB1CAFCA1A1C15E38A3B1AA47E579AF8788FD35B9BDFCCD747966F8774A2D068C24EC1C749DCE4C26CC51D09A0805B7588923A797DA66D8E221B32901E11D8CCD9F0137F863523FAF1B0DA99A3D67ED2A8A4EEF9A8C421FABD38A425209ABE806C9939F530319B4B622D79E136A1E3145C3C88BF6F510F728855203976F66D328B3CFE773D0B887C2AD07B1F36C3E4F61750DC2F21C4C2EEA4F1714B9A8254FC1FE019D1EF60C4CA200AC756C7878FF64BD41B6470E7726612B538F07EBA0FA378B015666BA7C0EB6B0F421A336A3650A532171CAF39110BD5148A38CDAC283ED8A0ACECD50B72289B5C14A4D3C1CC3D52252029030E5C8620A41D429D8078A32F098ED8DC26ED13094817DD53B7874550949EA9DC4119E1E4AF0ABF4481FE8E3502CD331DD5CD702819704A42E40B8E8C1000000000000000000000000000000000000"; char *truth_aos_b = NULL; int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); @@ -1665,6 +1653,8 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) test_association->iv_len = 16; test_association->shivf_len = 16; test_association->shsnf_len = 0; + test_association->arsn_len = 0; + test_association->shplf_len = 0; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask of ones crypto_key_t *ekp = NULL; @@ -1715,6 +1705,8 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) ASSERT_EQ(aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + // printf("\n\n"); Crypto_Shutdown(); free(aos_frame); @@ -1730,7 +1722,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) * The Provided buffer should be returned decrypted, blanking the SPI, MAC, and FECF * Utilizes an authentication bitmask of ones * Sanity check: - * https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D)AES_Decrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'48caf5a6921559a2384174c025a04874'%7D,%7B'option':'Hex','string':'42C000000000001100000000000000000000000000000000'%7D/disabled)&input=MTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUE**/ + * https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'4B0000000000001100000000000000000000000000000000'%7D)AES_Decrypt(%7B'option':'Hex','string':'FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210'%7D,%7B'option':'Hex','string':'00000000000000000000000000000000'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':'48caf5a6921559a2384174c025a04874'%7D,%7B'option':'Hex','string':'4B0000000000001100000000000000000000000000000000'%7D/disabled)&input=MTEyMjMzNDQ1NTY2Nzc4ODk5QUFCQkNDRERFRUZGQTEwN0ZGMDAwMDA2RDJBQkJBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUE**/ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) { remove("sa_save_file.bin"); @@ -1749,7 +1741,7 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { - 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1758,86 +1750,20 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) // Note: SPI 17 (0x0011) // Setup: | hdr 6 |SPI| IV | data | MAC | FECF char *framed_aos_h = - "42C000000000000B0000000000000000000000000000000010df143c92a39b3568cc9916c9d06c715bf8017168f88ef107a8016a03207f" - "7d12fe4ccd79ab24043982fe6a8b9675c3b819e2d7dfad32bd85381fb54544d76668a6ab58b988158702e91afe55cd71f1ba50d72bbd1c" - "cc41529101ee1a39c46ecd8a7feb503444606611239d31102dc6371b0e2152dd301e3268d0a45e1bcb58779642e883b6a26546094ba39f" - "b0ce11b39c49092c9b366059e773e4789052311a465f39ba677458510c09826f1ea580fa5c9d5b9677ede38e46fc33fe8d303f9529c15c" - "2bed4c879c5bfdacd86210a431e0f3852b3798369ae1230b4ed5ae66e153757508ead77e85ddac804e8a409cca8b9d3cef0dd1d0298bcd" - "bda1dda336d66ee6b59f2f10ffa6d4bf99885b9082b83cd20c9a44a002c460530a9741e26e78b6e8f9349df8e618b904ed01306ee9ed3a" - "389374efe43e5ed2bcd528943057762f9dc1d392fe2dd2fc6d9cab9e347a25839c07ba47113bad0633b6b5f09228be87631cc1538c2f6e" - "79e9df0f18d658bd8b3ac45b396cfeadd1700ca2ec95cdbe38e5ec013c74cd68d0035bb975c392f5116b661a928bf113c3cacc801a84cb" - "d3f8d3dc2273e0c5270d656648a48db16f860e4a36ee7e8979da4135e40e6952041a0d16b6f51cf67519b80a472b4cf5614d5a0b18dd75" - "5b7c8d63936e43de25a3cdf0d03179aebd5cc85fa1cc0c03fbdd240dd878d647619cbf367a7e486e572c5636c7a7d9b517c565a547597d" - "311b69110985b5f7c5d47904a6f6699e93c02ea7559d4ba94d139824e9ef0840ad3e31afdaaa71f7baba8835d568443b0dab10a4f40043" - "160fde9961038bcb823ab570bac0e609e17311a6b0edab4fce98f8df059194393f5109e766f6bf7e21c9a4441acff0cfd28658d4830433" - "1cb0c982da833c94cf6a7aadc8e2a696b69df49efcd7efadfd2e95bd3a9ab605c221e08b5f61f3aff2496b7c89f98a76aa305116220c50" - "142cfa4490916f7a6b8732839280d39a402d87ff7e7b1f71b6a243c316307e82b16071ad18e99a548bacc4ed648df49c6eafca0db764b9" - "8c75a9e953161cb6d384421b473f95d6801d5413dbde4373abab3269c0fade85ab66a9beea1d32462796dac0024f44ade919286b5e9248" - "8e52b51ada1deb0730c9b2e66b9b3c75dab5194cf452cb626ea4d9425b28e6d97a9d93d5c61d1fd02eea18d2b42058de6453abac116574" - "0be3c352d7291f8df7abd0c24e90bc8fbdadc32c31942e82f09f74f3ff75e20e597d87d136998b94d99370a8d6c3eedf44503ccc2d7d56" - "0a3c068f8914fb67a976cb15d3be212bc549b26613113a509079ad19e5abd26467e26571c98f17e248e31ad5b0f489a05b71e38725574e" - "9a076bf55d546f970cbc1892801b6a4b4bc7e3b82723cf251dcf3bfee0cb3b8c54a51a99d5272e8165a6cf8b2b05a549d091090c8b7a62" - "3541f2b29542eecc1234bc172038f8fcb0fe14413601f2d255708e4a30a789ec92a3f7bb286c80899886d2f59edfe5e120039b2e0e6fce" - "7fa81dd15b14c61afc0c334015cf975b42cb53bc33dc511c6aac87f1e38f48287c4ede88b8a22ab013200d4d894709bc0668ac5ff06add" - "5c28ef3764e3a6f51ba519256574734b0ad395d80ee886018ce0a1b935b1af4747b47011eb030c2ca2ab77cf33019cfca4bbbde219d326" - "66ce9a2db7a9e1f0f3fdff22a0b2cf6d245f0c5de470a40025a9f2e743c1fd626a01eb34293544c3dee8b72892c8a2d4fbe0cb2dec2bda" - "572ba4a1246b811331d80e5078b310eb9090a89216b390df62671425f89e73ca736e49848368be1eca4cc5c3036df2dcee5ca648d199f6" - "4b9bb792a2b7eb7ddc5ae43f35bcd9b9a7f4b9b8d493f958666af4dff6a2dec6a4ca908cd67f98d8845a631b3ecff4c5e527a0654ae737" - "885885425f6780da2e53f4e612ee8caf42e4d25cec899e7788e1652f0aa1536c488df58f750b7b63a1573d4df0e3eda5c8359daae00626" - "9cc4f79aab4360ce37b2227bc17a7feb2bd62108404b9d4ec6ca9d4a2c903a34d03db5d68004d5235789e61a22ec75f98680b0829cbf90" - "5668c9631a5157d39d73d1ab7e558ae6ced855939ea79b80f7256dc29fbf01bacbd718e96916218e41c3fb221f5b9ac58eb3bb694edfc6" - "0a9a518f392ba97d542034d17cba204ea92572677c3b6af86383f013fb537ba8441d1b8f645289d8c1347377f3698a830aa82ebe912380" - "8eb105ef216502cee4cd7ef05a14f1e87b5a66eb937a5f7dfd704fb6ad693c90c941a3e4853a148ada9269de95852b412d4d9fc8920120" - "835156c0c6ed168027115535edbf4ff5b72a3f556234c68245c604188572d3a372a898bd6a439bd4a8d6402b28260e81ece7bbf0cdf5a2" - "a2983403289cb060f81d3aedf8b4a82dcdadfed35a86a8b6df4d57801f7718a15660f9b03e0c0450a717e14e92e278d65cc11b7e07277b" - "6992050f69a101af8A2A043A6420DEC5FF4F7B14B80E26374173"; + "40C000000000000A0000000000000000000000000000000010DF143C92A39B3568CC9916C9D06C715BF8017168F88FF016B9107B12316E6C03EF5DDC68BA35152893EF7B9A8764D2A908F3C6CEBC23AC94290EA45455C67779B7BA49A899049613F80BEF44DC60E0AB41C63AAC0DDD50438010FF0B28D57FDC9B6EFA412555717700328C20013CD7260A1F3043CC210F2379C1B54F0ADA49668753F992A7B37457185AB28EA1DF00A28D58183D8A277148F662F5698143200B574E28AB766549401D18937E0FB491EB4D8C4A8766FCF29F57ED22EF9C212E8438D04D3AFC5D968D4AECBDC97301B520F1E2943A2689278BF0321A5FC4BF77F042646419FBC66F94CCBD915F9B518DDB9A8C2DFE1CC0C1389ADCACB0CCB227C77FF7A48E3E01EEB7C5AE88994A8193A92DC31D8B55B113D571421B8650F37F69A7F9E8258CE9F709A815FC10217FF8FC2B298265FEF52F4FC3ADC439852146673E8CD0C283EF3CC3ED7C8DBA8F256B34928D16AB56002ABC1722A7A4E18339AF96720DD0429D3E7F68F8CE1E09C749AC9A2BD54A287DEFBCC0611DB3FD84DCAF29F4FD102D65DC79C1124AA864D283E4007A770B839AE002D2DBDD910B95DAC2E9C2CD3362F1D4361C747759B59CA07E971F5B27FF6F9868CB5024F51F7843150B1C07A7E40DE76408A91B563A5DE4705C4B1A09CC644A6D9C72827F52CF34B2DCE1C12068BFAC4DD94EB0DD1D12EACC351CC969C756708DAE276B6F597F463D4727D6B6C8A406D474B456486C200A78001894A4E6D4C56815B7E7788F82D13FB6448C5AB85C028935F8FE1951BC2F20BECBBB60E6ABAB9924C479552A1CBA01B5E51152071ECF8870129ADA932BA461ABD1F718F06200B7A1FCBA5EDF89E9CE148085282E4018F677E7AE6F30D8B5550BDEE1DEC39749C59215220DA1D893CB922D85DE7B6BBCD9F3B787A78CE58FEDC6FEBCEC3F84AC2B8BA714D330F19A4E70E2BEE3587A6D98E89B67BB214007331D41053DEB5581807E6B7A9623928391C28B513C96EE6F6A0E60A7B352D207216F93A07160BC09F88B459ABDD5FC759CE58D7FBEDB1CA675A89D64B8F842070DA7C295530A562E84C7910C4502CACF5262BABA2378D1EBCF94BA77B8AFFB0C23573687CBD1135E55BCF808397A4F83599F43A40BCB0CFA1621D8A3F77A8A2D64CBA4085DE543DA737FB5C8534A39F7C86B8C82C4D70C0EC13FFB09C3A53149CF7542BABD0074651AF2D243C6380E9CE6BAC1D35F81AD9EACBCD23D20853F93E18E65E2EE64F31F486C96C027889A85C88261B9C7D2FFCE55412DDD3C6C471B2D179E9805EA76B867DA04C2AF303AD458A37702002B418168BC08F4BAC37576F37460D89E06F359F20BC4A1E598B14A60F29634465F8B167AE44C457E861DAD0983910A7B5A5AD6F2A93632DE340CDE2AEFF1DA2A9D45B40B88C4363F9074B7DE9A3A14B458C180181D9A6B732450E3A38453FFDD0325AD063129E9EDA1EF05502710E3C344619F5B21B698FD83B2E6AA397D91988997C3E48FCEF4F031128A3F1F7EDF6EB90CC04A05D70BED1D225104DE864A53DA42AD22CD400D7BBD96E0F29E59396D5FCF99A9B33BA102311C5C985618AD1779BD4EE17BCC4D39FE2675F2B7E40AB408347465625A1BC284C91FF997109DF1B0A824A0BE5656A56100FA121D3DB3BA66DE22108DEDB5AAACF308C23777DF8B3CA6B8F0E1E2ECEE33B1A3DE7C354E1D4CF561B51134B8E3F652D0EC737B10FA25382455D2CFF9A63983D9B3C5EAF1DA3CFD3ACB463AB5B0357A900220C91F4169A201FA8181B98307A281CE73760534E98F62DB627F58959279AF0FDB5DD4D2127CE3CDFF4DB759C088E75A8AA683B3A6FA6CCD4BF52E24ADC8A8B6E5A8A9C582E849777BE5CEE7B3CFD7B5DB819DC76E89C9954B720A2FDEE5D4F436B1745BF626994994534E7691CB3F42E5F703FF9DBE53F5C34DFD988F6699F0743E1BB0427D599CE49E641A6A72B0462C5CE1F2FCB4D9248CBBF117378DD5E68BBA5271DF26A3336AD06B6EFA3AC73019515A8C5FD7DB8C5B3D812B25C12CA4C79115C4324698F70B33FD64E89791A1938DAE814779D8720B4046C28C62C0BA6F449BF7DFC944828FB68A91E6347CD38EAE10ABDAC609F87807309F50D2EA330E4A8BD49FA2AA785FCED71B8B409E283AB86C453125C06DAB315FB83463766D2A7BE97292E102EA426AB9550C0A9E754398C9D0256266E2789B921BB93FAF8032919FA014FE307413DFF5DC6FE14B05E0F96A4B77FA826B4E6CEC615EA7BC782D81D850B2F5942B059BCB8378CF84943A503C5C8ED9831031924047D1D7FC079136004424FCAE5EE4A63B2E447325D79354D715099463C2B263B989AC7B528AC5B9C7513A39371F90FDF6AAE1DCE4B3B3892512398DA171E90C2BFCE9A5B93CDCBCEFC24B97B9A7CE5C46910E6609B04771E8A12F1D1541B606F05F83F369C74DD00A6F16366A7883141E78B010BE440462F966F42C85654F3C10535050F0BD13"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "42C000000000000000000000000000000000000000000000000015C1B5DB5CF084716870EB0A784FC8285D766989E0DB22E3BD68B9E0C7" - "F7D629E5998ECCE605A62C7C42CE5645FF7670E16486D056BA0C2F2127E15B2988046A7854A97A17A5ACC4A3BDF4999F96700BD6D1D19D" - "CAF7257AE8D5A07D65FDB24E09CB9475AFFE99DBFE26A927A77CA1778290E756D969B9DC596635152EE907648ED47AF49A795FC6B6006F" - "B9EA0BC627413FDE38A151D42D91A9B0DE910BF3DDFED55EF475959EFEE324DD367134E476DCADB086C03ED80FC9DFB91475181EBCEFDF" - "511BDCC06B76DA5D9E64736C9AEE79CF631808ABB97D0240D6745B19F49F2F8CC635643EE90992F759A0B5BC31BDEC1DC99B857743F15F" - "9CD7CAB941CEF28B71C230347A0D81A2E78C68A3739314D19AF3E281ECDFC82CC07FE1CE8521722BE567CE77D15BF5A7FEBE77D4733879" - "6E03F7D62B7B014659AD2FEBA369FDD25044F5F99615977B04CA7DA8244EAA53022E9DEA10D60797251A3DEC9C729705663119E5F6D659" - "FC3C0C5D6D62EAD0793CE5DA578C6D7A856677694A8C8B905FE07E5F7ACE5BA7B7D0210184C14D8D2925DDCA5E2AC9239862A5F17CBF7B" - "EC99BB8E4A05791C7C62F9C196687EBF599DDA66830EF3CDBCF983451E9136F6D6E2B2A6004911A9D24576B9448BB074961280ECF97CD6" - "2CB27CA4B4B67A0BCCC642E8B77A03246E49DFB8C32807745D65756B56CEA4841D6074116FF398ABB5F9ABA13B2AB4A964CBD8DB884790" - "D3CCE3A0DB3E07D8CB89077A645874C241F406CDC090A59EBD106E9DCA615A051ED4273B50AF10F770E78925E6F72AF9F23AA6A55F0E0C" - "BCF7622D15214073A34A9DF1A50BF672ADC15A6E0BF0B119CF6C9CFC57F53B1301D39C0DC5AA7333340C2F36143040BB88F220E9716B1A" - "A3296E98A8AB5DBD48540E6D09E5D5DEABA1F9A9B3E3A8D0A929D339148D3735CF8E990004401764BA4C229F592FB8259BEC408CC8B0C9" - "B2C744D3C06E5550AE46F3BF0AB8EBA1390C6D69533FCBB103685FDAFF48C20965596A76C3FF2806BB43E5FA0ADB3AAA30880E19D7D2A4" - "53669E364155F40A74982A35BE8E6943AE616FA434672307537222684939A5D5CE49B972F80963F1AE7A46FC6325FD48161E7AD8CD53AD" - "B6A191F3C5BC9BA17175289473C6FD554C7B694247A5958B0F7D1D5D28D1174A36FF43F3FF7373769B819C8306494645963665441072CF" - "D53D731BAFD1730E538C9CC325F849B5BA88C52B4912A4BC65B73FC6302CA6D100D965060AE206A7E9AD12911DC183B61125C336AA1BC0" - "DDD1A6082520D8C8F8AAC8D8B210582E4ED9DD940BCC83FA009297DBE2099D741F3DA828064574D6F5BAF88D009A93EF786A124D6C6BC1" - "76E34A588D0B8969D881AF84232351FA9A2613D57F3153AC69409D9B609F60EDD483F5967414400CF08D11875F2435E6CE72623739DC52" - "E5986D48CD4BD135564304983694727FE2B90E0488FB6E680D197181145613F0B1F4CFA3756C025EB2B4E0C8E691D1856F5911963FFA6A" - "ABCCD9D3FD6F26A481BC74E69D25393E6E3AAADDDBCAD96A801A56F7DFD4100D8FCC196CDD8029B8823AA5C73FA03B51B47E119DE79F96" - "9C4E19A4216F68AD17EBA83BD6EABC84D32335B0318B2252A05A87E23EB3304D42489D1E31A94D94043C7FDFEE75054692FCB3E20E8A95" - "0E424749962EEDF3A9A7B775E43AD475509893A85387FBDA3A036CE40A8C05092CC93A9F79ABD65C2181D26A9E4A8BB6E29E8B679CAC8D" - "D64A59312A710FC31A709533DC58C2E32AC092B9149A2CD75803DCF9460021EFAA1F9051605797CDDEE9A5346C155B0AB63BE2AFDD6A8D" - "69C747A3AE8FF2608C8D83CF6A2957AFC5E7A5E6D68196612498291FB9D793CEC1A68FECFD59F50DA7285CEBE67E71A0AA48FEE85128C6" - "C5D4A7A1709E75060432700E4CB334FA64F03A03946ED845BC2D4775C535F376B15A17B92A3FA4D3708F36A16715B7FD8F2BFF24D7176C" - "2148D0F4E7737027ECD6AE6358AB053BEF97B174DAE966AFE02EE02A0A70AD0E51A3DE418E78EE8D39000A397F5CECBF48D38DA89797B7" - "434335B07989E739601BE66305455E08EE8531F0618FAF9CC61E305C58C634BE60D67985DB44E223CAF6105A4EC22F25BECD9F615F0D22" - "6EF6E0BFD30E2BFC46F7DB5BF3C1E75E32C160E8B5F6AD69B2D1283AB0EA3B51841FE438C4775620F34609E93BB4C2403B819FBC0437AA" - "078A21E58E3189104CB830868E5F01472009B70A5F2A66BC08B6187D48643B425F6AC01E8C653B0B64A319F756E0147FACB7183EA77218" - "39DB6E3B2B876BC78A3BC98E032019E0437533D5E6CB1F1C38EEFA743AC0ED7B1AA151BF49544A3D88A85357D3A79D0D59CCECBDCDAFD4" - "FD813C20B6243247E2C6684B68E2FA22CF3B99C50EEE588BDD402276E24CAD6DE47A056B6D0790E709FCECE2D917408F8EACED04B6E2D6" - "F543D737D704D3A4000000000000000000000000000000000000"; + "40C000000000000000000000000000000000000000000000112233445566778899AABBCCDDEEFFA107FF000006D2AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; char *truth_aos_b = NULL; int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 - sa_ptr->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &sa_ptr); // Enable and setup 11 + sa_if->sa_get_from_spi(10, &sa_ptr); // Enable and setup 10 sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->akid = 0; sa_ptr->ekid = 130; @@ -1851,7 +1777,8 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) sa_ptr->gvcid_blk.scid = 44; sa_ptr->iv_len = 16; sa_ptr->shivf_len = 16; - sa_ptr->shsnf_len = 2; + sa_ptr->shsnf_len = 0; + sa_ptr->arsn_len = 0; sa_ptr->shplf_len = 0; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask of ones @@ -1874,6 +1801,8 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) ASSERT_EQ((uint8_t)aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); } + Crypto_aosPrint(aos_frame); + Crypto_Shutdown(); free(framed_aos_b); free(truth_aos_b); @@ -1904,7 +1833,7 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Test frame setup - char *framed_aos_h = "42C00000000000000000000000000000FFFF"; + char *framed_aos_h = "4B000000000000000000000000000000FFFF"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); @@ -1946,7 +1875,7 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Test frame setup - char *framed_aos_h = "42C00000000800090000000000000000FFFF"; + char *framed_aos_h = "4B000000000800090000000000000000FFFF"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); @@ -2001,7 +1930,7 @@ UTEST(AOS_PROCESS, AOS_OCF_TEST) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Test frame setup - char *framed_aos_h = "42C00000000800090000000000000000DEADBEEFFFFF"; + char *framed_aos_h = "4B000000000800090000000000000000DEADBEEFFFFF"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); @@ -2056,7 +1985,7 @@ UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Test frame setup - char *framed_aos_h = "42C00000000000050000000000000000FFFF"; + char *framed_aos_h = "4B000000000000050000000000000000FFFF"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); @@ -2110,7 +2039,7 @@ UTEST(AOS_PROCESS, AOS_PROCESS_HEAP_UNDERFLOW_TEST) // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { - 1, 0x0003, 0, AOS_NO_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + 1, 0x0000, 48, AOS_NO_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); @@ -2166,7 +2095,7 @@ UTEST(AOS_PROCESS, AOS_FHECF_TEST) status = Crypto_Init(); // Test frame setup - char *framed_aos_h = "42C00000000027e20005000000000000000000000000FFFF"; + char *framed_aos_h = "4B00121212002c960005000000000000000000000000FFFF"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); @@ -2196,6 +2125,8 @@ UTEST(AOS_PROCESS, AOS_FHECF_TEST) printf("Framed: %04x\nProcessed: %04x\n", (uint16_t)(((uint8_t)framed_aos_b[6] << 8) | (uint8_t)framed_aos_b[7]) , aos_frame->aos_header.fhecf); ASSERT_EQ(aos_frame->aos_header.fhecf, (uint16_t)(((uint8_t)framed_aos_b[6] << 8) | (uint8_t)framed_aos_b[7])); + + Crypto_aosPrint(aos_frame); Crypto_Shutdown(); free(framed_aos_b); From 82d64553dc5a934912f5455dde7e76b886adf577 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Jun 2025 23:45:34 +0000 Subject: [PATCH 06/37] [nasa/cryptolib#471] Fixed a few sloppy tests --- test/unit/ut_aos_apply.c | 40 +++---------- test/unit/ut_aos_process.c | 112 ++++++++++++++++--------------------- 2 files changed, 55 insertions(+), 97 deletions(-) diff --git a/test/unit/ut_aos_apply.c b/test/unit/ut_aos_apply.c index 9d13477f..2241c4fa 100644 --- a/test/unit/ut_aos_apply.c +++ b/test/unit/ut_aos_apply.c @@ -1055,39 +1055,7 @@ UTEST(AOS_APPLY, AES_GCM) // Truth frame setup char *truth_aos_h = - "40C000000000000ACCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" - "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" - "BBAABBAABBAABBAA778A1E133306963F1D9DCA32D6D60C23C5D4"; + "40C000000000000A00000000000000000000000000000000CE71F3496571490305748611F14D391E4164572834AB5A587C3C74106535929FFB39F358756E14C0C23FC2F46000DBFCD1BD14574E7BDA13DC488F44AB377F09052FE462E1E4692AEB5280BB75FB4455DA4A29AB381CB42795D6FCA9FCB5E7F4E305926D1EA5C0FE2F5C9C97788A3680D558804765667EDDCE4AF4AADCDCA477871580FA77F5F042C9A31EB798BD9BC2B45C3D9499556D284DD54FC8309748A20DBF27729A4A7436B706CA842F0DBC78001266B93767BE5A4E741319292D754F481F5E963DD38C74F47D9B2973F3654273936DC76FA77B6FC7158B9192C3EF99DB3F001EE16708005FA0963DADC2C55199520DA898AD6723E7A49FF1619E7FE643D83007C3D359809629971B06E6C8C0C6CBA8D04DF3AF7A598887AF8E5217907CD2AFC1FFA61C40B59CE165F619E716BDD965EB66A395CC6B1F7F91AE58F11A24B380BD1DC22BE894FB4AB52A3F43373919618C0C2F823E57CED61E1323916B02B0F02F06487D455FA4E42428FBA47D60E49C142A93B7C87DAF2C1A37C97761155F94B15B70927FC0770457378035AF6CD97634A373441D91ACFEB033915C006C64FCBD81DF116CAE34F00D581106E6413035B439972E1A79F406955DF174845EC93CB4FB78C012A24D7FAC31AA7A874F0A80D92490E663E2A42DB14E3255EF241CE727646C3E69FE69DA782E81CC4CF37D49FB1440B5368A984A253CCB033935EDA4D8DDC9C4DD78A92277B5691AB1523F5057EBBB1BBF7C98E51C6873966D0B948C46F12CF9031AD8C99AB236CDB24A3D2817AABB507D319091F21179477060160B5921EC21B71E726204E5B9CC283AE12A79967E89BCD4943A8F2037F75AC6F31E11E24F95EC7CA9F9184A865B5C6E82EDE317C740E6007227F650C2B74950C1C803D6129EC2FC956EFC6035D537761904B1EDFFCF6EC850349DEACDD0A8815C0886FF3270BBA29B792BEB5349C72E12648ED7B0FFE9B1D5551D411190DC95B0EB80DA89B90FD0B9F2483446AAF313470C58C6D026E3D8FF3F4A3D7638C4B9CD38903EA6215628FCF05EDAD8AD3C087FC69BD9C2A070A191D8A2816D16F60785A1AE9F31751A72CAA619560658B309269DF16E27A3B65254AF76851AA633DC33D1011ED9A54C1C155A9F2E58D6D72ACFB33180C487A0B8505EC33464E27958BF455F6C2C964461F45BEAC9D4771B3871FCC57C1C0751F76732701D1B4D147F89B0E40947BB83954295CA58C6E3464CF21EB4EB0BADFC6F16D9731A734DF1945225594A54CC7B3A2E61740229A84755A4F8F827BA38BCA38D830575339DDDD02298DF5170558527E1864656ADCB59D738CA541E3DEF8F159AE839FA161622643F1F09BEFCBC54847663AE8D2DF6ED7515E559102426C3E19296DA77A9FC65DC3BA01B1BA79DEF5C302667C80CAE12B9911B6E764ED32F39FE55B4CD2E79F6431485B8057364F4E0ECDCEE98511E5CEACFD40054488CC0F98FEB7273147D47CFB5A809866B267B707E6C781A5BD169CC0990AF695ABA6D4097F1BA1EEF99C02CEEED6501B0BAA5FDE61BF8A98A93DDB5AE7BC92C309EBC27E2BE1B7B8C8B3DB32B8A8732D77B263B8B11354B54ABBAA93AB39EE1603DBA7987CA37B8A2B251F79506A8EB200F86AEC6ABF481ACE061D39A214EECDC637BBF9D653DA0CB4DA4531A655F4BBB12EC8284FC6898C46B311416F59ABF55C69631C290A0EDB0298DD809D63C9B7132ECD205D9359A181555560F5BF7CD24D15818B5175868DDE5A4B0495F87CDE03F04800416B3F50F3AD56FD00CCD70D7D86E9B7E840864B08B1F99B930787061C473CAD1A41E578AD4C07DFF34928D579B5E6C02B457E0AA7542E653CF4FA3C4F1A83B7CC1B22A16EED574A98DA1CADEEFB35D4C2D0E1F81110F41E23A70C29B657897623DA52DA288433F2DC35FB2CE4591888BBEFD694069BB0550486E2B88EF89E7052AD7FD7838989038F9748BD890E238956DAFE01523C4A91E79A4AB2C866BAA82A591062A4D71B3AABF0415A5F52A3005922C457ECEA6CDC2D53FA2585EBC2D465D4BF734A123A234320C58B2F0D097E655AA7D32DB38B17296A6218A817F049CDA81587AA346306C1A308AA8836B0BA6AEEFEA5204DF601FE70052B484BDBBB7951EA74145B985827816C6685C9202C2FD97735C21677A3BE1B846276ECB12465A5756F7287BCA76C404BBC4E37E4386F8771F7E3CCD45F5A720D8CE10C8704279A84EF1BF25069808AF027D9C4C60343C886D5A26A856F14D7C6A64C2D12635D6C7CF075D98E141A399B70AA22952416774BF2804E2F56DB75077F8C642E08BF27A62CA5A0B91B412D59D2B655EC9F3F6BD46776F9A5FA6BA7731C0E076E57CDE6B4B0749C76CF225EA560D86113FB96AB4F23478895039403438E6CA7EA2534D8EB04C9BFAB2C844839D840D02256FEEB674B82F9ABBCD9255F27261FB35A2C61B3A8DECD2138DB3482D65F1818DE8AE03C080045F68C1"; char *truth_aos_b = NULL; int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); @@ -1098,6 +1066,12 @@ UTEST(AOS_APPLY, AES_GCM) aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); sa_if->sa_get_from_spi(10, &sa_ptr); + sa_ptr->ecs_len = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->est = 1; + sa_ptr->ast = 1; + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; crypto_key_t *ekp = NULL; ekp = key_if->get_key(sa_ptr->ekid); ekp->key_state = KEY_ACTIVE; diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index be07ba74..c783b5aa 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -1567,7 +1567,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { - 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); status = Crypto_Init(); @@ -1576,46 +1576,46 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // Test frame setup Header |SPI| IV | Data char *framed_aos_h = - "4B0000000000000B0000000000000000000000000000000010df143c92a39b3568cc9916c9d06c715bf8017168f88ef107a8016a03207f" - "7d12fe4ccd79ab24043982fe6a8b9675c3b819e2d7dfad32bd85381fb54544d76668a6ab58b988158702e91afe55cd71f1ba50d72bbd1c" - "cc41529101ee1a39c46ecd8a7feb503444606611239d31102dc6371b0e2152dd301e3268d0a45e1bcb58779642e883b6a26546094ba39f" - "b0ce11b39c49092c9b366059e773e4789052311a465f39ba677458510c09826f1ea580fa5c9d5b9677ede38e46fc33fe8d303f9529c15c" - "2bed4c879c5bfdacd86210a431e0f3852b3798369ae1230b4ed5ae66e153757508ead77e85ddac804e8a409cca8b9d3cef0dd1d0298bcd" - "bda1dda336d66ee6b59f2f10ffa6d4bf99885b9082b83cd20c9a44a002c460530a9741e26e78b6e8f9349df8e618b904ed01306ee9ed3a" - "389374efe43e5ed2bcd528943057762f9dc1d392fe2dd2fc6d9cab9e347a25839c07ba47113bad0633b6b5f09228be87631cc1538c2f6e" - "79e9df0f18d658bd8b3ac45b396cfeadd1700ca2ec95cdbe38e5ec013c74cd68d0035bb975c392f5116b661a928bf113c3cacc801a84cb" - "d3f8d3dc2273e0c5270d656648a48db16f860e4a36ee7e8979da4135e40e6952041a0d16b6f51cf67519b80a472b4cf5614d5a0b18dd75" - "5b7c8d63936e43de25a3cdf0d03179aebd5cc85fa1cc0c03fbdd240dd878d647619cbf367a7e486e572c5636c7a7d9b517c565a547597d" - "311b69110985b5f7c5d47904a6f6699e93c02ea7559d4ba94d139824e9ef0840ad3e31afdaaa71f7baba8835d568443b0dab10a4f40043" - "160fde9961038bcb823ab570bac0e609e17311a6b0edab4fce98f8df059194393f5109e766f6bf7e21c9a4441acff0cfd28658d4830433" - "1cb0c982da833c94cf6a7aadc8e2a696b69df49efcd7efadfd2e95bd3a9ab605c221e08b5f61f3aff2496b7c89f98a76aa305116220c50" - "14B0fa4490916f7a6b8732839280d39a402d87ff7e7b1f71b6a243c316307e82b16071ad18e99a548bacc4ed648df49c6eafca0db764b9" - "8c75a9e953161cb6d384421b473f95d6801d5413dbde4373abab3269c0fade85ab66a9beea1d32462796dac0024f44ade919286b5e9248" - "8e52b51ada1deb0730c9b2e66b9b3c75dab5194cf452cb626ea4d9425b28e6d97a9d93d5c61d1fd02eea18d2b42058de6453abac116574" - "0be3c352d7291f8df7abd0c24e90bc8fbdadc32c31942e82f09f74f3ff75e20e597d87d136998b94d99370a8d6c3eedf44503ccc2d7d56" - "0a3c068f8914fb67a976cb15d3be212bc549b26613113a509079ad19e5abd26467e26571c98f17e248e31ad5b0f489a05b71e38725574e" - "9a076bf55d546f970cbc1892801b6a4b4bc7e3b82723cf251dcf3bfee0cb3b8c54a51a99d5272e8165a6cf8b2b05a549d091090c8b7a62" - "3541f2b29542eecc1234bc172038f8fcb0fe14413601f2d255708e4a30a789ec92a3f7bb286c80899886d2f59edfe5e120039b2e0e6fce" - "7fa81dd15b14c61afc0c334015cf975b4B0b53bc33dc511c6aac87f1e38f48287c4ede88b8a22ab013200d4d894709bc0668ac5ff06add" - "5c28ef3764e3a6f51ba519256574734b0ad395d80ee886018ce0a1b935b1af4747b47011eb030c2ca2ab77cf33019cfca4bbbde219d326" - "66ce9a2db7a9e1f0f3fdff22a0b2cf6d245f0c5de470a40025a9f2e743c1fd626a01eb34293544c3dee8b72892c8a2d4fbe0cb2dec2bda" - "572ba4a1246b811331d80e5078b310eb9090a89216b390df62671425f89e73ca736e49848368be1eca4cc5c3036df2dcee5ca648d199f6" - "4b9bb792a2b7eb7ddc5ae43f35bcd9b9a7f4b9b8d493f958666af4dff6a2dec6a4ca908cd67f98d8845a631b3ecff4c5e527a0654ae737" - "885885425f6780da2e53f4e612ee8caf42e4d25cec899e7788e1652f0aa1536c488df58f750b7b63a1573d4df0e3eda5c8359daae00626" - "9cc4f79aab4360ce37b2227bc17a7feb2bd62108404b9d4ec6ca9d4a2c903a34d03db5d68004d5235789e61a22ec75f98680b0829cbf90" - "5668c9631a5157d39d73d1ab7e558ae6ced855939ea79b80f7256dc29fbf01bacbd718e96916218e41c3fb221f5b9ac58eb3bb694edfc6" - "0a9a518f392ba97d542034d17cba204ea92572677c3b6af86383f013fb537ba8441d1b8f645289d8c1347377f3698a830aa82ebe912380" - "8eb105ef216502cee4cd7ef05a14f1e87b5a66eb937a5f7dfd704fb6ad693c90c941a3e4853a148ada9269de95852b412d4d9fc8920120" - "835156c0c6ed168027115535edbf4ff5b72a3f556234c68245c604188572d3a372a898bd6a439bd4a8d6402b28260e81ece7bbf0cdf5a2" - "a2983403289cb060f81d3aedf8b4a82dcdadfed35a86a8b6df4d57801f7718a15660f9b03e0c0450a717e14e92e278d65cc11b7e07277b" - "6992050f69a101af3c11340d640ef7a98d89c32f485221351edc"; + "40C000000000000A00000000000000000000000000000000CE71F3496571490305748611F14D391E4164572834AB5A587C3C74106535929FFB39F358756E14C0C23FC2F46000DBFCD1BD14574E7BDA13DC488F44AB377F09052FE462E1E4692AEB5280BB75FB4455DA4A29AB381CB42795D6FCA9FCB5E7F4E305926D1EA5C0FE2F5C9C97788A3680D558804765667EDDCE4AF4AADCDCA477871580FA77F5F042C9A31EB798BD9BC2B45C3D9499556D284DD54FC8309748A20DBF27729A4A7436B706CA842F0DBC78001266B93767BE5A4E741319292D754F481F5E963DD38C74F47D9B2973F3654273936DC76FA77B6FC7158B9192C3EF99DB3F001EE16708005FA0963DADC2C55199520DA898AD6723E7A49FF1619E7FE643D83007C3D359809629971B06E6C8C0C6CBA8D04DF3AF7A598887AF8E5217907CD2AFC1FFA61C40B59CE165F619E716BDD965EB66A395CC6B1F7F91AE58F11A24B380BD1DC22BE894FB4AB52A3F43373919618C0C2F823E57CED61E1323916B02B0F02F06487D455FA4E42428FBA47D60E49C142A93B7C87DAF2C1A37C97761155F94B15B70927FC0770457378035AF6CD97634A373441D91ACFEB033915C006C64FCBD81DF116CAE34F00D581106E6413035B439972E1A79F406955DF174845EC93CB4FB78C012A24D7FAC31AA7A874F0A80D92490E663E2A42DB14E3255EF241CE727646C3E69FE69DA782E81CC4CF37D49FB1440B5368A984A253CCB033935EDA4D8DDC9C4DD78A92277B5691AB1523F5057EBBB1BBF7C98E51C6873966D0B948C46F12CF9031AD8C99AB236CDB24A3D2817AABB507D319091F21179477060160B5921EC21B71E726204E5B9CC283AE12A79967E89BCD4943A8F2037F75AC6F31E11E24F95EC7CA9F9184A865B5C6E82EDE317C740E6007227F650C2B74950C1C803D6129EC2FC956EFC6035D537761904B1EDFFCF6EC850349DEACDD0A8815C0886FF3270BBA29B792BEB5349C72E12648ED7B0FFE9B1D5551D411190DC95B0EB80DA89B90FD0B9F2483446AAF313470C58C6D026E3D8FF3F4A3D7638C4B9CD38903EA6215628FCF05EDAD8AD3C087FC69BD9C2A070A191D8A2816D16F60785A1AE9F31751A72CAA619560658B309269DF16E27A3B65254AF76851AA633DC33D1011ED9A54C1C155A9F2E58D6D72ACFB33180C487A0B8505EC33464E27958BF455F6C2C964461F45BEAC9D4771B3871FCC57C1C0751F76732701D1B4D147F89B0E40947BB83954295CA58C6E3464CF21EB4EB0BADFC6F16D9731A734DF1945225594A54CC7B3A2E61740229A84755A4F8F827BA38BCA38D830575339DDDD02298DF5170558527E1864656ADCB59D738CA541E3DEF8F159AE839FA161622643F1F09BEFCBC54847663AE8D2DF6ED7515E559102426C3E19296DA77A9FC65DC3BA01B1BA79DEF5C302667C80CAE12B9911B6E764ED32F39FE55B4CD2E79F6431485B8057364F4E0ECDCEE98511E5CEACFD40054488CC0F98FEB7273147D47CFB5A809866B267B707E6C781A5BD169CC0990AF695ABA6D4097F1BA1EEF99C02CEEED6501B0BAA5FDE61BF8A98A93DDB5AE7BC92C309EBC27E2BE1B7B8C8B3DB32B8A8732D77B263B8B11354B54ABBAA93AB39EE1603DBA7987CA37B8A2B251F79506A8EB200F86AEC6ABF481ACE061D39A214EECDC637BBF9D653DA0CB4DA4531A655F4BBB12EC8284FC6898C46B311416F59ABF55C69631C290A0EDB0298DD809D63C9B7132ECD205D9359A181555560F5BF7CD24D15818B5175868DDE5A4B0495F87CDE03F04800416B3F50F3AD56FD00CCD70D7D86E9B7E840864B08B1F99B930787061C473CAD1A41E578AD4C07DFF34928D579B5E6C02B457E0AA7542E653CF4FA3C4F1A83B7CC1B22A16EED574A98DA1CADEEFB35D4C2D0E1F81110F41E23A70C29B657897623DA52DA288433F2DC35FB2CE4591888BBEFD694069BB0550486E2B88EF89E7052AD7FD7838989038F9748BD890E238956DAFE01523C4A91E79A4AB2C866BAA82A591062A4D71B3AABF0415A5F52A3005922C457ECEA6CDC2D53FA2585EBC2D465D4BF734A123A234320C58B2F0D097E655AA7D32DB38B17296A6218A817F049CDA81587AA346306C1A308AA8836B0BA6AEEFEA5204DF601FE70052B484BDBBB7951EA74145B985827816C6685C9202C2FD97735C21677A3BE1B846276ECB12465A5756F7287BCA76C404BBC4E37E4386F8771F7E3CCD45F5A720D8CE10C8704279A84EF1BF25069808AF027D9C4C60343C886D5A26A856F14D7C6A64C2D12635D6C7CF075D98E141A399B70AA22952416774BF2804E2F56DB75077F8C642E08BF27A62CA5A0B91B412D59D2B655EC9F3F6BD46776F9A5FA6BA7731C0E076E57CDE6B4B0749C76CF225EA560D86113FB96AB4F23478895039403438E6CA7EA2534D8EB04C9BFAB2C844839D840D02256FEEB674B82F9ABBCD9255F27261FB35A2C61B3A8DECD2138DB3482D65F1818DE8AE03C080045F68C1"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "4B000000000000000000000000000000000000000000000058847DFB74D0BF1AB060A39CA51726484A988EF8D5D00D351D3B94C7B91A619A5FEB39554B9E7C2F18DD48C5CA6805174229A7264E0AE897C0A0706B59328A6A7BB32DC1AC4377F7C7DC58C50E88E11B48F743AAB376186D947DE9EE4626A1ECC4F2C0391417292AEBF5B56556138902B0D134F871252EFDF05A6DCF56BB59D91729E60E0385B86B0544BDA883BA7654A515660D4D19E652AF61EFC703616A306E759AB756CFF910F0AB3FFE29DC5D2A6370AE0AB99CDAB8E93DC734071FCD78FCD98DC16DB356642770CA1CDFA72EABC619D14556A4BD29D7F7DE01627A373AEE9E21AE668BF68F1AD283546C48962A32F2CB6A04B752C59B9F8284F82973076D830E9AF63CB2AC5FF0FE0CD0AF7F971CDBD028AD02776B631F6C2BFF7A87502186580D1A20019CDC4D164BE1541C203AC1ED2C7C33CEB3535B9CC31E30C30A5A79EDB9378BCD014BE404BD958D8D51BDA85F767FD7634EF72390F6DE2A956D1667B13CFC408C02AF472C896B8ACA468FB003A685802712C92FB4035AC6985E5B50D1D678522F8B3FE059CDDC380F5387E70A57A5A0E985F343EFC6825E0E2B3DBB047EBA9F30568765D95CB12E6AD30F186151F253EDA33264228EFCAC9C8503DCFF0E5700E1AEE1B90EA99A50C48A5648E05E5D5F087FDB045C6A5A6AF1CC9EFFB58CC3D43E28EF449B4938F97F08978F7D63144FCE8C5CC693432814FBCA0ABE1FB480ECD887B39367285299CCFE3E9E722DC51B5F6F02A7A55BD49C99805CE885B349DBCA848E76A230F34053A7BD4027FA0E7FF75E9F2CDB293DC2398F9C83B048EDFB80F8CADB325EFF766CAA8F8F17E3828F5C165ED6056ED83628BC051E2ED9EA5142C771A0E270200DDBC9C03B2FF92E563AE6EC8F414F1C1CEE62787AB6E67E53398733823077D535EF5DF56CA97C59E6F79EFF7C0E1639B5F7B9505243A832E4BE8A7E040171E9D02B80777DDDAB27D138EFCB7F9928571AFAB6D4865581E2CB9FAD010523FD15DF70F702392184663E80C6F8C7D816BCE2548B44FC73125114F2E0FF618556543165DDF797651FCFA22D8E30ABDCD23EC0E7440180918470F2849EF385951BA0B7DB2D33A816DC3D3D46E189A312F3B40C3DC202FF34A468362CE6DF125EC96568FA6EBCF7C2EE0F265CB9CBACA150A9D57FD77BE1CE6FA54C88D4CB40DB8B6AFEDBA3D6827858B673615A20B2A853DD07A034E0199A32E390BC2E048E78AD72DEB39C3E71319FCAF1FAE1A96F38A012C594120703C9FD8BAA0396630219CF794A2F10AB18376D5BCC06CF032D3DAA2D45DC1826C6BE2B170C7EE50D4CE02C81D567AD967C92C2FC0B3F369AA7FF4A7C684FC91439E625FE63F2F77140E4DE7735DBCA999E8D2B7E49901968DBC5318F12B3476A45649039B8368CEBFAA797F1B9C8B8740FDEDF9B5696B30AD3E5125494C0DC41894FF5E2C3C21889F994B04D7CE0C854573259E46F919A3E67A4E245566D05B06F8D3603E1AD555DE850202DEAEF8C0E83CF4D4D9A4BBC4B5C7DE9B8CD629D9C0CF22F598DC2D50163D1F14610E4271C00CEDDFAB7FC827A9CE78C6ECB56C0E90E879792F33EAA3A7DC9D91DD1E22889385F97A1EADB421AFFAF7088FF615378029372E448F8D09309F0DED4FB9195A4CFAF046D4F8D4A4F59BF2272DD6D2B23E4578E725CEC2DF1BDB02D2A8C94FD2922F6EC3758A7761DBA702C3C0FB6357E9DC2F7FDCD1606945D94C4CD2C2BB5A067F956D2E31EDD7B11A4AAD46341B37F3DEE419BA4E76CA07DD05F6FE3B86905E73C1391150EBFBCB149F7024B2A26369546E62063046A3BA4DA7D9C69E566C366D2F83122BDD79B31217450A4D04CADC97199A16233DE7031E895A2617FAEABAD2B5EE73D015E5DC2CAA67D9985D63D765A62119BE2F0113BF09F2C81F6381336F64DDEEF781F469B0F63ACFDAED5F2F3CF726E9D3F06940AD64F3DD6E27592825D43FCF56044F8FF1FD8205C3AE467E98076096388AFF0C9540516C07997437A652FFFA3448853E04202E212DEB1CAFCA1A1C15E38A3B1AA47E579AF8788FD35B9BDFCCD747966F8774A2D068C24EC1C749DCE4C26CC51D09A0805B7588923A797DA66D8E221B32901E11D8CCD9F0137F863523FAF1B0DA99A3D67ED2A8A4EEF9A8C421FABD38A425209ABE806C9939F530319B4B622D79E136A1E3145C3C88BF6F510F728855203976F66D328B3CFE773D0B887C2AD07B1F36C3E4F61750DC2F21C4C2EEA4F1714B9A8254FC1FE019D1EF60C4CA200AC756C7878FF64BD41B6470E7726612B538F07EBA0FA378B015666BA7C0EB6B0F421A336A3650A532171CAF39110BD5148A38CDAC283ED8A0ACECD50B72289B5C14A4D3C1CC3D52252029030E5C8620A41D429D8078A32F098ED8DC26ED13094817DD53B7874550949EA9DC4119E1E4AF0ABF4481FE8E3502CD331DD5CD702819704A42E40B8E8C1000000000000000000000000000000000000"; + "40C0000000000000CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; char *truth_aos_b = NULL; int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); @@ -1632,37 +1632,21 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // Expose/setup SAs for testing SecurityAssociation_t ta; - SecurityAssociation_t *test_association = &ta; - - sa_if->sa_get_from_spi(10, &test_association); // Disable SPI 10 - test_association->sa_state = SA_KEYED; - sa_if->sa_get_from_spi(11, &test_association); // Enable and setup 11 - test_association->sa_state = SA_OPERATIONAL; - test_association->akid = 0; - test_association->ekid = 136; - test_association->est = 1; - test_association->ast = 0; - test_association->acs_len = 1; - test_association->ecs_len = 1; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->acs = CRYPTO_MAC_NONE; - test_association->stmacf_len = 16; - test_association->abm_len = 1786; - test_association->arsn_len = 0; - test_association->gvcid_blk.scid = SCID & 0x3FF; - test_association->iv_len = 16; - test_association->shivf_len = 16; - test_association->shsnf_len = 0; - test_association->arsn_len = 0; - test_association->shplf_len = 0; - memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask of ones - + SecurityAssociation_t *sa_ptr = &ta; + + sa_if->sa_get_from_spi(10, &sa_ptr); + sa_ptr->ecs_len = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->est = 1; + sa_ptr->ast = 1; + sa_ptr->iv_len = 16; + sa_ptr->shivf_len = 16; crypto_key_t *ekp = NULL; - ekp = key_if->get_key(test_association->ekid); + ekp = key_if->get_key(sa_ptr->ekid); ekp->key_state = KEY_ACTIVE; crypto_key_t *akp = NULL; - akp = key_if->get_key(test_association->akid); + akp = key_if->get_key(sa_ptr->akid); akp->key_state = KEY_ACTIVE; // Set a more obvious IV for test purposes @@ -1670,7 +1654,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) char *iv_b = NULL; int iv_len = 0; hex_conversion(iv_h, &iv_b, &iv_len); - memcpy(test_association->iv, iv_b, iv_len); + memcpy(sa_ptr->iv, iv_b, iv_len); AOS_t *aos_frame; aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); @@ -1698,7 +1682,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // printf("\n"); // printf("\nDoing final checks:\n\t"); - uint16_t offset = 6 + SPI_LEN + test_association->shivf_len + test_association->shsnf_len + test_association->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("%02x", aos_frame->aos_pdu[i]); From 166a56720fc740bf370750d28301fc094f183d9e Mon Sep 17 00:00:00 2001 From: Donnie-Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Thu, 19 Jun 2025 23:48:36 +0000 Subject: [PATCH 07/37] style: auto-format via clang-format --- include/crypto.h | 4 +- include/crypto_structs.h | 32 +- src/core/crypto.c | 6 +- src/core/crypto_aos.c | 22 +- src/core/crypto_tm.c | 11 +- ...ryptography_interface_libgcrypt.template.c | 8 +- test/unit/ut_aos_apply.c | 44 ++- test/unit/ut_aos_process.c | 328 +++++++++++------- test/unit/ut_tm_process.c | 118 +++---- 9 files changed, 345 insertions(+), 228 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 12fd8eab..f0d230c7 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -312,8 +312,8 @@ extern char *crypto_deep_copy_string(char *src_string); extern CCSDS_t sdls_frame; extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; extern uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; -//extern TM_t tm_frame; -//extern uint8_t tm_frame[1786]; +// extern TM_t tm_frame; +// extern uint8_t tm_frame[1786]; extern TM_FramePrimaryHeader_t tm_frame_pri_hdr; extern TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // exterm AOS_t aos_frame diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 9438ad8a..bb7dad35 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -526,8 +526,8 @@ typedef struct */ typedef struct { - uint16_t spi; // Security Parameter Index - uint8_t iv[IV_SIZE]; // Initialization Vector for encryption + uint16_t spi; // Security Parameter Index + uint8_t iv[IV_SIZE]; // Initialization Vector for encryption uint8_t iv_field_len; uint8_t sn[SN_SIZE]; // Sequence Number for anti-replay uint8_t sn_field_len; @@ -545,7 +545,7 @@ typedef struct uint8_t mac_field_len; uint8_t ocf[OCF_SIZE]; // Operational Control Field uint8_t ocf_field_len; - uint16_t fecf; // Frame Error Control Field + uint16_t fecf; // Frame Error Control Field } __attribute__((packed)) TM_FrameSecurityTrailer_t; #define TM_FRAME_SECTRAILER_SIZE (sizeof(TM_FrameSecurityTrailer_t)) @@ -580,16 +580,16 @@ typedef struct // To be all zeros if only one VC used (732.0b4 Section 4.1.2.3) long vcfc : 24; // Virtual Channel Frame Count (modulo-16,777,216) /* Begin TF Signalling Field */ - uint8_t rf : 1; // Replay Flag - uint8_t sf : 1; // VC Frame Count Usgae Flag - // 0 = Payload is either idle data or octet synchronized forward-ordered packets - // 1 = Data is a virtual channel access data unit - uint8_t spare : 2; // Reserved Spare - // 0 = Shall be set to 0 - // Sync Flag 1 = Undefined - uint8_t vfcc : 4; // VC Frame Count cycle - // Sync Flag 0 = Shall be 11 - // Sync Flag 1 = Undefined + uint8_t rf : 1; // Replay Flag + uint8_t sf : 1; // VC Frame Count Usgae Flag + // 0 = Payload is either idle data or octet synchronized forward-ordered packets + // 1 = Data is a virtual channel access data unit + uint8_t spare : 2; // Reserved Spare + // 0 = Shall be set to 0 + // Sync Flag 1 = Undefined + uint8_t vfcc : 4; // VC Frame Count cycle + // Sync Flag 0 = Shall be 11 + // Sync Flag 1 = Undefined uint16_t fhecf : 16; // Frame header error control field } __attribute__((packed)) AOS_FramePrimaryHeader_t; #define AOS_FRAME_PRIMARYHEADER_SIZE (sizeof(AOS_FramePrimaryHeader_t)) @@ -600,8 +600,8 @@ typedef struct typedef struct { uint8_t iz[MAX_IZ_LEN]; - uint16_t spi; // Security Parameter Index - uint8_t iv[IV_SIZE]; // Initialization Vector for encryption + uint16_t spi; // Security Parameter Index + uint8_t iv[IV_SIZE]; // Initialization Vector for encryption uint8_t iv_field_len; uint8_t sn[SN_SIZE]; // Sequence Number for anti-replay uint8_t sn_field_len; @@ -619,7 +619,7 @@ typedef struct uint8_t mac_field_len; uint8_t ocf[OCF_SIZE]; // Operational Control Field uint8_t ocf_field_len; - uint16_t fecf; // Frame Error Control Field + uint16_t fecf; // Frame Error Control Field } __attribute__((packed)) AOS_FrameSecurityTrailer_t; #define AOS_FRAME_SECTRAILER_SIZE (sizeof(AOS_FrameSecurityTrailer_t)) diff --git a/src/core/crypto.c b/src/core/crypto.c index 6aa03018..711d90dd 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -46,9 +46,9 @@ SDLS_KEYV_RPLY_t sdls_ep_keyv_reply; // Reply block for challenged keys uint8_t sdls_ep_reply[TC_MAX_FRAME_SIZE]; CCSDS_t sdls_frame; // TM -//TM_t tm_frame; // TM Global Frame -TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication -TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication +// TM_t tm_frame; // TM Global Frame +TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication +TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // AOS uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index 515b26e3..0f9f673d 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -1406,12 +1406,13 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t byte_idx = 0; // Primary Header - pp_processed_frame->aos_header.tfvn = (p_new_dec_frame[0] & 0xC0) >> 6; - pp_processed_frame->aos_header.scid = (((uint16_t)p_new_dec_frame[0] & 0x3F) << 2) | (((uint16_t)p_new_dec_frame[1] & 0xC0) >> 6); - pp_processed_frame->aos_header.vcid = (p_new_dec_frame[1] & 0x3F); - pp_processed_frame->aos_header.vcfc = (p_new_dec_frame[2] << 16) | (p_new_dec_frame[3] << 8) | (p_new_dec_frame[4]); - pp_processed_frame->aos_header.rf = (p_new_dec_frame[5] & 0x80) >> 7; - pp_processed_frame->aos_header.sf = (p_new_dec_frame[5] & 0x40) >> 6; + pp_processed_frame->aos_header.tfvn = (p_new_dec_frame[0] & 0xC0) >> 6; + pp_processed_frame->aos_header.scid = + (((uint16_t)p_new_dec_frame[0] & 0x3F) << 2) | (((uint16_t)p_new_dec_frame[1] & 0xC0) >> 6); + pp_processed_frame->aos_header.vcid = (p_new_dec_frame[1] & 0x3F); + pp_processed_frame->aos_header.vcfc = (p_new_dec_frame[2] << 16) | (p_new_dec_frame[3] << 8) | (p_new_dec_frame[4]); + pp_processed_frame->aos_header.rf = (p_new_dec_frame[5] & 0x80) >> 7; + pp_processed_frame->aos_header.sf = (p_new_dec_frame[5] & 0x40) >> 6; pp_processed_frame->aos_header.spare = (p_new_dec_frame[5] & 0x30) >> 4; pp_processed_frame->aos_header.vfcc = (p_new_dec_frame[5] & 0x0F); if (current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) @@ -1434,7 +1435,8 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t byte_idx += current_managed_parameters_struct.aos_iz_len; } - pp_processed_frame->aos_sec_header.spi = (((uint16_t)p_new_dec_frame[byte_idx]) << 8) | ((uint16_t)p_new_dec_frame[byte_idx + 1]); + pp_processed_frame->aos_sec_header.spi = + (((uint16_t)p_new_dec_frame[byte_idx]) << 8) | ((uint16_t)p_new_dec_frame[byte_idx + 1]); byte_idx += 2; for (int i = 0; i < sa_ptr->shivf_len; i++) @@ -1484,10 +1486,11 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t { pp_processed_frame->aos_sec_trailer.ocf_field_len = 0; } - + if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { - pp_processed_frame->aos_sec_trailer.fecf = (uint16_t)(p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; + pp_processed_frame->aos_sec_trailer.fecf = + (uint16_t)(p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; } free(p_new_dec_frame); @@ -1498,7 +1501,6 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t return status; } - /** * @brief Function: Crypto_Prepare_AOS_AAD * Bitwise ANDs buffer with abm, placing results in aad buffer diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index bc9f0e05..62d966b2 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1587,7 +1587,8 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ // Primary Header pp_processed_frame->tm_header.tfvn = (p_new_dec_frame[0] & 0xC0) >> 6; - pp_processed_frame->tm_header.scid = (((uint16_t)p_new_dec_frame[0] & 0x3F) << 4) | (((uint16_t)p_new_dec_frame[1] & 0xF0) >> 4); + pp_processed_frame->tm_header.scid = + (((uint16_t)p_new_dec_frame[0] & 0x3F) << 4) | (((uint16_t)p_new_dec_frame[1] & 0xF0) >> 4); pp_processed_frame->tm_header.vcid = (p_new_dec_frame[1] & 0x0E) >> 1; pp_processed_frame->tm_header.ocff = (p_new_dec_frame[1] & 0x01); pp_processed_frame->tm_header.mcfc = (p_new_dec_frame[2]); @@ -1600,7 +1601,8 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ byte_idx += 6; // Security Header - pp_processed_frame->tm_sec_header.spi = (((uint16_t)p_new_dec_frame[byte_idx]) << 8) | ((uint16_t)p_new_dec_frame[byte_idx + 1]); + pp_processed_frame->tm_sec_header.spi = + (((uint16_t)p_new_dec_frame[byte_idx]) << 8) | ((uint16_t)p_new_dec_frame[byte_idx + 1]); byte_idx += 2; for (int i = 0; i < sa_ptr->shivf_len; i++) { @@ -1648,7 +1650,8 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ } if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { - pp_processed_frame->tm_sec_trailer.fecf = ((uint16_t)p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; + pp_processed_frame->tm_sec_trailer.fecf = + ((uint16_t)p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; } free(p_new_dec_frame); @@ -1734,7 +1737,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * * Reference CCSDS SDLP 3550b1 4.1.1.1.3 **/ // Get SPI - spi = (uint8_t)p_ingest[byte_idx] << 8 | (uint8_t)p_ingest[byte_idx + 1]; + spi = (uint8_t)p_ingest[byte_idx] << 8 | (uint8_t)p_ingest[byte_idx + 1]; pp_processed_frame->tm_sec_header.spi = spi; // Move index to past the SPI byte_idx += 2; diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index 5924e7e4..a50de07d 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -306,11 +306,11 @@ static int32_t cryptography_validate_authentication(uint8_t *data_out, size_t le #ifdef MAC_DEBUG // Commented out due to memory leaks with HMAC uint32_t *tmac_size = &mac_size; - uint8_t tmac[*tmac_size]; + uint8_t tmac[*tmac_size]; gcry_error = gcry_mac_read(tmp_mac_hd, - &tmac, // tag output - (size_t*)&mac_size // tag size - ); + &tmac, // tag output + (size_t *)&mac_size // tag size + ); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); diff --git a/test/unit/ut_aos_apply.c b/test/unit/ut_aos_apply.c index 2241c4fa..297c29ea 100644 --- a/test/unit/ut_aos_apply.c +++ b/test/unit/ut_aos_apply.c @@ -1055,7 +1055,39 @@ UTEST(AOS_APPLY, AES_GCM) // Truth frame setup char *truth_aos_h = - "40C000000000000A00000000000000000000000000000000CE71F3496571490305748611F14D391E4164572834AB5A587C3C74106535929FFB39F358756E14C0C23FC2F46000DBFCD1BD14574E7BDA13DC488F44AB377F09052FE462E1E4692AEB5280BB75FB4455DA4A29AB381CB42795D6FCA9FCB5E7F4E305926D1EA5C0FE2F5C9C97788A3680D558804765667EDDCE4AF4AADCDCA477871580FA77F5F042C9A31EB798BD9BC2B45C3D9499556D284DD54FC8309748A20DBF27729A4A7436B706CA842F0DBC78001266B93767BE5A4E741319292D754F481F5E963DD38C74F47D9B2973F3654273936DC76FA77B6FC7158B9192C3EF99DB3F001EE16708005FA0963DADC2C55199520DA898AD6723E7A49FF1619E7FE643D83007C3D359809629971B06E6C8C0C6CBA8D04DF3AF7A598887AF8E5217907CD2AFC1FFA61C40B59CE165F619E716BDD965EB66A395CC6B1F7F91AE58F11A24B380BD1DC22BE894FB4AB52A3F43373919618C0C2F823E57CED61E1323916B02B0F02F06487D455FA4E42428FBA47D60E49C142A93B7C87DAF2C1A37C97761155F94B15B70927FC0770457378035AF6CD97634A373441D91ACFEB033915C006C64FCBD81DF116CAE34F00D581106E6413035B439972E1A79F406955DF174845EC93CB4FB78C012A24D7FAC31AA7A874F0A80D92490E663E2A42DB14E3255EF241CE727646C3E69FE69DA782E81CC4CF37D49FB1440B5368A984A253CCB033935EDA4D8DDC9C4DD78A92277B5691AB1523F5057EBBB1BBF7C98E51C6873966D0B948C46F12CF9031AD8C99AB236CDB24A3D2817AABB507D319091F21179477060160B5921EC21B71E726204E5B9CC283AE12A79967E89BCD4943A8F2037F75AC6F31E11E24F95EC7CA9F9184A865B5C6E82EDE317C740E6007227F650C2B74950C1C803D6129EC2FC956EFC6035D537761904B1EDFFCF6EC850349DEACDD0A8815C0886FF3270BBA29B792BEB5349C72E12648ED7B0FFE9B1D5551D411190DC95B0EB80DA89B90FD0B9F2483446AAF313470C58C6D026E3D8FF3F4A3D7638C4B9CD38903EA6215628FCF05EDAD8AD3C087FC69BD9C2A070A191D8A2816D16F60785A1AE9F31751A72CAA619560658B309269DF16E27A3B65254AF76851AA633DC33D1011ED9A54C1C155A9F2E58D6D72ACFB33180C487A0B8505EC33464E27958BF455F6C2C964461F45BEAC9D4771B3871FCC57C1C0751F76732701D1B4D147F89B0E40947BB83954295CA58C6E3464CF21EB4EB0BADFC6F16D9731A734DF1945225594A54CC7B3A2E61740229A84755A4F8F827BA38BCA38D830575339DDDD02298DF5170558527E1864656ADCB59D738CA541E3DEF8F159AE839FA161622643F1F09BEFCBC54847663AE8D2DF6ED7515E559102426C3E19296DA77A9FC65DC3BA01B1BA79DEF5C302667C80CAE12B9911B6E764ED32F39FE55B4CD2E79F6431485B8057364F4E0ECDCEE98511E5CEACFD40054488CC0F98FEB7273147D47CFB5A809866B267B707E6C781A5BD169CC0990AF695ABA6D4097F1BA1EEF99C02CEEED6501B0BAA5FDE61BF8A98A93DDB5AE7BC92C309EBC27E2BE1B7B8C8B3DB32B8A8732D77B263B8B11354B54ABBAA93AB39EE1603DBA7987CA37B8A2B251F79506A8EB200F86AEC6ABF481ACE061D39A214EECDC637BBF9D653DA0CB4DA4531A655F4BBB12EC8284FC6898C46B311416F59ABF55C69631C290A0EDB0298DD809D63C9B7132ECD205D9359A181555560F5BF7CD24D15818B5175868DDE5A4B0495F87CDE03F04800416B3F50F3AD56FD00CCD70D7D86E9B7E840864B08B1F99B930787061C473CAD1A41E578AD4C07DFF34928D579B5E6C02B457E0AA7542E653CF4FA3C4F1A83B7CC1B22A16EED574A98DA1CADEEFB35D4C2D0E1F81110F41E23A70C29B657897623DA52DA288433F2DC35FB2CE4591888BBEFD694069BB0550486E2B88EF89E7052AD7FD7838989038F9748BD890E238956DAFE01523C4A91E79A4AB2C866BAA82A591062A4D71B3AABF0415A5F52A3005922C457ECEA6CDC2D53FA2585EBC2D465D4BF734A123A234320C58B2F0D097E655AA7D32DB38B17296A6218A817F049CDA81587AA346306C1A308AA8836B0BA6AEEFEA5204DF601FE70052B484BDBBB7951EA74145B985827816C6685C9202C2FD97735C21677A3BE1B846276ECB12465A5756F7287BCA76C404BBC4E37E4386F8771F7E3CCD45F5A720D8CE10C8704279A84EF1BF25069808AF027D9C4C60343C886D5A26A856F14D7C6A64C2D12635D6C7CF075D98E141A399B70AA22952416774BF2804E2F56DB75077F8C642E08BF27A62CA5A0B91B412D59D2B655EC9F3F6BD46776F9A5FA6BA7731C0E076E57CDE6B4B0749C76CF225EA560D86113FB96AB4F23478895039403438E6CA7EA2534D8EB04C9BFAB2C844839D840D02256FEEB674B82F9ABBCD9255F27261FB35A2C61B3A8DECD2138DB3482D65F1818DE8AE03C080045F68C1"; + "40C000000000000A00000000000000000000000000000000CE71F3496571490305748611F14D391E4164572834AB5A587C3C7410653592" + "9FFB39F358756E14C0C23FC2F46000DBFCD1BD14574E7BDA13DC488F44AB377F09052FE462E1E4692AEB5280BB75FB4455DA4A29AB381C" + "B42795D6FCA9FCB5E7F4E305926D1EA5C0FE2F5C9C97788A3680D558804765667EDDCE4AF4AADCDCA477871580FA77F5F042C9A31EB798" + "BD9BC2B45C3D9499556D284DD54FC8309748A20DBF27729A4A7436B706CA842F0DBC78001266B93767BE5A4E741319292D754F481F5E96" + "3DD38C74F47D9B2973F3654273936DC76FA77B6FC7158B9192C3EF99DB3F001EE16708005FA0963DADC2C55199520DA898AD6723E7A49F" + "F1619E7FE643D83007C3D359809629971B06E6C8C0C6CBA8D04DF3AF7A598887AF8E5217907CD2AFC1FFA61C40B59CE165F619E716BDD9" + "65EB66A395CC6B1F7F91AE58F11A24B380BD1DC22BE894FB4AB52A3F43373919618C0C2F823E57CED61E1323916B02B0F02F06487D455F" + "A4E42428FBA47D60E49C142A93B7C87DAF2C1A37C97761155F94B15B70927FC0770457378035AF6CD97634A373441D91ACFEB033915C00" + "6C64FCBD81DF116CAE34F00D581106E6413035B439972E1A79F406955DF174845EC93CB4FB78C012A24D7FAC31AA7A874F0A80D92490E6" + "63E2A42DB14E3255EF241CE727646C3E69FE69DA782E81CC4CF37D49FB1440B5368A984A253CCB033935EDA4D8DDC9C4DD78A92277B569" + "1AB1523F5057EBBB1BBF7C98E51C6873966D0B948C46F12CF9031AD8C99AB236CDB24A3D2817AABB507D319091F21179477060160B5921" + "EC21B71E726204E5B9CC283AE12A79967E89BCD4943A8F2037F75AC6F31E11E24F95EC7CA9F9184A865B5C6E82EDE317C740E6007227F6" + "50C2B74950C1C803D6129EC2FC956EFC6035D537761904B1EDFFCF6EC850349DEACDD0A8815C0886FF3270BBA29B792BEB5349C72E1264" + "8ED7B0FFE9B1D5551D411190DC95B0EB80DA89B90FD0B9F2483446AAF313470C58C6D026E3D8FF3F4A3D7638C4B9CD38903EA6215628FC" + "F05EDAD8AD3C087FC69BD9C2A070A191D8A2816D16F60785A1AE9F31751A72CAA619560658B309269DF16E27A3B65254AF76851AA633DC" + "33D1011ED9A54C1C155A9F2E58D6D72ACFB33180C487A0B8505EC33464E27958BF455F6C2C964461F45BEAC9D4771B3871FCC57C1C0751" + "F76732701D1B4D147F89B0E40947BB83954295CA58C6E3464CF21EB4EB0BADFC6F16D9731A734DF1945225594A54CC7B3A2E61740229A8" + "4755A4F8F827BA38BCA38D830575339DDDD02298DF5170558527E1864656ADCB59D738CA541E3DEF8F159AE839FA161622643F1F09BEFC" + "BC54847663AE8D2DF6ED7515E559102426C3E19296DA77A9FC65DC3BA01B1BA79DEF5C302667C80CAE12B9911B6E764ED32F39FE55B4CD" + "2E79F6431485B8057364F4E0ECDCEE98511E5CEACFD40054488CC0F98FEB7273147D47CFB5A809866B267B707E6C781A5BD169CC0990AF" + "695ABA6D4097F1BA1EEF99C02CEEED6501B0BAA5FDE61BF8A98A93DDB5AE7BC92C309EBC27E2BE1B7B8C8B3DB32B8A8732D77B263B8B11" + "354B54ABBAA93AB39EE1603DBA7987CA37B8A2B251F79506A8EB200F86AEC6ABF481ACE061D39A214EECDC637BBF9D653DA0CB4DA4531A" + "655F4BBB12EC8284FC6898C46B311416F59ABF55C69631C290A0EDB0298DD809D63C9B7132ECD205D9359A181555560F5BF7CD24D15818" + "B5175868DDE5A4B0495F87CDE03F04800416B3F50F3AD56FD00CCD70D7D86E9B7E840864B08B1F99B930787061C473CAD1A41E578AD4C0" + "7DFF34928D579B5E6C02B457E0AA7542E653CF4FA3C4F1A83B7CC1B22A16EED574A98DA1CADEEFB35D4C2D0E1F81110F41E23A70C29B65" + "7897623DA52DA288433F2DC35FB2CE4591888BBEFD694069BB0550486E2B88EF89E7052AD7FD7838989038F9748BD890E238956DAFE015" + "23C4A91E79A4AB2C866BAA82A591062A4D71B3AABF0415A5F52A3005922C457ECEA6CDC2D53FA2585EBC2D465D4BF734A123A234320C58" + "B2F0D097E655AA7D32DB38B17296A6218A817F049CDA81587AA346306C1A308AA8836B0BA6AEEFEA5204DF601FE70052B484BDBBB7951E" + "A74145B985827816C6685C9202C2FD97735C21677A3BE1B846276ECB12465A5756F7287BCA76C404BBC4E37E4386F8771F7E3CCD45F5A7" + "20D8CE10C8704279A84EF1BF25069808AF027D9C4C60343C886D5A26A856F14D7C6A64C2D12635D6C7CF075D98E141A399B70AA2295241" + "6774BF2804E2F56DB75077F8C642E08BF27A62CA5A0B91B412D59D2B655EC9F3F6BD46776F9A5FA6BA7731C0E076E57CDE6B4B0749C76C" + "F225EA560D86113FB96AB4F23478895039403438E6CA7EA2534D8EB04C9BFAB2C844839D840D02256FEEB674B82F9ABBCD9255F27261FB" + "35A2C61B3A8DECD2138DB3482D65F1818DE8AE03C080045F68C1"; char *truth_aos_b = NULL; int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); @@ -1066,11 +1098,11 @@ UTEST(AOS_APPLY, AES_GCM) aos_frame_pri_hdr.vcid = ((uint8_t)test_aos_b[1] & 0x3F); sa_if->sa_get_from_spi(10, &sa_ptr); - sa_ptr->ecs_len = 1; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - sa_ptr->est = 1; - sa_ptr->ast = 1; - sa_ptr->iv_len = 16; + sa_ptr->ecs_len = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->est = 1; + sa_ptr->ast = 1; + sa_ptr->iv_len = 16; sa_ptr->shivf_len = 16; crypto_key_t *ekp = NULL; ekp = key_if->get_key(sa_ptr->ekid); diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index c783b5aa..e641bbcf 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -37,8 +37,8 @@ UTEST(AOS_PROCESS, NO_CONFIG) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_ERROR; - int framed_aos_len = 0; + int32_t status = CRYPTO_LIB_ERROR; + int framed_aos_len = 0; uint16_t processed_aos_len; char *framed_aos_h = @@ -82,8 +82,7 @@ UTEST(AOS_PROCESS, NO_CONFIG) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); @@ -102,9 +101,9 @@ UTEST(AOS_PROCESS, NO_INIT) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_ERROR; - int framed_aos_len = 0; - + int32_t status = CRYPTO_LIB_ERROR; + int framed_aos_len = 0; + uint16_t processed_aos_len; // No Crypto_Init(), but we still Configure It: @@ -170,8 +169,7 @@ UTEST(AOS_PROCESS, NO_INIT) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_h, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_NO_CONFIG, status); char *error_enum = Crypto_Get_Error_Code_Enum_String(status); @@ -192,8 +190,8 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -202,8 +200,8 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -298,20 +296,19 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->arsn_len = 0; sa_ptr->shsnf_len = 0; - + AOS_t *aos_frame; aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -337,8 +334,8 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -442,8 +439,7 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = @@ -451,7 +447,7 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + 2 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + 2 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", aos_frame[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -476,8 +472,8 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -486,8 +482,8 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_NO_FHEC, AOS_HAS_IZ, 10); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -586,15 +582,14 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + 10 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + 10 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { printf("Checking %02x against %02X\n", aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); @@ -619,8 +614,8 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -738,15 +733,14 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -773,8 +767,8 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -784,8 +778,8 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -898,15 +892,14 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -931,8 +924,8 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -942,8 +935,8 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1055,15 +1048,14 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1090,8 +1082,8 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1101,8 +1093,8 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1210,15 +1202,14 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1243,8 +1234,8 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1254,8 +1245,8 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1367,15 +1358,14 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1400,8 +1390,8 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1411,8 +1401,8 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1524,15 +1514,14 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1555,8 +1544,8 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Setup & Initialize CryptoLib @@ -1564,8 +1553,8 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1576,7 +1565,39 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // Test frame setup Header |SPI| IV | Data char *framed_aos_h = - "40C000000000000A00000000000000000000000000000000CE71F3496571490305748611F14D391E4164572834AB5A587C3C74106535929FFB39F358756E14C0C23FC2F46000DBFCD1BD14574E7BDA13DC488F44AB377F09052FE462E1E4692AEB5280BB75FB4455DA4A29AB381CB42795D6FCA9FCB5E7F4E305926D1EA5C0FE2F5C9C97788A3680D558804765667EDDCE4AF4AADCDCA477871580FA77F5F042C9A31EB798BD9BC2B45C3D9499556D284DD54FC8309748A20DBF27729A4A7436B706CA842F0DBC78001266B93767BE5A4E741319292D754F481F5E963DD38C74F47D9B2973F3654273936DC76FA77B6FC7158B9192C3EF99DB3F001EE16708005FA0963DADC2C55199520DA898AD6723E7A49FF1619E7FE643D83007C3D359809629971B06E6C8C0C6CBA8D04DF3AF7A598887AF8E5217907CD2AFC1FFA61C40B59CE165F619E716BDD965EB66A395CC6B1F7F91AE58F11A24B380BD1DC22BE894FB4AB52A3F43373919618C0C2F823E57CED61E1323916B02B0F02F06487D455FA4E42428FBA47D60E49C142A93B7C87DAF2C1A37C97761155F94B15B70927FC0770457378035AF6CD97634A373441D91ACFEB033915C006C64FCBD81DF116CAE34F00D581106E6413035B439972E1A79F406955DF174845EC93CB4FB78C012A24D7FAC31AA7A874F0A80D92490E663E2A42DB14E3255EF241CE727646C3E69FE69DA782E81CC4CF37D49FB1440B5368A984A253CCB033935EDA4D8DDC9C4DD78A92277B5691AB1523F5057EBBB1BBF7C98E51C6873966D0B948C46F12CF9031AD8C99AB236CDB24A3D2817AABB507D319091F21179477060160B5921EC21B71E726204E5B9CC283AE12A79967E89BCD4943A8F2037F75AC6F31E11E24F95EC7CA9F9184A865B5C6E82EDE317C740E6007227F650C2B74950C1C803D6129EC2FC956EFC6035D537761904B1EDFFCF6EC850349DEACDD0A8815C0886FF3270BBA29B792BEB5349C72E12648ED7B0FFE9B1D5551D411190DC95B0EB80DA89B90FD0B9F2483446AAF313470C58C6D026E3D8FF3F4A3D7638C4B9CD38903EA6215628FCF05EDAD8AD3C087FC69BD9C2A070A191D8A2816D16F60785A1AE9F31751A72CAA619560658B309269DF16E27A3B65254AF76851AA633DC33D1011ED9A54C1C155A9F2E58D6D72ACFB33180C487A0B8505EC33464E27958BF455F6C2C964461F45BEAC9D4771B3871FCC57C1C0751F76732701D1B4D147F89B0E40947BB83954295CA58C6E3464CF21EB4EB0BADFC6F16D9731A734DF1945225594A54CC7B3A2E61740229A84755A4F8F827BA38BCA38D830575339DDDD02298DF5170558527E1864656ADCB59D738CA541E3DEF8F159AE839FA161622643F1F09BEFCBC54847663AE8D2DF6ED7515E559102426C3E19296DA77A9FC65DC3BA01B1BA79DEF5C302667C80CAE12B9911B6E764ED32F39FE55B4CD2E79F6431485B8057364F4E0ECDCEE98511E5CEACFD40054488CC0F98FEB7273147D47CFB5A809866B267B707E6C781A5BD169CC0990AF695ABA6D4097F1BA1EEF99C02CEEED6501B0BAA5FDE61BF8A98A93DDB5AE7BC92C309EBC27E2BE1B7B8C8B3DB32B8A8732D77B263B8B11354B54ABBAA93AB39EE1603DBA7987CA37B8A2B251F79506A8EB200F86AEC6ABF481ACE061D39A214EECDC637BBF9D653DA0CB4DA4531A655F4BBB12EC8284FC6898C46B311416F59ABF55C69631C290A0EDB0298DD809D63C9B7132ECD205D9359A181555560F5BF7CD24D15818B5175868DDE5A4B0495F87CDE03F04800416B3F50F3AD56FD00CCD70D7D86E9B7E840864B08B1F99B930787061C473CAD1A41E578AD4C07DFF34928D579B5E6C02B457E0AA7542E653CF4FA3C4F1A83B7CC1B22A16EED574A98DA1CADEEFB35D4C2D0E1F81110F41E23A70C29B657897623DA52DA288433F2DC35FB2CE4591888BBEFD694069BB0550486E2B88EF89E7052AD7FD7838989038F9748BD890E238956DAFE01523C4A91E79A4AB2C866BAA82A591062A4D71B3AABF0415A5F52A3005922C457ECEA6CDC2D53FA2585EBC2D465D4BF734A123A234320C58B2F0D097E655AA7D32DB38B17296A6218A817F049CDA81587AA346306C1A308AA8836B0BA6AEEFEA5204DF601FE70052B484BDBBB7951EA74145B985827816C6685C9202C2FD97735C21677A3BE1B846276ECB12465A5756F7287BCA76C404BBC4E37E4386F8771F7E3CCD45F5A720D8CE10C8704279A84EF1BF25069808AF027D9C4C60343C886D5A26A856F14D7C6A64C2D12635D6C7CF075D98E141A399B70AA22952416774BF2804E2F56DB75077F8C642E08BF27A62CA5A0B91B412D59D2B655EC9F3F6BD46776F9A5FA6BA7731C0E076E57CDE6B4B0749C76CF225EA560D86113FB96AB4F23478895039403438E6CA7EA2534D8EB04C9BFAB2C844839D840D02256FEEB674B82F9ABBCD9255F27261FB35A2C61B3A8DECD2138DB3482D65F1818DE8AE03C080045F68C1"; + "40C000000000000A00000000000000000000000000000000CE71F3496571490305748611F14D391E4164572834AB5A587C3C7410653592" + "9FFB39F358756E14C0C23FC2F46000DBFCD1BD14574E7BDA13DC488F44AB377F09052FE462E1E4692AEB5280BB75FB4455DA4A29AB381C" + "B42795D6FCA9FCB5E7F4E305926D1EA5C0FE2F5C9C97788A3680D558804765667EDDCE4AF4AADCDCA477871580FA77F5F042C9A31EB798" + "BD9BC2B45C3D9499556D284DD54FC8309748A20DBF27729A4A7436B706CA842F0DBC78001266B93767BE5A4E741319292D754F481F5E96" + "3DD38C74F47D9B2973F3654273936DC76FA77B6FC7158B9192C3EF99DB3F001EE16708005FA0963DADC2C55199520DA898AD6723E7A49F" + "F1619E7FE643D83007C3D359809629971B06E6C8C0C6CBA8D04DF3AF7A598887AF8E5217907CD2AFC1FFA61C40B59CE165F619E716BDD9" + "65EB66A395CC6B1F7F91AE58F11A24B380BD1DC22BE894FB4AB52A3F43373919618C0C2F823E57CED61E1323916B02B0F02F06487D455F" + "A4E42428FBA47D60E49C142A93B7C87DAF2C1A37C97761155F94B15B70927FC0770457378035AF6CD97634A373441D91ACFEB033915C00" + "6C64FCBD81DF116CAE34F00D581106E6413035B439972E1A79F406955DF174845EC93CB4FB78C012A24D7FAC31AA7A874F0A80D92490E6" + "63E2A42DB14E3255EF241CE727646C3E69FE69DA782E81CC4CF37D49FB1440B5368A984A253CCB033935EDA4D8DDC9C4DD78A92277B569" + "1AB1523F5057EBBB1BBF7C98E51C6873966D0B948C46F12CF9031AD8C99AB236CDB24A3D2817AABB507D319091F21179477060160B5921" + "EC21B71E726204E5B9CC283AE12A79967E89BCD4943A8F2037F75AC6F31E11E24F95EC7CA9F9184A865B5C6E82EDE317C740E6007227F6" + "50C2B74950C1C803D6129EC2FC956EFC6035D537761904B1EDFFCF6EC850349DEACDD0A8815C0886FF3270BBA29B792BEB5349C72E1264" + "8ED7B0FFE9B1D5551D411190DC95B0EB80DA89B90FD0B9F2483446AAF313470C58C6D026E3D8FF3F4A3D7638C4B9CD38903EA6215628FC" + "F05EDAD8AD3C087FC69BD9C2A070A191D8A2816D16F60785A1AE9F31751A72CAA619560658B309269DF16E27A3B65254AF76851AA633DC" + "33D1011ED9A54C1C155A9F2E58D6D72ACFB33180C487A0B8505EC33464E27958BF455F6C2C964461F45BEAC9D4771B3871FCC57C1C0751" + "F76732701D1B4D147F89B0E40947BB83954295CA58C6E3464CF21EB4EB0BADFC6F16D9731A734DF1945225594A54CC7B3A2E61740229A8" + "4755A4F8F827BA38BCA38D830575339DDDD02298DF5170558527E1864656ADCB59D738CA541E3DEF8F159AE839FA161622643F1F09BEFC" + "BC54847663AE8D2DF6ED7515E559102426C3E19296DA77A9FC65DC3BA01B1BA79DEF5C302667C80CAE12B9911B6E764ED32F39FE55B4CD" + "2E79F6431485B8057364F4E0ECDCEE98511E5CEACFD40054488CC0F98FEB7273147D47CFB5A809866B267B707E6C781A5BD169CC0990AF" + "695ABA6D4097F1BA1EEF99C02CEEED6501B0BAA5FDE61BF8A98A93DDB5AE7BC92C309EBC27E2BE1B7B8C8B3DB32B8A8732D77B263B8B11" + "354B54ABBAA93AB39EE1603DBA7987CA37B8A2B251F79506A8EB200F86AEC6ABF481ACE061D39A214EECDC637BBF9D653DA0CB4DA4531A" + "655F4BBB12EC8284FC6898C46B311416F59ABF55C69631C290A0EDB0298DD809D63C9B7132ECD205D9359A181555560F5BF7CD24D15818" + "B5175868DDE5A4B0495F87CDE03F04800416B3F50F3AD56FD00CCD70D7D86E9B7E840864B08B1F99B930787061C473CAD1A41E578AD4C0" + "7DFF34928D579B5E6C02B457E0AA7542E653CF4FA3C4F1A83B7CC1B22A16EED574A98DA1CADEEFB35D4C2D0E1F81110F41E23A70C29B65" + "7897623DA52DA288433F2DC35FB2CE4591888BBEFD694069BB0550486E2B88EF89E7052AD7FD7838989038F9748BD890E238956DAFE015" + "23C4A91E79A4AB2C866BAA82A591062A4D71B3AABF0415A5F52A3005922C457ECEA6CDC2D53FA2585EBC2D465D4BF734A123A234320C58" + "B2F0D097E655AA7D32DB38B17296A6218A817F049CDA81587AA346306C1A308AA8836B0BA6AEEFEA5204DF601FE70052B484BDBBB7951E" + "A74145B985827816C6685C9202C2FD97735C21677A3BE1B846276ECB12465A5756F7287BCA76C404BBC4E37E4386F8771F7E3CCD45F5A7" + "20D8CE10C8704279A84EF1BF25069808AF027D9C4C60343C886D5A26A856F14D7C6A64C2D12635D6C7CF075D98E141A399B70AA2295241" + "6774BF2804E2F56DB75077F8C642E08BF27A62CA5A0B91B412D59D2B655EC9F3F6BD46776F9A5FA6BA7731C0E076E57CDE6B4B0749C76C" + "F225EA560D86113FB96AB4F23478895039403438E6CA7EA2534D8EB04C9BFAB2C844839D840D02256FEEB674B82F9ABBCD9255F27261FB" + "35A2C61B3A8DECD2138DB3482D65F1818DE8AE03C080045F68C1"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); @@ -1635,11 +1656,11 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) SecurityAssociation_t *sa_ptr = &ta; sa_if->sa_get_from_spi(10, &sa_ptr); - sa_ptr->ecs_len = 1; - sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; - sa_ptr->est = 1; - sa_ptr->ast = 1; - sa_ptr->iv_len = 16; + sa_ptr->ecs_len = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->est = 1; + sa_ptr->ast = 1; + sa_ptr->iv_len = 16; sa_ptr->shivf_len = 16; crypto_key_t *ekp = NULL; ekp = key_if->get_key(sa_ptr->ekid); @@ -1660,8 +1681,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // printf("Decrypted frame contents:\n\t"); @@ -1682,7 +1702,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // printf("\n"); // printf("\nDoing final checks:\n\t"); - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("%02x", aos_frame->aos_pdu[i]); @@ -1711,8 +1731,8 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1722,8 +1742,8 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1734,14 +1754,78 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) // Note: SPI 17 (0x0011) // Setup: | hdr 6 |SPI| IV | data | MAC | FECF char *framed_aos_h = - "40C000000000000A0000000000000000000000000000000010DF143C92A39B3568CC9916C9D06C715BF8017168F88FF016B9107B12316E6C03EF5DDC68BA35152893EF7B9A8764D2A908F3C6CEBC23AC94290EA45455C67779B7BA49A899049613F80BEF44DC60E0AB41C63AAC0DDD50438010FF0B28D57FDC9B6EFA412555717700328C20013CD7260A1F3043CC210F2379C1B54F0ADA49668753F992A7B37457185AB28EA1DF00A28D58183D8A277148F662F5698143200B574E28AB766549401D18937E0FB491EB4D8C4A8766FCF29F57ED22EF9C212E8438D04D3AFC5D968D4AECBDC97301B520F1E2943A2689278BF0321A5FC4BF77F042646419FBC66F94CCBD915F9B518DDB9A8C2DFE1CC0C1389ADCACB0CCB227C77FF7A48E3E01EEB7C5AE88994A8193A92DC31D8B55B113D571421B8650F37F69A7F9E8258CE9F709A815FC10217FF8FC2B298265FEF52F4FC3ADC439852146673E8CD0C283EF3CC3ED7C8DBA8F256B34928D16AB56002ABC1722A7A4E18339AF96720DD0429D3E7F68F8CE1E09C749AC9A2BD54A287DEFBCC0611DB3FD84DCAF29F4FD102D65DC79C1124AA864D283E4007A770B839AE002D2DBDD910B95DAC2E9C2CD3362F1D4361C747759B59CA07E971F5B27FF6F9868CB5024F51F7843150B1C07A7E40DE76408A91B563A5DE4705C4B1A09CC644A6D9C72827F52CF34B2DCE1C12068BFAC4DD94EB0DD1D12EACC351CC969C756708DAE276B6F597F463D4727D6B6C8A406D474B456486C200A78001894A4E6D4C56815B7E7788F82D13FB6448C5AB85C028935F8FE1951BC2F20BECBBB60E6ABAB9924C479552A1CBA01B5E51152071ECF8870129ADA932BA461ABD1F718F06200B7A1FCBA5EDF89E9CE148085282E4018F677E7AE6F30D8B5550BDEE1DEC39749C59215220DA1D893CB922D85DE7B6BBCD9F3B787A78CE58FEDC6FEBCEC3F84AC2B8BA714D330F19A4E70E2BEE3587A6D98E89B67BB214007331D41053DEB5581807E6B7A9623928391C28B513C96EE6F6A0E60A7B352D207216F93A07160BC09F88B459ABDD5FC759CE58D7FBEDB1CA675A89D64B8F842070DA7C295530A562E84C7910C4502CACF5262BABA2378D1EBCF94BA77B8AFFB0C23573687CBD1135E55BCF808397A4F83599F43A40BCB0CFA1621D8A3F77A8A2D64CBA4085DE543DA737FB5C8534A39F7C86B8C82C4D70C0EC13FFB09C3A53149CF7542BABD0074651AF2D243C6380E9CE6BAC1D35F81AD9EACBCD23D20853F93E18E65E2EE64F31F486C96C027889A85C88261B9C7D2FFCE55412DDD3C6C471B2D179E9805EA76B867DA04C2AF303AD458A37702002B418168BC08F4BAC37576F37460D89E06F359F20BC4A1E598B14A60F29634465F8B167AE44C457E861DAD0983910A7B5A5AD6F2A93632DE340CDE2AEFF1DA2A9D45B40B88C4363F9074B7DE9A3A14B458C180181D9A6B732450E3A38453FFDD0325AD063129E9EDA1EF05502710E3C344619F5B21B698FD83B2E6AA397D91988997C3E48FCEF4F031128A3F1F7EDF6EB90CC04A05D70BED1D225104DE864A53DA42AD22CD400D7BBD96E0F29E59396D5FCF99A9B33BA102311C5C985618AD1779BD4EE17BCC4D39FE2675F2B7E40AB408347465625A1BC284C91FF997109DF1B0A824A0BE5656A56100FA121D3DB3BA66DE22108DEDB5AAACF308C23777DF8B3CA6B8F0E1E2ECEE33B1A3DE7C354E1D4CF561B51134B8E3F652D0EC737B10FA25382455D2CFF9A63983D9B3C5EAF1DA3CFD3ACB463AB5B0357A900220C91F4169A201FA8181B98307A281CE73760534E98F62DB627F58959279AF0FDB5DD4D2127CE3CDFF4DB759C088E75A8AA683B3A6FA6CCD4BF52E24ADC8A8B6E5A8A9C582E849777BE5CEE7B3CFD7B5DB819DC76E89C9954B720A2FDEE5D4F436B1745BF626994994534E7691CB3F42E5F703FF9DBE53F5C34DFD988F6699F0743E1BB0427D599CE49E641A6A72B0462C5CE1F2FCB4D9248CBBF117378DD5E68BBA5271DF26A3336AD06B6EFA3AC73019515A8C5FD7DB8C5B3D812B25C12CA4C79115C4324698F70B33FD64E89791A1938DAE814779D8720B4046C28C62C0BA6F449BF7DFC944828FB68A91E6347CD38EAE10ABDAC609F87807309F50D2EA330E4A8BD49FA2AA785FCED71B8B409E283AB86C453125C06DAB315FB83463766D2A7BE97292E102EA426AB9550C0A9E754398C9D0256266E2789B921BB93FAF8032919FA014FE307413DFF5DC6FE14B05E0F96A4B77FA826B4E6CEC615EA7BC782D81D850B2F5942B059BCB8378CF84943A503C5C8ED9831031924047D1D7FC079136004424FCAE5EE4A63B2E447325D79354D715099463C2B263B989AC7B528AC5B9C7513A39371F90FDF6AAE1DCE4B3B3892512398DA171E90C2BFCE9A5B93CDCBCEFC24B97B9A7CE5C46910E6609B04771E8A12F1D1541B606F05F83F369C74DD00A6F16366A7883141E78B010BE440462F966F42C85654F3C10535050F0BD13"; + "40C000000000000A0000000000000000000000000000000010DF143C92A39B3568CC9916C9D06C715BF8017168F88FF016B9107B12316E" + "6C03EF5DDC68BA35152893EF7B9A8764D2A908F3C6CEBC23AC94290EA45455C67779B7BA49A899049613F80BEF44DC60E0AB41C63AAC0D" + "DD50438010FF0B28D57FDC9B6EFA412555717700328C20013CD7260A1F3043CC210F2379C1B54F0ADA49668753F992A7B37457185AB28E" + "A1DF00A28D58183D8A277148F662F5698143200B574E28AB766549401D18937E0FB491EB4D8C4A8766FCF29F57ED22EF9C212E8438D04D" + "3AFC5D968D4AECBDC97301B520F1E2943A2689278BF0321A5FC4BF77F042646419FBC66F94CCBD915F9B518DDB9A8C2DFE1CC0C1389ADC" + "ACB0CCB227C77FF7A48E3E01EEB7C5AE88994A8193A92DC31D8B55B113D571421B8650F37F69A7F9E8258CE9F709A815FC10217FF8FC2B" + "298265FEF52F4FC3ADC439852146673E8CD0C283EF3CC3ED7C8DBA8F256B34928D16AB56002ABC1722A7A4E18339AF96720DD0429D3E7F" + "68F8CE1E09C749AC9A2BD54A287DEFBCC0611DB3FD84DCAF29F4FD102D65DC79C1124AA864D283E4007A770B839AE002D2DBDD910B95DA" + "C2E9C2CD3362F1D4361C747759B59CA07E971F5B27FF6F9868CB5024F51F7843150B1C07A7E40DE76408A91B563A5DE4705C4B1A09CC64" + "4A6D9C72827F52CF34B2DCE1C12068BFAC4DD94EB0DD1D12EACC351CC969C756708DAE276B6F597F463D4727D6B6C8A406D474B456486C" + "200A78001894A4E6D4C56815B7E7788F82D13FB6448C5AB85C028935F8FE1951BC2F20BECBBB60E6ABAB9924C479552A1CBA01B5E51152" + "071ECF8870129ADA932BA461ABD1F718F06200B7A1FCBA5EDF89E9CE148085282E4018F677E7AE6F30D8B5550BDEE1DEC39749C5921522" + "0DA1D893CB922D85DE7B6BBCD9F3B787A78CE58FEDC6FEBCEC3F84AC2B8BA714D330F19A4E70E2BEE3587A6D98E89B67BB214007331D41" + "053DEB5581807E6B7A9623928391C28B513C96EE6F6A0E60A7B352D207216F93A07160BC09F88B459ABDD5FC759CE58D7FBEDB1CA675A8" + "9D64B8F842070DA7C295530A562E84C7910C4502CACF5262BABA2378D1EBCF94BA77B8AFFB0C23573687CBD1135E55BCF808397A4F8359" + "9F43A40BCB0CFA1621D8A3F77A8A2D64CBA4085DE543DA737FB5C8534A39F7C86B8C82C4D70C0EC13FFB09C3A53149CF7542BABD007465" + "1AF2D243C6380E9CE6BAC1D35F81AD9EACBCD23D20853F93E18E65E2EE64F31F486C96C027889A85C88261B9C7D2FFCE55412DDD3C6C47" + "1B2D179E9805EA76B867DA04C2AF303AD458A37702002B418168BC08F4BAC37576F37460D89E06F359F20BC4A1E598B14A60F29634465F" + "8B167AE44C457E861DAD0983910A7B5A5AD6F2A93632DE340CDE2AEFF1DA2A9D45B40B88C4363F9074B7DE9A3A14B458C180181D9A6B73" + "2450E3A38453FFDD0325AD063129E9EDA1EF05502710E3C344619F5B21B698FD83B2E6AA397D91988997C3E48FCEF4F031128A3F1F7EDF" + "6EB90CC04A05D70BED1D225104DE864A53DA42AD22CD400D7BBD96E0F29E59396D5FCF99A9B33BA102311C5C985618AD1779BD4EE17BCC" + "4D39FE2675F2B7E40AB408347465625A1BC284C91FF997109DF1B0A824A0BE5656A56100FA121D3DB3BA66DE22108DEDB5AAACF308C237" + "77DF8B3CA6B8F0E1E2ECEE33B1A3DE7C354E1D4CF561B51134B8E3F652D0EC737B10FA25382455D2CFF9A63983D9B3C5EAF1DA3CFD3ACB" + "463AB5B0357A900220C91F4169A201FA8181B98307A281CE73760534E98F62DB627F58959279AF0FDB5DD4D2127CE3CDFF4DB759C088E7" + "5A8AA683B3A6FA6CCD4BF52E24ADC8A8B6E5A8A9C582E849777BE5CEE7B3CFD7B5DB819DC76E89C9954B720A2FDEE5D4F436B1745BF626" + "994994534E7691CB3F42E5F703FF9DBE53F5C34DFD988F6699F0743E1BB0427D599CE49E641A6A72B0462C5CE1F2FCB4D9248CBBF11737" + "8DD5E68BBA5271DF26A3336AD06B6EFA3AC73019515A8C5FD7DB8C5B3D812B25C12CA4C79115C4324698F70B33FD64E89791A1938DAE81" + "4779D8720B4046C28C62C0BA6F449BF7DFC944828FB68A91E6347CD38EAE10ABDAC609F87807309F50D2EA330E4A8BD49FA2AA785FCED7" + "1B8B409E283AB86C453125C06DAB315FB83463766D2A7BE97292E102EA426AB9550C0A9E754398C9D0256266E2789B921BB93FAF803291" + "9FA014FE307413DFF5DC6FE14B05E0F96A4B77FA826B4E6CEC615EA7BC782D81D850B2F5942B059BCB8378CF84943A503C5C8ED9831031" + "924047D1D7FC079136004424FCAE5EE4A63B2E447325D79354D715099463C2B263B989AC7B528AC5B9C7513A39371F90FDF6AAE1DCE4B3" + "B3892512398DA171E90C2BFCE9A5B93CDCBCEFC24B97B9A7CE5C46910E6609B04771E8A12F1D1541B606F05F83F369C74DD00A6F16366A" + "7883141E78B010BE440462F966F42C85654F3C10535050F0BD13"; char *framed_aos_b = NULL; int framed_aos_len = 0; hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); // Truth frame setup char *truth_aos_h = - "40C000000000000000000000000000000000000000000000112233445566778899AABBCCDDEEFFA107FF000006D2AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; + "40C000000000000000000000000000000000000000000000112233445566778899AABBCCDDEEFFA107FF000006D2AABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; char *truth_aos_b = NULL; int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); @@ -1770,15 +1854,14 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1798,8 +1881,8 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -1808,8 +1891,8 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_NO_FHEC, AOS_HAS_IZ, 10); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1826,8 +1909,7 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); Crypto_Shutdown(); @@ -1840,8 +1922,8 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -1850,8 +1932,8 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_NO_FHEC, AOS_HAS_IZ, 10); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 18, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1883,8 +1965,7 @@ UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status); Crypto_Shutdown(); @@ -1897,8 +1978,8 @@ UTEST(AOS_PROCESS, AOS_OCF_TEST) remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -1936,8 +2017,7 @@ UTEST(AOS_PROCESS, AOS_OCF_TEST) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); printf("FSR: %08X\n", Crypto_Get_FSR()); @@ -1950,8 +2030,8 @@ UTEST(AOS_PROCESS, AOS_OCF_TEST) UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -1960,8 +2040,8 @@ UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_NO_FHEC, AOS_HAS_IZ, 10); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 18, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); @@ -1997,8 +2077,7 @@ UTEST(AOS_PROCESS, AOS_KEY_STATE_TEST) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_KEY_STATE_INVALID, status); Crypto_Shutdown(); @@ -2010,8 +2089,8 @@ UTEST(AOS_PROCESS, AOS_PROCESS_HEAP_UNDERFLOW_TEST) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -2020,8 +2099,8 @@ UTEST(AOS_PROCESS, AOS_PROCESS_HEAP_UNDERFLOW_TEST) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, aos_frame->aos_pdu_len, - // AOS_NO_FHEC, AOS_HAS_IZ, 10); + // Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, + // aos_frame->aos_pdu_len, AOS_NO_FHEC, AOS_HAS_IZ, 10); GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x0000, 48, AOS_NO_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; @@ -2049,8 +2128,7 @@ UTEST(AOS_PROCESS, AOS_PROCESS_HEAP_UNDERFLOW_TEST) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_ERR_AOS_FL_LT_MAX_FRAME_SIZE, status); @@ -2063,8 +2141,8 @@ UTEST(AOS_PROCESS, AOS_FHECF_TEST) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_aos_len; // Configure Parameters @@ -2103,13 +2181,13 @@ UTEST(AOS_PROCESS, AOS_FHECF_TEST) aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); - status = - Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - printf("Framed: %04x\nProcessed: %04x\n", (uint16_t)(((uint8_t)framed_aos_b[6] << 8) | (uint8_t)framed_aos_b[7]) , aos_frame->aos_header.fhecf); + printf("Framed: %04x\nProcessed: %04x\n", (uint16_t)(((uint8_t)framed_aos_b[6] << 8) | (uint8_t)framed_aos_b[7]), + aos_frame->aos_header.fhecf); ASSERT_EQ(aos_frame->aos_header.fhecf, (uint16_t)(((uint8_t)framed_aos_b[6] << 8) | (uint8_t)framed_aos_b[7])); - + Crypto_aosPrint(aos_frame); Crypto_Shutdown(); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index d5b45701..93891ac0 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -34,9 +34,9 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_ERROR; - int framed_tm_len = 0; - + int32_t status = CRYPTO_LIB_ERROR; + int framed_tm_len = 0; + uint16_t processed_tm_len; TM_t *tm_frame; @@ -122,8 +122,8 @@ UTEST(TM_PROCESS_SECURITY, NO_CONFIG) { remove("sa_save_file.bin"); // Local variables - int32_t status = CRYPTO_LIB_ERROR; - int framed_tm_len = 0; + int32_t status = CRYPTO_LIB_ERROR; + int framed_tm_len = 0; uint16_t processed_tm_len; TM_t *tm_frame; @@ -200,8 +200,8 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -322,12 +322,12 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - + // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { - printf("Checking %02x against %02X\n", (uint8_t)tm_frame->tm_pdu[i], (uint8_t)*(truth_tm_b + offset + i)); + printf("Checking %02x against %02X\n", (uint8_t)tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); ASSERT_EQ((uint8_t)tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } @@ -349,8 +349,8 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -484,9 +484,9 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); - + // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", tm_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -512,8 +512,8 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -656,7 +656,7 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -678,8 +678,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -835,7 +835,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -857,8 +857,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; // uint8_t map_id = TYPE_TM; // Not used in TM, but simplifies getting SA @@ -1017,7 +1017,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // 2) SPI is zeroed // 3) MAC is zeroed // 4) FECF is zeroed - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1039,8 +1039,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1197,7 +1197,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1219,8 +1219,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1377,7 +1377,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1399,8 +1399,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1560,7 +1560,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1582,8 +1582,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; SecurityAssociation_t *sa_ptr = NULL; @@ -1743,7 +1743,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1766,8 +1766,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // SecurityAssociation_t *sa_ptr = NULL; @@ -1911,7 +1911,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) printf("\n"); printf("\nDoing final checks:\n\t"); - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + test_association->shsnf_len + test_association->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + + test_association->shsnf_len + test_association->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { printf("%02x", tm_frame->tm_pdu[i]); @@ -1936,8 +1937,8 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) { remove("sa_save_file.bin"); // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // SecurityAssociation_t *sa_ptr = NULL; @@ -2096,11 +2097,12 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) // } printf("\nDoing final checks:\n\t"); - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + test_association->shsnf_len + test_association->shplf_len; + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + + test_association->shsnf_len + test_association->shplf_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { printf("%02x", tm_frame->tm_pdu[i]); - ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) *(truth_tm_b + offset + i)); + ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } printf("\n\n"); @@ -2116,8 +2118,8 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -2156,8 +2158,8 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) UTEST(TM_PROCESS, TM_OCF_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -2207,8 +2209,8 @@ UTEST(TM_PROCESS, TM_OCF_TEST) UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -2257,8 +2259,8 @@ UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL) UTEST(TM_PROCESS, TM_KEY_STATE_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -2315,8 +2317,8 @@ UTEST(TM_PROCESS, TM_KEY_STATE_TEST) UTEST(TM_PROCESS, TM_PROCESS_HEAP_UNDERFLOW_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -2364,8 +2366,8 @@ UTEST(TM_PROCESS, TM_PROCESS_HEAP_UNDERFLOW_TEST) UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_OVERFLOW_TEST) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -2403,8 +2405,8 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_OVERFLOW_TEST) UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_Spec_Violation) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters @@ -2443,8 +2445,8 @@ UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_Spec_Violation) UTEST(TM_PROCESS, TM_PROCESS_Secondary_Hdr_One_Too_Big) { // Local Variables - int32_t status = CRYPTO_LIB_SUCCESS; - + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t processed_tm_len; // Configure Parameters From 1285128010cb296b630a463df2c502f15931af3c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 19 Jun 2025 23:52:41 +0000 Subject: [PATCH 08/37] [nasa/cryptolib#471] remove debug print --- src/core/crypto.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 6aa03018..a687f41a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -465,7 +465,6 @@ uint16_t Crypto_Calc_FHECF(uint8_t *data) memset(parity, 0, RS_PARITY); for (i = 0; i < RS_DATA; i++) { - printf("data[%d] = 0x%02x\n", i, data[i]); feedback = (data[i] ^ parity[0]) % (GF_SIZE - 1); for (j = 0; j < RS_PARITY - 1; j++) { From 49b3e94e92b962ec202be141e93fe12c87ab29d3 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 20 Jun 2025 02:32:37 +0000 Subject: [PATCH 09/37] [nasa/cryptolib#471] Fix TM bit math --- include/crypto_config.h | 2 +- include/crypto_structs.h | 4 ++-- src/core/crypto_tm.c | 2 +- test/unit/ut_crypto.c | 12 ++++++------ 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index f38911fe..740a92ea 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -128,7 +128,7 @@ #define ARSN_SIZE 20 /* total messages */ #define ARSNW_SIZE 1 /* bytes */ #define SN_SIZE 16 /* bytes */ -#define PAD_SIZE 32 /* bytes */ +#define PAD_SIZE 2 /* bytes */ // Max shplf len takes up 2 bytes #define CHALLENGE_SIZE 16 /* bytes */ #define CHALLENGE_MAC_SIZE 16 /* bytes */ #define BYTE_LEN 8 /* bits */ diff --git a/include/crypto_structs.h b/include/crypto_structs.h index bb7dad35..4342fb96 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -531,7 +531,7 @@ typedef struct uint8_t iv_field_len; uint8_t sn[SN_SIZE]; // Sequence Number for anti-replay uint8_t sn_field_len; - uint8_t pad; // Count of the used fill Bytes + uint16_t pad; // Count of the used fill Bytes uint8_t pad_field_len; } __attribute__((packed)) TM_FrameSecurityHeader_t; #define TM_FRAME_SECHEADER_SIZE (sizeof(TM_FrameSecurityHeader_t)) @@ -605,7 +605,7 @@ typedef struct uint8_t iv_field_len; uint8_t sn[SN_SIZE]; // Sequence Number for anti-replay uint8_t sn_field_len; - uint8_t pad; // Count of the used fill Bytes + uint16_t pad; // Count of the used fill Bytes uint8_t pad_field_len; } __attribute__((packed)) AOS_FrameSecurityHeader_t; #define AOS_FRAME_SECHEADER_SIZE (sizeof(AOS_FrameSecurityHeader_t)) diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 62d966b2..f7a473a7 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1618,7 +1618,7 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ pp_processed_frame->tm_sec_header.sn_field_len = sa_ptr->shsnf_len; for (int i = 0; i < sa_ptr->shplf_len; i++) { - pp_processed_frame->tm_sec_header.pad += p_new_dec_frame[byte_idx + i]; + pp_processed_frame->tm_sec_header.pad += (p_new_dec_frame[byte_idx + i] << ((sa_ptr->shplf_len - 1 - i) * 8)); } byte_idx += sa_ptr->shplf_len; pp_processed_frame->tm_sec_header.pad_field_len = sa_ptr->shplf_len; diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 220e0403..519e798b 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -382,22 +382,22 @@ UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) ASSERT_EQ(SDLS_MC_ST_RPLY_SIZE, (size_t)1); ASSERT_EQ(SDLS_MC_SN_RPLY_SIZE, (size_t)16); ASSERT_EQ(TC_FRAME_PRIMARYHEADER_STRUCT_SIZE, (size_t)5); - ASSERT_EQ(TC_FRAME_SECHEADER_SIZE, (size_t)70); + ASSERT_EQ(TC_FRAME_SECHEADER_SIZE, (size_t)40); ASSERT_EQ(TC_FRAME_SECTRAILER_SIZE, (size_t)19); - ASSERT_EQ(TC_SIZE, (size_t)(5 + 70 + 19 + 2 + 1019)); + ASSERT_EQ(TC_SIZE, (size_t)(5 + 40 + 19 + 2 + 1019)); ASSERT_EQ(CCSDS_HDR_SIZE, (size_t)6); ASSERT_EQ(ECSS_PUS_SIZE, (size_t)4); ASSERT_EQ(CCSDS_SIZE, (size_t)(6 + 4 + 497)); ASSERT_EQ(TELEMETRY_FRAME_OCF_CLCW_SIZE, (size_t)4); ASSERT_EQ(TELEMETRY_FRAME_OCF_FSR_SIZE, (size_t)4); ASSERT_EQ(TM_FRAME_PRIMARYHEADER_SIZE, (size_t)6); - ASSERT_EQ(TM_FRAME_SECHEADER_SIZE, (size_t)38); + ASSERT_EQ(TM_FRAME_SECHEADER_SIZE, (size_t)39); ASSERT_EQ(TM_FRAME_SECTRAILER_SIZE, (size_t)24); - ASSERT_EQ(TM_SIZE, (size_t)(6 + 38 + 1786 + 24 + 2)); + ASSERT_EQ(TM_SIZE, (size_t)(6 + 39 + 1786 + 24 + 2)); ASSERT_EQ(AOS_FRAME_PRIMARYHEADER_SIZE, (size_t)8); - ASSERT_EQ(AOS_FRAME_SECHEADER_SIZE, (size_t)70); + ASSERT_EQ(AOS_FRAME_SECHEADER_SIZE, (size_t)71); ASSERT_EQ(AOS_FRAME_SECTRAILER_SIZE, (size_t)24); - ASSERT_EQ(AOS_SIZE, (size_t)(8 + 70 + 1786 + 24 + 2)); + ASSERT_EQ(AOS_SIZE, (size_t)(8 + 71 + 1786 + 24 + 2)); } #ifndef CRYPTO_EPROC From 8a70d2b0050509d556467ee7304f361236ac912f Mon Sep 17 00:00:00 2001 From: Donnie-Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Fri, 20 Jun 2025 15:21:45 +0000 Subject: [PATCH 10/37] style: auto-format via clang-format --- include/crypto_config.h | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/include/crypto_config.h b/include/crypto_config.h index 740a92ea..dfb2ef98 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -123,15 +123,15 @@ #define FHECF_SIZE 2 #define FECF_SIZE 2 #define TC_SEGMENT_HDR_SIZE 1 -#define ECS_SIZE 4 /* bytes */ -#define ABM_SIZE 1786 /* bytes */ -#define ARSN_SIZE 20 /* total messages */ -#define ARSNW_SIZE 1 /* bytes */ -#define SN_SIZE 16 /* bytes */ -#define PAD_SIZE 2 /* bytes */ // Max shplf len takes up 2 bytes -#define CHALLENGE_SIZE 16 /* bytes */ -#define CHALLENGE_MAC_SIZE 16 /* bytes */ -#define BYTE_LEN 8 /* bits */ +#define ECS_SIZE 4 /* bytes */ +#define ABM_SIZE 1786 /* bytes */ +#define ARSN_SIZE 20 /* total messages */ +#define ARSNW_SIZE 1 /* bytes */ +#define SN_SIZE 16 /* bytes */ +#define PAD_SIZE 2 /* bytes */ // Max shplf len takes up 2 bytes +#define CHALLENGE_SIZE 16 /* bytes */ +#define CHALLENGE_MAC_SIZE 16 /* bytes */ +#define BYTE_LEN 8 /* bits */ #define CRYPTOLIB_APPID 128 #define MAX_IV_LEN 32 /* bytes */ #define MAX_IZ_LEN 32 From 6a909522c50a202dd9b008600cc491823f3e3173 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 14 Aug 2025 16:06:06 +0000 Subject: [PATCH 11/37] [nasa/cryptolib#487] remove table parsing function, add MULTI_TABLE build flag, fix UTs, remove always true checks --- CMakeLists.txt | 1 + include/crypto.h | 1 + include/crypto_config.h | 7 +++ src/core/crypto.c | 2 + src/core/crypto_aos.c | 19 +++--- src/core/crypto_config.c | 6 ++ src/core/crypto_mc.c | 4 ++ src/core/crypto_tc.c | 10 +++ src/core/crypto_tm.c | 10 ++- src/core/crypto_user.c | 5 ++ .../mariadb/sa_interface_mariadb.template.c | 62 ++++--------------- support/scripts/build_kmc.sh | 2 +- test/unit/ut_aos_process.c | 35 +++++++---- test/unit/ut_tm_process.c | 37 ++++++----- 14 files changed, 115 insertions(+), 86 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b367015d..1b528114 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -56,6 +56,7 @@ option(SA_CUSTOM "Security Association - Custom" OFF) option(SA_CUSTOM_PATH "Custom Security Association Path" OFF) option(SA_INTERNAL "Security Association - Internal" OFF) option(SA_MARIADB "Security Association - MariaDB" OFF) +option(MARIADB_MULTI_TABLE "Specifies Unique SADB tables for TC, TM, and AOS" OFF) option(SUPPORT "Support" OFF) option(SYSTEM_INSTALL "SystemInstall" OFF) option(TEST "Test" OFF) diff --git a/include/crypto.h b/include/crypto.h index 171d5e6d..3efc600b 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -324,6 +324,7 @@ extern uint8_t parity[4]; // Used in FHECF calc // Global configuration structs extern CryptoConfig_t crypto_config; extern SadbMariaDBConfig_t *sa_mariadb_config; +extern char* mariadb_table_name; extern CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config; extern CamConfig_t *cam_config; extern GvcidManagedParameters_t *gvcid_managed_parameters; diff --git a/include/crypto_config.h b/include/crypto_config.h index dfb2ef98..862a89ef 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -269,4 +269,11 @@ */ #define TC_BLOCK_SIZE 16 +/* +** MariaDB Defines +*/ +#define MARIADB_TC_TABLE_NAME "security_associations" +#define MARIADB_TM_TABLE_NAME "security_associations_tm" +#define MARIADB_AOS_TABLE_NAME "security_associations_aos" + #endif // CRYPTO_CONFIG_H diff --git a/src/core/crypto.c b/src/core/crypto.c index 4d20a039..f5db790a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -72,6 +72,8 @@ uint8_t parity[RS_PARITY]; // CRC uint32_t crc32Table[CRC32TBL_SIZE]; uint16_t crc16Table[CRC16TBL_SIZE]; +// Mariadb +char* mariadb_table_name = "security_associations"; /* ** Assisting Functions diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index 8d53ba1d..1a3b2282 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -106,6 +106,9 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) printf("\n"); #endif +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_AOS_TABLE_NAME; +#endif status = sa_if->sa_get_operational_sa_from_gvcid(tfvn, scid, vcid, 0, &sa_ptr); // No operational/valid SA found @@ -940,11 +943,13 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t * Reference CCSDS SDLP 3550b1 4.1.1.1.3 **/ // Get SPI - printf("byte_idx: %d\n", byte_idx); spi = (uint8_t)p_ingest[byte_idx] << 8 | (uint8_t)p_ingest[byte_idx + 1]; // Move index to past the SPI byte_idx += 2; +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_AOS_TABLE_NAME; +#endif status = sa_if->sa_get_from_spi(spi, &sa_ptr); // If no valid SPI, return if (status != CRYPTO_LIB_SUCCESS) @@ -1417,7 +1422,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t pp_processed_frame->aos_header.sf = (p_new_dec_frame[5] & 0x40) >> 6; pp_processed_frame->aos_header.spare = (p_new_dec_frame[5] & 0x30) >> 4; pp_processed_frame->aos_header.vfcc = (p_new_dec_frame[5] & 0x0F); - if (current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) + if (aos_current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) { pp_processed_frame->aos_header.fhecf = (p_new_dec_frame[6] << 8) | p_new_dec_frame[7]; byte_idx += 8; @@ -1428,13 +1433,13 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t } // Security Header - if (current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) + if (aos_current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) { - for (int i = 0; i < current_managed_parameters_struct.aos_iz_len; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.aos_iz_len; i++) { memcpy(pp_processed_frame->aos_sec_header.iz + i, &p_new_dec_frame[byte_idx + i], 1); } - byte_idx += current_managed_parameters_struct.aos_iz_len; + byte_idx += aos_current_managed_parameters_struct.aos_iz_len; } pp_processed_frame->aos_sec_header.spi = @@ -1475,7 +1480,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t byte_idx += sa_ptr->stmacf_len; pp_processed_frame->aos_sec_trailer.mac_field_len = sa_ptr->stmacf_len; - if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { for (int i = 0; i < OCF_SIZE; i++) { @@ -1489,7 +1494,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t pp_processed_frame->aos_sec_trailer.ocf_field_len = 0; } - if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { pp_processed_frame->aos_sec_trailer.fecf = (uint16_t)(p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 37116611..25a838ef 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -97,6 +97,9 @@ int32_t Crypto_SC_Init(void) status = Crypto_Init(); SecurityAssociation_t *sa_ptr = NULL; +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TC_TABLE_NAME; +#endif sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->gvcid_blk.vcid = 0; sa_if->sa_get_from_spi(2, &sa_ptr); @@ -108,6 +111,9 @@ int32_t Crypto_SC_Init(void) sa_ptr->abm_len = ABM_SIZE; sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TM_TABLE_NAME; +#endif sa_if->sa_get_from_spi(5, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->shsnf_len = 0; diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 0c9d185a..5deff0d2 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -291,6 +291,10 @@ int32_t Crypto_SA_readARSN(uint8_t *ingest) // Read ingest spi = ((uint8_t)sdls_frame.tlv_pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.tlv_pdu.data[1]; + // TODO: This is not correct +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TC_TABLE_NAME; +#endif status = sa_if->sa_get_from_spi(spi, &sa_ptr); if (status != CRYPTO_LIB_SUCCESS) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 8c8621cf..bd805d86 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -838,6 +838,9 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra mc_if->mc_log(status); return status; } +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TC_TABLE_NAME; +#endif status = sa_if->sa_get_operational_sa_from_gvcid(temp_tc_header.tfvn, temp_tc_header.scid, temp_tc_header.vcid, *map_id, sa_ptr); // If unable to get operational SA, can return @@ -1818,6 +1821,9 @@ uint32_t Crypto_TC_Sanity_Validations(TC_t *tc_sdls_processed_frame, SecurityAss { uint32_t status = CRYPTO_LIB_SUCCESS; +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TC_TABLE_NAME; +#endif status = sa_if->sa_get_from_spi(tc_sdls_processed_frame->tc_sec_header.spi, sa_ptr); // If no valid SPI, return if (status == CRYPTO_LIB_SUCCESS) @@ -2208,6 +2214,10 @@ static int32_t validate_sa_index(SecurityAssociation_t *sa) { int32_t returnval = 0; SecurityAssociation_t *temp_sa; + +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TC_TABLE_NAME; +#endif sa_if->sa_get_from_spi(sa->spi, &temp_sa); // Do not validate sa index on KMC diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index bf154658..1c97cb59 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -821,6 +821,9 @@ int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) printf("\n"); #endif +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TM_TABLE_NAME; +#endif status = sa_if->sa_get_operational_sa_from_gvcid(tfvn, scid, vcid, 0, &sa_ptr); // No operational/valid SA found @@ -1637,7 +1640,7 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ } byte_idx += sa_ptr->stmacf_len; pp_processed_frame->tm_sec_trailer.mac_field_len = sa_ptr->stmacf_len; - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + if (tm_current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { for (int i = 0; i < OCF_SIZE; i++) { @@ -1650,7 +1653,7 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ { pp_processed_frame->tm_sec_trailer.ocf_field_len = 0; } - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { pp_processed_frame->tm_sec_trailer.fecf = ((uint16_t)p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; @@ -1744,6 +1747,9 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * // Move index to past the SPI byte_idx += 2; +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TM_TABLE_NAME; +#endif status = sa_if->sa_get_from_spi(spi, &sa_ptr); } diff --git a/src/core/crypto_user.c b/src/core/crypto_user.c index 626f1f5d..dd9ddca2 100644 --- a/src/core/crypto_user.c +++ b/src/core/crypto_user.c @@ -174,6 +174,11 @@ int32_t Crypto_User_ModifyVCID(void) int i; int j; + // TODO: This is not correct +#ifdef MARIADB_MULTI_TABLE + mariadb_table_name = MARIADB_TC_TABLE_NAME; +#endif + for (i = 0; i < NUM_GVCID; i++) { if (sa_if->sa_get_from_spi(i, &sa_ptr) != CRYPTO_LIB_SUCCESS) diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index f11a7c2c..ca8b14ba 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -48,20 +48,20 @@ static const char *SQL_SADB_GET_SA_BY_SPI = "SELECT " "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" - " FROM security_associations WHERE spi='%d'"; + " FROM %s WHERE spi='%d'"; static const char *SQL_SADB_GET_SA_BY_GVCID = "SELECT " "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" - " FROM security_associations WHERE tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d' AND sa_state='%d'"; + " FROM %s WHERE tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d' AND sa_state='%d'"; static const char *SQL_SADB_UPDATE_IV_ARC_BY_SPI = - "UPDATE security_associations" + "UPDATE %s" " SET iv=X'%s', arsn=X'%s'" " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; -static const char *SQL_SADB_UPDATE_IV_ARC_BY_SPI_NULL_IV = - "UPDATE security_associations" - " SET arsn=X'%s'" - " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; +// static const char *SQL_SADB_UPDATE_IV_ARC_BY_SPI_NULL_IV = +// "UPDATE %s" +// " SET arsn=X'%s'" +// " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; // sa_if mariaDB private helper functions static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **security_association); @@ -187,7 +187,7 @@ static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t **security_as int32_t status = CRYPTO_LIB_SUCCESS; char spi_query[2048]; - snprintf(spi_query, sizeof(spi_query), SQL_SADB_GET_SA_BY_SPI, spi); + snprintf(spi_query, sizeof(spi_query), SQL_SADB_GET_SA_BY_SPI, mariadb_table_name, spi); status = parse_sa_from_mysql_query(&spi_query[0], security_association); @@ -199,7 +199,7 @@ static int32_t sa_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uin int32_t status = CRYPTO_LIB_SUCCESS; char gvcid_query[2048]; - snprintf(gvcid_query, sizeof(gvcid_query), SQL_SADB_GET_SA_BY_GVCID, tfvn, scid, vcid, mapid, SA_OPERATIONAL); + snprintf(gvcid_query, sizeof(gvcid_query), SQL_SADB_GET_SA_BY_GVCID, mariadb_table_name, tfvn, scid, vcid, mapid, SA_OPERATIONAL); status = parse_sa_from_mysql_query(&gvcid_query[0], security_association); @@ -216,28 +216,15 @@ static int32_t sa_save_sa(SecurityAssociation_t *sa) char update_sa_query[2048]; char *iv_h = malloc(sa->iv_len * 2 + 1); - if (sa->iv != NULL) - { - convert_byte_array_to_hexstring(sa->iv, sa->iv_len, iv_h); - } + convert_byte_array_to_hexstring(sa->iv, sa->iv_len, iv_h); char *arsn_h = malloc(sa->arsn_len * 2 + 1); convert_byte_array_to_hexstring(sa->arsn, sa->arsn_len, arsn_h); - if (sa->iv != NULL) - { - snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, iv_h, arsn_h, sa->spi, + snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, iv_h, arsn_h, sa->spi, sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); - - free(iv_h); - } - else - { - snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI_NULL_IV, arsn_h, sa->spi, - sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); - free(iv_h); - } - + + free(iv_h); free(arsn_h); #ifdef SA_DEBUG fprintf(stderr, "MySQL Insert SA Query: %s \n", update_sa_query); @@ -629,26 +616,3 @@ static int32_t finish_with_error(MYSQL **con_loc, int err) *con_loc = NULL; return err; } - -static int32_t parse_table_from_gvcid(char* table, GvcidManagedParameters_t current_managed_parameters_struct) -{ - int32_t status = CRYPTO_LIB_SUCCESS; - if (current_managed_parameters_struct.has_fecf == TC_HAS_FECF || current_managed_parameters_struct.has_fecf == TC_NO_FECF) - { - strcpy(table, MARIADB_TC_TABLE_NAME); - } - else if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF || current_managed_parameters_struct.has_fecf == TM_NO_FECF) - { - strcpy(table, MARIADB_TM_TABLE_NAME); - } - else if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF || current_managed_parameters_struct.has_fecf == AOS_NO_FECF) - { - strcpy(table, MARIADB_AOS_TABLE_NAME); - } - else - { - table = table; - status = CRYPTO_LIB_ERROR; - } - return status; -} \ No newline at end of file diff --git a/support/scripts/build_kmc.sh b/support/scripts/build_kmc.sh index afa9cbec..b55c99cd 100755 --- a/support/scripts/build_kmc.sh +++ b/support/scripts/build_kmc.sh @@ -11,4 +11,4 @@ source $SCRIPT_DIR/env.sh rm $BASE_DIR/CMakeCache.txt -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_KMC=1 -DKEY_KMC=1 -DMC_DISABLED=1 -DSA_MARIADB=1 -DTEST=1 -DSA_FILE=1 -DKMC_MDB_DB=1 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_KMC=1 -DMARIADB_MULTI_TABLE=1 -DKEY_KMC=1 -DMC_DISABLED=1 -DSA_MARIADB=1 -DTEST=1 -DSA_FILE=1 -DKMC_MDB_DB=1 && make && make test diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index a4d70a3a..dabe56ee 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -290,8 +290,6 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) SecurityAssociation_t *sa_ptr = NULL; SaInterface sa_if = get_sa_interface_inmemory(); - sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 - sa_ptr->sa_state = SA_KEYED; sa_if->sa_get_from_spi(9, &sa_ptr); // Enable and setup 9 sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->arsn_len = 0; @@ -308,7 +306,8 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -447,7 +446,8 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + 2 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + 2 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", aos_frame[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -589,7 +589,8 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + 10 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + 10 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { printf("Checking %02x against %02X\n", aos_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); @@ -740,7 +741,8 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -899,7 +901,8 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1055,7 +1058,8 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1209,7 +1213,8 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1365,7 +1370,8 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1521,7 +1527,8 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); @@ -1702,7 +1709,8 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // printf("\n"); // printf("\nDoing final checks:\n\t"); - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("%02x", aos_frame->aos_pdu[i]); @@ -1861,7 +1869,8 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = 6 + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; for (int i = 0; i < aos_frame->aos_pdu_len; i++) { // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 19fd1756..e9a36b11 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -324,7 +324,8 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { printf("Checking %02x against %02X\n", (uint8_t)tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); @@ -486,10 +487,11 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { - // printf("Checking %02x against %02X\n", tm_frame[i], (uint8_t)*(truth_tm_b + i)); + // printf("Checking %02x against %02X\n", tm_frame->tm_pdu[i], (uint8_t)*(truth_tm_b + offset + i)); ASSERT_EQ(tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + offset + i)); } @@ -656,7 +658,8 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -835,7 +838,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1017,7 +1021,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // 2) SPI is zeroed // 3) MAC is zeroed // 4) FECF is zeroed - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1197,7 +1202,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1377,7 +1383,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1560,7 +1567,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1743,7 +1751,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); @@ -1911,8 +1920,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) printf("\n"); printf("\nDoing final checks:\n\t"); - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + - test_association->shsnf_len + test_association->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(test_association); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { printf("%02x", tm_frame->tm_pdu[i]); @@ -2098,8 +2107,8 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) // } printf("\nDoing final checks:\n\t"); - uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + test_association->shivf_len + - test_association->shsnf_len + test_association->shplf_len; + uint16_t sh_len = Crypto_Get_Security_Header_Length(test_association); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + sh_len; for (int i = 0; i < tm_frame->tm_pdu_len; i++) { printf("%02x", tm_frame->tm_pdu[i]); From 306ffc7e4b5fb48d51e8e5893584078b919c4301 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Thu, 14 Aug 2025 16:10:56 +0000 Subject: [PATCH 12/37] style: auto-format via clang-format --- include/crypto.h | 2 +- include/crypto_config.h | 4 ++-- src/core/crypto.c | 2 +- src/core/crypto_mc.c | 2 +- src/sa/mariadb/sa_interface_mariadb.template.c | 7 ++++--- 5 files changed, 9 insertions(+), 8 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 3efc600b..a2ee6b81 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -324,7 +324,7 @@ extern uint8_t parity[4]; // Used in FHECF calc // Global configuration structs extern CryptoConfig_t crypto_config; extern SadbMariaDBConfig_t *sa_mariadb_config; -extern char* mariadb_table_name; +extern char *mariadb_table_name; extern CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config; extern CamConfig_t *cam_config; extern GvcidManagedParameters_t *gvcid_managed_parameters; diff --git a/include/crypto_config.h b/include/crypto_config.h index 862a89ef..02d43c10 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -272,8 +272,8 @@ /* ** MariaDB Defines */ -#define MARIADB_TC_TABLE_NAME "security_associations" -#define MARIADB_TM_TABLE_NAME "security_associations_tm" +#define MARIADB_TC_TABLE_NAME "security_associations" +#define MARIADB_TM_TABLE_NAME "security_associations_tm" #define MARIADB_AOS_TABLE_NAME "security_associations_aos" #endif // CRYPTO_CONFIG_H diff --git a/src/core/crypto.c b/src/core/crypto.c index f5db790a..b72248b3 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -73,7 +73,7 @@ uint8_t parity[RS_PARITY]; uint32_t crc32Table[CRC32TBL_SIZE]; uint16_t crc16Table[CRC16TBL_SIZE]; // Mariadb -char* mariadb_table_name = "security_associations"; +char *mariadb_table_name = "security_associations"; /* ** Assisting Functions diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 5deff0d2..35b626bd 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -293,7 +293,7 @@ int32_t Crypto_SA_readARSN(uint8_t *ingest) // TODO: This is not correct #ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TC_TABLE_NAME; + mariadb_table_name = MARIADB_TC_TABLE_NAME; #endif status = sa_if->sa_get_from_spi(spi, &sa_ptr); diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index ca8b14ba..d481a1b9 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -199,7 +199,8 @@ static int32_t sa_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uin int32_t status = CRYPTO_LIB_SUCCESS; char gvcid_query[2048]; - snprintf(gvcid_query, sizeof(gvcid_query), SQL_SADB_GET_SA_BY_GVCID, mariadb_table_name, tfvn, scid, vcid, mapid, SA_OPERATIONAL); + snprintf(gvcid_query, sizeof(gvcid_query), SQL_SADB_GET_SA_BY_GVCID, mariadb_table_name, tfvn, scid, vcid, mapid, + SA_OPERATIONAL); status = parse_sa_from_mysql_query(&gvcid_query[0], security_association); @@ -222,8 +223,8 @@ static int32_t sa_save_sa(SecurityAssociation_t *sa) convert_byte_array_to_hexstring(sa->arsn, sa->arsn_len, arsn_h); snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, iv_h, arsn_h, sa->spi, - sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); - + sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); + free(iv_h); free(arsn_h); #ifdef SA_DEBUG From d18da3e5f853679d10e426a4b106a259b5463543 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 14 Aug 2025 18:58:38 +0000 Subject: [PATCH 13/37] [nasa/cryptolib#487] remove build flag, add soft fails instead of terminating connection --- CMakeLists.txt | 1 - src/core/crypto_aos.c | 14 ++++++----- src/core/crypto_config.c | 14 ++++++----- src/core/crypto_mc.c | 7 +++--- src/core/crypto_tc.c | 21 +++++++++------- src/core/crypto_tm.c | 14 ++++++----- src/core/crypto_user.c | 7 +++--- .../mariadb/sa_interface_mariadb.template.c | 24 ++++++++++++------- 8 files changed, 59 insertions(+), 43 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 1b528114..b367015d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -56,7 +56,6 @@ option(SA_CUSTOM "Security Association - Custom" OFF) option(SA_CUSTOM_PATH "Custom Security Association Path" OFF) option(SA_INTERNAL "Security Association - Internal" OFF) option(SA_MARIADB "Security Association - MariaDB" OFF) -option(MARIADB_MULTI_TABLE "Specifies Unique SADB tables for TC, TM, and AOS" OFF) option(SUPPORT "Support" OFF) option(SYSTEM_INSTALL "SystemInstall" OFF) option(TEST "Test" OFF) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index 1a3b2282..d0cf9684 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -106,9 +106,10 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) printf("\n"); #endif -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_AOS_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_AOS_TABLE_NAME; + } status = sa_if->sa_get_operational_sa_from_gvcid(tfvn, scid, vcid, 0, &sa_ptr); // No operational/valid SA found @@ -947,9 +948,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t // Move index to past the SPI byte_idx += 2; -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_AOS_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_AOS_TABLE_NAME; + } status = sa_if->sa_get_from_spi(spi, &sa_ptr); // If no valid SPI, return if (status != CRYPTO_LIB_SUCCESS) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 25a838ef..b5683bfe 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -97,9 +97,10 @@ int32_t Crypto_SC_Init(void) status = Crypto_Init(); SecurityAssociation_t *sa_ptr = NULL; -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TC_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TC_TABLE_NAME; + } sa_if->sa_get_from_spi(1, &sa_ptr); sa_ptr->gvcid_blk.vcid = 0; sa_if->sa_get_from_spi(2, &sa_ptr); @@ -111,9 +112,10 @@ int32_t Crypto_SC_Init(void) sa_ptr->abm_len = ABM_SIZE; sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TM_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TM_TABLE_NAME; + } sa_if->sa_get_from_spi(5, &sa_ptr); sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->shsnf_len = 0; diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 5deff0d2..3a75fbbf 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -292,9 +292,10 @@ int32_t Crypto_SA_readARSN(uint8_t *ingest) spi = ((uint8_t)sdls_frame.tlv_pdu.data[0] << BYTE_LEN) | (uint8_t)sdls_frame.tlv_pdu.data[1]; // TODO: This is not correct -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TC_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TC_TABLE_NAME; + } status = sa_if->sa_get_from_spi(spi, &sa_ptr); if (status != CRYPTO_LIB_SUCCESS) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index bd805d86..1299f136 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -838,9 +838,10 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra mc_if->mc_log(status); return status; } -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TC_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TC_TABLE_NAME; + } status = sa_if->sa_get_operational_sa_from_gvcid(temp_tc_header.tfvn, temp_tc_header.scid, temp_tc_header.vcid, *map_id, sa_ptr); // If unable to get operational SA, can return @@ -1821,9 +1822,10 @@ uint32_t Crypto_TC_Sanity_Validations(TC_t *tc_sdls_processed_frame, SecurityAss { uint32_t status = CRYPTO_LIB_SUCCESS; -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TC_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TC_TABLE_NAME; + } status = sa_if->sa_get_from_spi(tc_sdls_processed_frame->tc_sec_header.spi, sa_ptr); // If no valid SPI, return if (status == CRYPTO_LIB_SUCCESS) @@ -2215,9 +2217,10 @@ static int32_t validate_sa_index(SecurityAssociation_t *sa) int32_t returnval = 0; SecurityAssociation_t *temp_sa; -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TC_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TC_TABLE_NAME; + } sa_if->sa_get_from_spi(sa->spi, &temp_sa); // Do not validate sa index on KMC diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 1c97cb59..e99a352d 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -821,9 +821,10 @@ int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) printf("\n"); #endif -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TM_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TM_TABLE_NAME; + } status = sa_if->sa_get_operational_sa_from_gvcid(tfvn, scid, vcid, 0, &sa_ptr); // No operational/valid SA found @@ -1747,9 +1748,10 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * // Move index to past the SPI byte_idx += 2; -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TM_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TM_TABLE_NAME; + } status = sa_if->sa_get_from_spi(spi, &sa_ptr); } diff --git a/src/core/crypto_user.c b/src/core/crypto_user.c index dd9ddca2..e127d960 100644 --- a/src/core/crypto_user.c +++ b/src/core/crypto_user.c @@ -175,9 +175,10 @@ int32_t Crypto_User_ModifyVCID(void) int j; // TODO: This is not correct -#ifdef MARIADB_MULTI_TABLE - mariadb_table_name = MARIADB_TC_TABLE_NAME; -#endif + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + mariadb_table_name = MARIADB_TC_TABLE_NAME; + } for (i = 0; i < NUM_GVCID; i++) { diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index ca8b14ba..9676aee1 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -42,7 +42,8 @@ static int32_t sa_setARSN(TC_t *tc_frame); static int32_t sa_setARSNW(TC_t *tc_frame); static int32_t sa_delete(TC_t *tc_frame); // MySQL local functions -static int32_t finish_with_error(MYSQL **con_loc, int err); +static int32_t finish_with_error_hard(MYSQL **con_loc, int err); +static int32_t finish_with_error_soft(MYSQL **con_loc, int err); // MySQL Queries static const char *SQL_SADB_GET_SA_BY_SPI = "SELECT " @@ -146,7 +147,7 @@ static int32_t sa_init(void) sa_mariadb_config->mysql_port, NULL, 0) == NULL) { // 0,NULL,0 are port number, unix socket, client flag - finish_with_error(&con, SADB_MARIADB_CONNECTION_FAILED); + finish_with_error_hard(&con, SADB_MARIADB_CONNECTION_FAILED); status = CRYPTO_LIB_ERROR; } else @@ -233,7 +234,7 @@ static int32_t sa_save_sa(SecurityAssociation_t *sa) // Crypto_saPrint(sa); if (mysql_query(con, update_sa_query)) { - status = finish_with_error(&con, SADB_QUERY_FAILED); + status = finish_with_error_soft(&con, SADB_QUERY_FAILED); } // todo - if query fails, need to push failure message to error stack instead of just return code. @@ -305,7 +306,7 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se if (mysql_real_query(con, query, strlen(query))) { // query should be NUL terminated! - status = finish_with_error(&con, SADB_QUERY_FAILED); + status = finish_with_error_soft(&con, SADB_QUERY_FAILED); return status; } // todo - if query fails, need to push failure message to error stack instead of just return code. @@ -313,14 +314,14 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se MYSQL_RES *result = mysql_store_result(con); if (result == NULL) { - status = finish_with_error(&con, SADB_QUERY_EMPTY_RESULTS); + status = finish_with_error_soft(&con, SADB_QUERY_EMPTY_RESULTS); return status; } int num_rows = mysql_num_rows(result); if (num_rows == 0) // No rows returned in query!! { - status = finish_with_error(&con, SADB_QUERY_EMPTY_RESULTS); + status = finish_with_error_soft(&con, SADB_QUERY_EMPTY_RESULTS); return status; } @@ -608,11 +609,16 @@ static void convert_byte_array_to_hexstring(void *src_buffer, size_t buffer_leng } } -static int32_t finish_with_error(MYSQL **con_loc, int err) +static int32_t finish_with_error_hard(MYSQL **con_loc, int err) { - fprintf(stderr, "%s\n", - mysql_error(*con_loc)); // todo - if query fails, need to push failure message to error stack + fprintf(stderr, "%s\n", mysql_error(*con_loc)); mysql_close(*con_loc); *con_loc = NULL; return err; } + +static int32_t finish_with_error_soft(MYSQL **con_loc, int err) +{ + fprintf(stderr, "%s\n", mysql_error(*con_loc)); + return err; +} From 4dd9665747475e90b0650f32e9c159163494c496 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 19 Aug 2025 16:15:30 -0400 Subject: [PATCH 14/37] [nasa/cryptolib#487] Confirm working with 1 and 3 tables, add initial UTs --- src/core/crypto_config.c | 62 +- ...hy_interface_kmc_crypto_service.template.c | 11 +- .../mariadb/sa_interface_mariadb.template.c | 2 +- src/sa/sadb_mariadb_sql/create_sadb.sql | 62 ++ src/sa/sadb_mariadb_sql/empty_sadb_aos.sql | 3 + .../{empty_sadb.sql => empty_sadb_tc.sql} | 0 src/sa/sadb_mariadb_sql/empty_sadb_tm.sql | 3 + .../create_sadb_ivv_aos_unit_tests.sql | 87 ++ ....sql => create_sadb_ivv_tc_unit_tests.sql} | 2 +- .../create_sadb_ivv_tm_unit_tests.sql | 87 ++ support/scripts/build_kmc.sh | 2 +- test/CMakeLists.txt | 31 +- test/kmc/ut_aos_kmc.c | 291 +++++++ test/kmc/ut_kmc_crypto.c | 803 ++++++++++-------- test/kmc/ut_tc_kmc.c | 204 ++--- test/kmc/ut_tm_kmc.c | 278 ++++++ test/unit/ut_crypto.c | 18 +- 17 files changed, 1430 insertions(+), 516 deletions(-) create mode 100644 src/sa/sadb_mariadb_sql/empty_sadb_aos.sql rename src/sa/sadb_mariadb_sql/{empty_sadb.sql => empty_sadb_tc.sql} (100%) create mode 100644 src/sa/sadb_mariadb_sql/empty_sadb_tm.sql create mode 100644 src/sa/test_sadb_mariadb_sql/create_sadb_ivv_aos_unit_tests.sql rename src/sa/test_sadb_mariadb_sql/{create_sadb_ivv_unit_tests.sql => create_sadb_ivv_tc_unit_tests.sql} (99%) create mode 100644 src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tm_unit_tests.sql create mode 100644 test/kmc/ut_aos_kmc.c create mode 100644 test/kmc/ut_tm_kmc.c diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index b5683bfe..4c98dfd5 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -277,17 +277,38 @@ int32_t Crypto_Init(void) if (crypto_config.key_type == KEY_TYPE_CUSTOM) { key_if = get_key_interface_custom(); + if (key_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } else if (crypto_config.key_type == KEY_TYPE_INTERNAL) { key_if = get_key_interface_internal(); + if (key_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } - else // KEY_TYPE_KMC + else if (crypto_config.key_type == KEY_TYPE_KMC) { key_if = get_key_interface_kmc(); + if (key_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } + else + { + return CRYPTO_LIB_ERROR; + } + } + status = key_if->key_init(); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; } - key_if->key_init(); + // TODO: Check and return status on error /* MC Interface */ if (mc_if == NULL) @@ -295,17 +316,38 @@ int32_t Crypto_Init(void) if (crypto_config.mc_type == MC_TYPE_CUSTOM) { mc_if = get_mc_interface_custom(); + if (mc_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } else if (crypto_config.mc_type == MC_TYPE_DISABLED) { mc_if = get_mc_interface_disabled(); + if (mc_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } - else // MC_TYPE_INTERNAL + else if (crypto_config.mc_type == MC_TYPE_INTERNAL) { mc_if = get_mc_interface_internal(); + if (mc_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } + else + { + return CRYPTO_LIB_ERROR; + } + } + status = mc_if->mc_initialize(); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; } - mc_if->mc_initialize(); + // TODO: Check and return status on error /* SA Interface */ if (sa_if == NULL) @@ -314,10 +356,18 @@ int32_t Crypto_Init(void) if (crypto_config.sa_type == SA_TYPE_CUSTOM) { sa_if = get_sa_interface_custom(); + if (sa_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } else if (crypto_config.sa_type == SA_TYPE_INMEMORY) { sa_if = get_sa_interface_inmemory(); + if (sa_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } else if (crypto_config.sa_type == SA_TYPE_MARIADB) { @@ -328,6 +378,10 @@ int32_t Crypto_Init(void) return status; // MariaDB connection specified but no configuration exists, return! } sa_if = get_sa_interface_mariadb(); + if (sa_if == NULL) + { + return CRYPTO_LIB_ERROR; + } } else { diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index c3d72ace..a723c424 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -1345,8 +1345,13 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, memcpy(ciphertext_token_base64, token, cipher_text_token_len); #ifdef DEBUG printf("IV LENGTH: %d\n", iv_len); - printf("IV ENCODED Text: %s\nIV ENCODED TEXT LEN: %ld\n", ciphertext_token_base64, - cipher_text_token_len); + printf("IV ENCODED TEXT LEN: %ld\n", cipher_text_token_len); + printf("IV ENCODED Text: \n"); + for (uint32_t i = 0; i < cipher_text_token_len; i++) + { + printf("%c", ciphertext_token_base64[i]); + } + printf("\n"); #endif char *iv_decoded = malloc((iv_len)*2 + 1); size_t iv_decoded_len = 0; @@ -1357,7 +1362,7 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, printf("Decoded IV Text: \n"); for (uint32_t i = 0; i < iv_decoded_len; i++) { - printf("%02x ", (uint8_t)iv_decoded[i]); + printf("%02x", (uint8_t)iv_decoded[i]); } printf("\n"); #endif diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index 458cef71..53d5d383 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -223,7 +223,7 @@ static int32_t sa_save_sa(SecurityAssociation_t *sa) char *arsn_h = malloc(sa->arsn_len * 2 + 1); convert_byte_array_to_hexstring(sa->arsn, sa->arsn_len, arsn_h); - snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, iv_h, arsn_h, sa->spi, + snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, mariadb_table_name, iv_h, arsn_h, sa->spi, sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); free(iv_h); diff --git a/src/sa/sadb_mariadb_sql/create_sadb.sql b/src/sa/sadb_mariadb_sql/create_sadb.sql index 30733932..c43d74e0 100644 --- a/src/sa/sadb_mariadb_sql/create_sadb.sql +++ b/src/sa/sadb_mariadb_sql/create_sadb.sql @@ -34,4 +34,66 @@ CREATE TABLE IF NOT EXISTS security_associations ,arsnw SMALLINT NOT NULL DEFAULT 0 -- ARSNW_SIZE=1 ); +CREATE TABLE IF NOT EXISTS security_associations_tm +( + spi INT NOT NULL + ,ekid VARCHAR(100) CHARACTER SET utf8 DEFAULT NULL -- 'EG, for KMC Crypto KeyRef, 'kmc/test/KEY130', for libgcrypt '130' + ,akid VARCHAR(100) CHARACTER SET utf8 DEFAULT NULL -- Same as ekid + ,sa_state SMALLINT NOT NULL DEFAULT 0 + ,tfvn TINYINT NOT NULL + ,scid SMALLINT NOT NULL + ,vcid TINYINT NOT NULL + ,mapid TINYINT NOT NULL DEFAULT 0 + ,lpid SMALLINT + ,est SMALLINT NOT NULL DEFAULT 0 + ,ast SMALLINT NOT NULL DEFAULT 0 + ,shivf_len SMALLINT NOT NULL DEFAULT 0 + ,shsnf_len SMALLINT NOT NULL DEFAULT 0 + ,shplf_len SMALLINT NOT NULL DEFAULT 0 + ,stmacf_len SMALLINT NOT NULL DEFAULT 0 + ,ecs_len SMALLINT NOT NULL DEFAULT 1 + ,ecs VARBINARY(4) NOT NULL DEFAULT X'01' -- ECS_SIZE=4 + ,iv_len SMALLINT NOT NULL DEFAULT 0 + ,iv VARBINARY(20) DEFAULT NULL -- IV_SIZE=12 + ,acs_len SMALLINT NOT NULL DEFAULT 0 + ,acs VARBINARY(4) NOT NULL DEFAULT X'00' + ,abm_len MEDIUMINT + ,abm VARBINARY(1024) NOT NULL DEFAULT X'0000FC0000FFFF000000000000000000000000' -- ABM_SIZE=1024 + ,arsn_len SMALLINT NOT NULL DEFAULT 0 + ,arsn VARBINARY(20) NOT NULL DEFAULT X'0000000000000000000000000000000000000000' -- ARSN_SIZE=20 , TBD why so large... + ,arsnw SMALLINT NOT NULL DEFAULT 0 -- ARSNW_SIZE=1 +); + +CREATE TABLE IF NOT EXISTS security_associations_aos +( + spi INT NOT NULL + ,ekid VARCHAR(100) CHARACTER SET utf8 DEFAULT NULL -- 'EG, for KMC Crypto KeyRef, 'kmc/test/KEY130', for libgcrypt '130' + ,akid VARCHAR(100) CHARACTER SET utf8 DEFAULT NULL -- Same as ekid + ,sa_state SMALLINT NOT NULL DEFAULT 0 + ,tfvn TINYINT NOT NULL + ,scid SMALLINT NOT NULL + ,vcid TINYINT NOT NULL + ,mapid TINYINT NOT NULL DEFAULT 0 + ,lpid SMALLINT + ,est SMALLINT NOT NULL DEFAULT 0 + ,ast SMALLINT NOT NULL DEFAULT 0 + ,shivf_len SMALLINT NOT NULL DEFAULT 0 + ,shsnf_len SMALLINT NOT NULL DEFAULT 0 + ,shplf_len SMALLINT NOT NULL DEFAULT 0 + ,stmacf_len SMALLINT NOT NULL DEFAULT 0 + ,ecs_len SMALLINT NOT NULL DEFAULT 1 + ,ecs VARBINARY(4) NOT NULL DEFAULT X'01' -- ECS_SIZE=4 + ,iv_len SMALLINT NOT NULL DEFAULT 0 + ,iv VARBINARY(20) DEFAULT NULL -- IV_SIZE=12 + ,acs_len SMALLINT NOT NULL DEFAULT 0 + ,acs VARBINARY(4) NOT NULL DEFAULT X'00' + ,abm_len MEDIUMINT + ,abm VARBINARY(1024) NOT NULL DEFAULT X'0000FC0000FFFF000000000000000000000000' -- ABM_SIZE=1024 + ,arsn_len SMALLINT NOT NULL DEFAULT 0 + ,arsn VARBINARY(20) NOT NULL DEFAULT X'0000000000000000000000000000000000000000' -- ARSN_SIZE=20 , TBD why so large... + ,arsnw SMALLINT NOT NULL DEFAULT 0 -- ARSNW_SIZE=1 +); + create unique index if not exists main_spi on security_associations (spi,scid,vcid,tfvn,mapid); +create unique index if not exists main_spi on security_associations_tm (spi,scid,vcid,tfvn,mapid); +create unique index if not exists main_spi on security_associations_aos (spi,scid,vcid,tfvn,mapid); diff --git a/src/sa/sadb_mariadb_sql/empty_sadb_aos.sql b/src/sa/sadb_mariadb_sql/empty_sadb_aos.sql new file mode 100644 index 00000000..cac8b183 --- /dev/null +++ b/src/sa/sadb_mariadb_sql/empty_sadb_aos.sql @@ -0,0 +1,3 @@ +USE sadb; + +TRUNCATE TABLE security_associations_aos; diff --git a/src/sa/sadb_mariadb_sql/empty_sadb.sql b/src/sa/sadb_mariadb_sql/empty_sadb_tc.sql similarity index 100% rename from src/sa/sadb_mariadb_sql/empty_sadb.sql rename to src/sa/sadb_mariadb_sql/empty_sadb_tc.sql diff --git a/src/sa/sadb_mariadb_sql/empty_sadb_tm.sql b/src/sa/sadb_mariadb_sql/empty_sadb_tm.sql new file mode 100644 index 00000000..0980a2e4 --- /dev/null +++ b/src/sa/sadb_mariadb_sql/empty_sadb_tm.sql @@ -0,0 +1,3 @@ +USE sadb; + +TRUNCATE TABLE security_associations_tm; diff --git a/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_aos_unit_tests.sql b/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_aos_unit_tests.sql new file mode 100644 index 00000000..6caaa3c6 --- /dev/null +++ b/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_aos_unit_tests.sql @@ -0,0 +1,87 @@ +USE sadb; + +-- SCID 03 (MMT) Security Associations AES/GCM/NoPadding -- +-- SA 1 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-0 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (1,'kmc/test/key130',3,X'01',1,1,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,3,0,0); + +-- SA 2 - OPERATIONAL; ENC; ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-0 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (2,'kmc/test/key130',3,X'01',1,0,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,3,0,0); + +-- SA 3 - OPERATIONAL; ENC; ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-1 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (3,'kmc/test/key130',3,X'01',1,1,12,12,16,X'000000000000000000000001',20,X'0000000000000000000000000000000000000000',5,0,0,3,1,0); + +-- SA 4 - OPERATIONAL; ENC; ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-2 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (4,'kmc/test/key130',3,X'01',1,1,6,12,16,X'000000000000FFFFFFFFFFFC',20,X'0000000000000000000000000000000000000000',5,0,0,3,2,0); + +-- SA 5 - OPERATIONAL; ENC; ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-3 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,arsn,tfvn,scid,vcid,mapid,ecs_len,acs_len,acs,shsnf_len) +VALUES (5,'kmc/test/key130',3,X'01',0,1,12,12,16,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,3,X'05FFFC',0,3,3,0,1,1,X'01',2); + +-- SA 6 - OPERATIONAL; ENC; ARSNW:5; AES-CBC; IV:NULL; IV-len:16; MAC-len:16; Key-ID: 130, SCID 3, VC-4 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,iv,stmacf_len,abm_len,abm,arsnw,arsn_len,arsn,tfvn,scid,vcid,mapid,ecs_len,acs_len,acs,shsnf_len) +VALUES (6,'kmc/test/key130',3,X'02',1,0,16,16,NULL,0,36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,3,X'05FFFC',0,3,4,0,1,1,X'00',2); + +-- SCID 44 (MMT) Security Associations AES/GCM/NoPadding -- +-- SA 7 - Only Keyed SA Available (VC 33) +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (7,'kmc/test/key130',2,X'01',1,1,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,33,0); + +-- SA 8 - Only Unkeyed SA Available (VC 32) +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (8,'kmc/test/key130',1,X'01',1,1,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,32,0); + +-- SA 9 - Null ECS & EKID for AESGCM Error (VC 34) +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (9,NULL,3,'',1,1,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,34,0); + +-- SA 10 - Invalid Frame Length with Seg Headers Config Set (VC 28) +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (10,'kmc/test/key128',3,X'01',1,1,12,12,16,X'000000000000000000000001',19,X'0000000000000000000000000000000000000000',5,0,0,44,28,1); + +-- SA 11 - OPERATIONAL; AUTH Only - ARSNW:5; None/AESCMAC ; ARSN_LEN=4; MAC-len:16; Key-ID: 130, SCID 44, VC-7 +INSERT INTO security_associations_aos (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (11,'kmc/test/key130',3,X'00',X'01',1,0,1,0,0,4,16,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,7,0); + +-- SA 12 - OPERATIONAL; AUTH Only - ARSNW:5; None/AESCMAC ; ARSN_LEN=4; MAC-len:16; Key-ID: 130, SCID 44, VC-8 +INSERT INTO security_associations_aos (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (12,'kmc/test/key130',3,X'00',X'01',1,0,1,0,0,4,16,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,8,0); + +-- SA 13 - OPERATIONAL; AUTH Only - ARSNW:5; None/HmacSHA256 ; MAC-len:32; Key-ID: 130, SCID 44, VC-8 +INSERT INTO security_associations_aos (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (13,'kmc/test/nist_hmacsha256',3,X'00',X'02',1,0,1,0,0,4,32,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,8,0); + +-- SA 14 - OPERATIONAL; AUTH Only - ARSNW:5; None/HmacSHA512 ; IV:00...01; IV-len:12; MAC-len:64; Key-ID: 130, SCID 44, VC-9 +INSERT INTO security_associations_aos (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (14,'kmc/test/nist_hmacsha512',3,X'00',X'03',1,0,1,0,0,4,64,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,9,0); + +-- SA 15 - OPERATIONAL; AUTH Only - ARSNW:5; None/HmacSHA512 ; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 44, VC-10 +INSERT INTO security_associations_aos (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (15,'kmc/test/nist_hmacsha512',3,X'00',X'03',1,0,1,0,0,4,16,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,10,0); + +-- SA 16 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:8; Key-ID: 130, SCID 44, VC-11 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (16,'kmc/test/key130',3,X'01',1,1,12,12,8,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,11,0); + +-- SA 17 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:32; Key-ID: 130, SCID 44, VC-12 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (17,'kmc/test/key130',3,X'01',1,1,12,12,32,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,12,0); + +-- SA 18 - OPERATIONAL; ENC; ARSNW:5; AES-CBC; IV:NULL; IV-len:16; MAC-len:16; Key-ID: 130, SCID 3, VC-6 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,iv,stmacf_len,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid,ecs_len,acs_len,acs,shsnf_len,shplf_len) +VALUES (18,'kmc/test/key130',3,X'02',1,0,16,16,X'00000000000000000000000000000001',0,36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,6,0,1,1,X'00',0,1); + +-- SA 19 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-55 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (19,'kmc/test/key130',3,X'01',1,1,12,12,16,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,1,3,0,0); + +-- SA 20 - OPERATIONAL; AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-56 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (20,'kmc/test/key130',3,X'01',0,1,12,12,16,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,56,0); + +-- SA 21 - OPERATIONAL; AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:8; Key-ID: 130, SCID 3, VC-57 +INSERT INTO security_associations_aos (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (21,'kmc/test/key130',3,X'01',0,1,12,12,8,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,57,0); diff --git a/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql b/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tc_unit_tests.sql similarity index 99% rename from src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql rename to src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tc_unit_tests.sql index 9935638e..88c5f3fc 100644 --- a/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql +++ b/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tc_unit_tests.sql @@ -76,7 +76,7 @@ VALUES (18,'kmc/test/key130',3,X'02',1,0,16,16,X'0000000000000000000000000000000 -- SA 19 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-55 INSERT INTO security_associations (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) -VALUES (19,'kmc/test/key130',3,X'01',1,1,12,12,16,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,55,0); +VALUES (19,'kmc/test/key130',3,X'01',1,1,12,12,16,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,1,3,0,0); -- SA 20 - OPERATIONAL; AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-56 INSERT INTO security_associations (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) diff --git a/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tm_unit_tests.sql b/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tm_unit_tests.sql new file mode 100644 index 00000000..64d4d71f --- /dev/null +++ b/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tm_unit_tests.sql @@ -0,0 +1,87 @@ +USE sadb; + +-- SCID 03 (MMT) Security Associations AES/GCM/NoPadding -- +-- SA 1 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-0 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (1,'kmc/test/key130',3,X'01',1,1,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,3,0,0); + +-- SA 2 - OPERATIONAL; ENC; ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-0 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (2,'kmc/test/key130',3,X'01',1,0,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,3,0,0); + +-- SA 3 - OPERATIONAL; ENC; ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-1 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (3,'kmc/test/key130',3,X'01',1,1,12,12,16,X'000000000000000000000001',20,X'0000000000000000000000000000000000000000',5,0,0,3,1,0); + +-- SA 4 - OPERATIONAL; ENC; ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-2 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (4,'kmc/test/key130',3,X'01',1,1,6,12,16,X'000000000000FFFFFFFFFFFC',20,X'0000000000000000000000000000000000000000',5,0,0,3,2,0); + +-- SA 5 - OPERATIONAL; ENC; ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-3 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,arsn,tfvn,scid,vcid,mapid,ecs_len,acs_len,acs,shsnf_len) +VALUES (5,'kmc/test/key130',3,X'01',0,1,12,12,16,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,3,X'05FFFC',0,3,3,0,1,1,X'01',2); + +-- SA 6 - OPERATIONAL; ENC; ARSNW:5; AES-CBC; IV:NULL; IV-len:16; MAC-len:16; Key-ID: 130, SCID 3, VC-4 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,iv,stmacf_len,abm_len,abm,arsnw,arsn_len,arsn,tfvn,scid,vcid,mapid,ecs_len,acs_len,acs,shsnf_len) +VALUES (6,'kmc/test/key130',3,X'02',1,0,16,16,NULL,0,36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,3,X'05FFFC',0,3,4,0,1,1,X'00',2); + +-- SCID 44 (MMT) Security Associations AES/GCM/NoPadding -- +-- SA 7 - Only Keyed SA Available (VC 33) +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (7,'kmc/test/key130',2,X'01',1,1,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,33,0); + +-- SA 8 - Only Unkeyed SA Available (VC 32) +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (8,'kmc/test/key130',1,X'01',1,1,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,32,0); + +-- SA 9 - Null ECS & EKID for AESGCM Error (VC 34) +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (9,NULL,3,'',1,1,12,12,16,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,34,0); + +-- SA 10 - Invalid Frame Length with Seg Headers Config Set (VC 28) +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (10,'kmc/test/key128',3,X'01',1,1,12,12,16,X'000000000000000000000001',19,X'0000000000000000000000000000000000000000',5,0,0,44,28,1); + +-- SA 11 - OPERATIONAL; AUTH Only - ARSNW:5; None/AESCMAC ; ARSN_LEN=4; MAC-len:16; Key-ID: 130, SCID 44, VC-7 +INSERT INTO security_associations_tm (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (11,'kmc/test/key130',3,X'00',X'01',1,0,1,0,0,4,16,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,7,0); + +-- SA 12 - OPERATIONAL; AUTH Only - ARSNW:5; None/AESCMAC ; ARSN_LEN=4; MAC-len:16; Key-ID: 130, SCID 44, VC-8 +INSERT INTO security_associations_tm (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (12,'kmc/test/key130',3,X'00',X'01',1,0,1,0,0,4,16,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,8,0); + +-- SA 13 - OPERATIONAL; AUTH Only - ARSNW:5; None/HmacSHA256 ; MAC-len:32; Key-ID: 130, SCID 44, VC-8 +INSERT INTO security_associations_tm (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (13,'kmc/test/nist_hmacsha256',3,X'00',X'02',1,0,1,0,0,4,32,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,8,0); + +-- SA 14 - OPERATIONAL; AUTH Only - ARSNW:5; None/HmacSHA512 ; IV:00...01; IV-len:12; MAC-len:64; Key-ID: 130, SCID 44, VC-9 +INSERT INTO security_associations_tm (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (14,'kmc/test/nist_hmacsha512',3,X'00',X'03',1,0,1,0,0,4,64,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,9,0); + +-- SA 15 - OPERATIONAL; AUTH Only - ARSNW:5; None/HmacSHA512 ; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 44, VC-10 +INSERT INTO security_associations_tm (spi,akid,sa_state,ecs,acs,acs_len,est,ast,iv_len,shivf_len,shsnf_len,stmacf_len,arsn,arsn_len,abm_len,abm,arsnw,tfvn,scid,vcid,mapid) +VALUES (15,'kmc/test/nist_hmacsha512',3,X'00',X'03',1,0,1,0,0,4,16,X'00000001',4,1024,X'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF',5,0,44,10,0); + +-- SA 16 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:8; Key-ID: 130, SCID 44, VC-11 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (16,'kmc/test/key130',3,X'01',1,1,12,12,8,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,11,0); + +-- SA 17 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:32; Key-ID: 130, SCID 44, VC-12 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (17,'kmc/test/key130',3,X'01',1,1,12,12,32,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',5,0,0,44,12,0); + +-- SA 18 - OPERATIONAL; ENC; ARSNW:5; AES-CBC; IV:NULL; IV-len:16; MAC-len:16; Key-ID: 130, SCID 3, VC-6 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,iv,stmacf_len,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid,ecs_len,acs_len,acs,shsnf_len,shplf_len) +VALUES (18,'kmc/test/key130',3,X'02',1,0,16,16,X'00000000000000000000000000000001',0,36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,6,0,1,1,X'00',0,1); + +-- SA 19 - OPERATIONAL; ENC + AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-55 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (19,'kmc/test/key130',3,X'01',1,1,12,12,16,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,1,3,0,0); + +-- SA 20 - OPERATIONAL; AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 3, VC-56 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (20,'kmc/test/key130',3,X'01',0,1,12,12,16,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,56,0); + +-- SA 21 - OPERATIONAL; AUTH - ARSNW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:8; Key-ID: 130, SCID 3, VC-57 +INSERT INTO security_associations_tm (spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid) +VALUES (21,'kmc/test/key130',3,X'01',0,1,12,12,8,X'000000000000000000000001',36,X'000000000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,57,0); diff --git a/support/scripts/build_kmc.sh b/support/scripts/build_kmc.sh index b55c99cd..f6f2272f 100755 --- a/support/scripts/build_kmc.sh +++ b/support/scripts/build_kmc.sh @@ -11,4 +11,4 @@ source $SCRIPT_DIR/env.sh rm $BASE_DIR/CMakeCache.txt -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_KMC=1 -DMARIADB_MULTI_TABLE=1 -DKEY_KMC=1 -DMC_DISABLED=1 -DSA_MARIADB=1 -DTEST=1 -DSA_FILE=1 -DKMC_MDB_DB=1 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_KMC=1 -DCRYPTO_LIBGCRYPT=1 -DKEY_KMC=1 -DKEY_INTERNAL=1 -DMC_DISABLED=1 -DMC_INTERNAL=1 -DSA_MARIADB=1 -DSA_INTERNAL=1 -DTEST=1 -DSA_FILE=1 -DKMC_MDB_DB=1 && make && make test diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 0317d315..ca026dbe 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -87,7 +87,6 @@ if((KMC_MDB_DB OR KMC_MDB_RH)) COMMAND ${PROJECT_BINARY_DIR}/bin/ut_tc_kmc WORKING_DIRECTORY ${PROJECT_TEST_DIR}) -endif() # add_test(NAME UT_SADB_ERR_CASES_KMC_CRYPTO # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_sa_err_cases_kmc_crypto # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) @@ -104,9 +103,9 @@ endif() # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - # add_test(NAME UT_KMC_CRYPTO - # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto - # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + add_test(NAME UT_KMC_CRYPTO + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) # add_test(NAME UT_KMC_CRYPTO_WITH_MTLS_SADB # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_with_mtls_sadb @@ -120,26 +119,20 @@ endif() # add_test(NAME UT_KMC_CRYPTO_AUTH_ONLY # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_auth_only # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) -#endif() -# if(TEST_ENC) -# add_test(NAME ET_DT_VALIDATION -# COMMAND ${PROJECT_BINARY_DIR}/bin/et_dt_validation -# WORKING_DIRECTORY ${PROJECT_TEST_DIR}) -# endif() + add_test(NAME UT_TM_KMC + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_tm_kmc + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + + add_test(NAME UT_AOS_KMC + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_aos_kmc + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) +endif() + include_directories(include) include_directories(../include) -# if(TEST_ENC) -# set(Python3_FIND_STRATEGY VERSION) -# find_package (Python3 REQUIRED COMPONENTS Interpreter Development) -# execute_process(COMMAND pip3 show pycryptodome RESULT_VARIABLE EXIT_CODE OUTPUT_QUIET) -# if(NOT ${EXIT_CODE} EQUAL 0) -# message(FATAL_ERROR "The \"pycryptodome\" Python3 package is not installed, and is required for TEST_ENC.") -# endif() -# endif() - file( GLOB UNIT_FILES unit/*.c) foreach(SOURCE_PATH ${UNIT_FILES}) get_filename_component(EXECUTABLE_NAME ${SOURCE_PATH} NAME_WE) diff --git a/test/kmc/ut_aos_kmc.c b/test/kmc/ut_aos_kmc.c new file mode 100644 index 00000000..04767a01 --- /dev/null +++ b/test/kmc/ut_aos_kmc.c @@ -0,0 +1,291 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +/** + * Unit Tests that make use of AOS Functionality with KMC Service. + **/ +#include "ut_aos_apply.h" +#include "ut_aos_process.h" +#include "crypto.h" +#include "crypto_error.h" +#include "sa_interface.h" +#include "utest.h" + +#include +#include + +#define KMC_HOSTNAME "itc.kmc.nasa.gov" +#define CA_PATH "/home/jstar/Desktop/kmc_certs/ca.pem" +#define CLIENT_CERTIFICATE "/home/jstar/Desktop/kmc_certs/ammos-client-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/home/jstar/Desktop/kmc_certs/ammos-client-key.pem" + +void reload_db(void) +{ + printf("Resetting Database\n"); + system("mysql --host=localhost -u cryptosvc --skip-ssl-verify-server-cert " + "--ssl-ca=/home/jstar/Desktop/kmc_certs/ca.pem " + "--ssl-cert=/home/jstar/Desktop/kmc_certs/ammos-server-cert.pem " + "--ssl-key=/home/jstar/Desktop/kmc_certs/ammos-server-key.pem < " + "src/sa/sadb_mariadb_sql/empty_sadb_aos.sql"); + printf("first call done\n"); + system("mysql --host=localhost -u cryptosvc --skip-ssl-verify-server-cert " + "--ssl-ca=/home/jstar/Desktop/kmc_certs/ca.pem " + "--ssl-cert=/home/jstar/Desktop/kmc_certs/ammos-server-cert.pem " + "--ssl-key=/home/jstar/Desktop/kmc_certs/ammos-server-key.pem < " + "src/sa/test_sadb_mariadb_sql/create_sadb_ivv_aos_unit_tests.sql"); +} + +/** + * @brief MariaDB: Table Cleanup for Unit Tests + * Be sure to use only after initialization + * TODO: Move to shared function for all Unit Tests + */ +void MDB_DB_RESET() +{ + MYSQL *con = mysql_init(NULL); + if (sa_mariadb_config->mysql_mtls_key != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_KEY, sa_mariadb_config->mysql_mtls_key); + } + if (sa_mariadb_config->mysql_mtls_cert != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CERT, sa_mariadb_config->mysql_mtls_cert); + } + if (sa_mariadb_config->mysql_mtls_ca != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CA, sa_mariadb_config->mysql_mtls_ca); + } + if (sa_mariadb_config->mysql_mtls_capath != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CAPATH, sa_mariadb_config->mysql_mtls_capath); + } + if (sa_mariadb_config->mysql_tls_verify_server != CRYPTO_FALSE) + { + mysql_optionsv(con, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &(sa_mariadb_config->mysql_tls_verify_server)); + } + if (sa_mariadb_config->mysql_mtls_client_key_password != NULL) + { + mysql_optionsv(con, MARIADB_OPT_TLS_PASSPHRASE, sa_mariadb_config->mysql_mtls_client_key_password); + } + if (sa_mariadb_config->mysql_require_secure_transport == CRYPTO_TRUE) + { + mysql_optionsv(con, MYSQL_OPT_SSL_ENFORCE, &(sa_mariadb_config->mysql_require_secure_transport)); + } + // if encrypted connection (TLS) connection. No need for SSL Key + if (mysql_real_connect(con, sa_mariadb_config->mysql_hostname, sa_mariadb_config->mysql_username, + sa_mariadb_config->mysql_password, sa_mariadb_config->mysql_database, + sa_mariadb_config->mysql_port, NULL, 0) == NULL) + { + // 0,NULL,0 are port number, unix socket, client flag + //finish_with_error(con); + } + + printf("Truncating Tables\n"); + char *query = "TRUNCATE TABLE security_associations_aos\n"; + if (mysql_real_query(con, query, strlen(query))) + { // query should be NUL terminated! + printf("Failed to Truncate Table\n"); + //finish_with_error(con); + } + query = + "INSERT INTO security_associations_aos " + "(spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid," + "ecs_len, shplf_len) VALUES " + "(11,'kmc/test/" + "key130',3,X'02',1,0,16,16,0,X'00000000000000000000000000000001',1024,X'" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,0,0,1,1)"; + if (mysql_real_query(con, query, strlen(query))) + { // query should be NUL terminated! + printf("Failed to re-create security_association_aos table for SPI 11\n"); + //finish_with_error(con); + } +} + +/** + * @brief Unit Test: Nominal Encryption CBC KMC + **/ +UTEST(AOS_APPLY_KMC, HAPPY_PATH_ENC_AOS_CBC_KMC) +{ + remove("sa_save_file.bin"); + reload_db(); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + + int32_t return_val = Crypto_Init(); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + + char *raw_aos_sdls_ping_h = + "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA0000"; + char *raw_aos_sdls_ping_b = NULL; + int raw_aos_sdls_ping_len = 0; + + hex_conversion(raw_aos_sdls_ping_h, &raw_aos_sdls_ping_b, &raw_aos_sdls_ping_len); + + aos_frame_pri_hdr.tfvn = ((uint8_t)raw_aos_sdls_ping_b[0] & 0xC0) >> 6; + aos_frame_pri_hdr.scid = (((uint16_t)raw_aos_sdls_ping_b[0] & 0x3F) << 2) | (((uint16_t)raw_aos_sdls_ping_b[1] & 0xC0) >> 6); + aos_frame_pri_hdr.vcid = ((uint8_t)raw_aos_sdls_ping_b[1] & 0x3F); + + return_val = + Crypto_AOS_ApplySecurity((uint8_t *)raw_aos_sdls_ping_b, raw_aos_sdls_ping_len); + + // Truth frame setup + char *truth_aos_h = + "40C0000000000013000000000000000000000001BB73A3818AB2D7C51A5A14B6674439BB9B7DC0B21A44256075B5413488F77FC590A9C521DB9A013DC0456F5FE9F99D111B1C31BABCDB7E0FB2822BEA152FAA73F5D3F06EBE6D18CC1B85D5DCF1F293E77A384916E28A7C8206708C3758D87CA6BDD7FEAE2225ACDDFA1B878C3F831AD4ECB8026ACC50E58B1367455A1E5879886B414BF33B0BB5F8EE44750E15051A2554A6B172BEAA92F03B90DCEB57165CC1CA8ED97A7E76968F655549B28080BF25ED4E9A6377166C137CFEB884A8D9B9405C84883F7880D60FEFFDB7CA4E9F8FB4F7D77315A6E8E3F3326751F8855349EDE8797A57B7F07CD8B1531539B05A7FFEF4708864847C3EBEDFA656D6243941F06B21132953BA22B5E8F3EC7079F096D2A621D29FF0625147D32A7C0F644FA557A70567579F10D461C4198A360D0BB2361E1599533A4B69F8ADC8FA64174E1092B996BC01B87453EE54E961D14BE002FE7D24BE389F892D4C6967B910D650C36FA653BAF214E93CBDD813F8078D534303BA8FC795CBB2292A770F9959F60DC0ED141375BBEB86ED099CC1EBCDE6488B911508B7213C9AB1346E4B90D4B9AA8EAE02EC8B8AB54957309CE1266FD80907E5B16441CE0A9B2A4146A2885537688577D6C9FECFD9E9F584EC860A276684667BAE255ABC0CB808FD685EA95DC86BFCEC9EC0EA352A317DCF8AA579B0746C8B5359F6E1BB4881BAC194A6D9B3881907621C8EC65FF1AB61B6DCDA3BC9B07165FAE18ABA0E849CC09B9C8BBAB5963C8EB855273DC61B4487C85C1BB88943AEFFFF08830852EE074B6DCF71146D28B4AB311A043663E9EC5824426553BE583AF18E2C172A11849E70A4814F8ABFFE851F1716B16466011293161DD44FFD1F2519BA82F8B21798004EFD1F2246623CF98C92323D202A7E1FF3A7EF204A729CB1EAF6F2E16FCC18FC0826D60D113A17D1BCF887461A0E79B5D0A9A3980CCD7073476D431524EE5E5FEA0B3A8F037F5E95213EC3D3FBB04CA49A35D99BDD22AC41150653BD8B75F8C3CC060B0DC09BC062DDF8E3CC3C9DF13BA44A96C53EA336A19138557A23C94E508839CAA76458636B68AB5DFED7D268C1CE329BF430D4306159ECA035B079927A5597F1E80FDCE67F5B23580C85D6971D9DF12D1A50556C7F612530B4A5C2C2469E0AD0FAFF88D58C466C3CD601CDCF0AF65D0219E1C94D7461B1D39CF05D1B0F2C1EC94C985E4DD1B1C1AD935537B6FE53FA9581C209EDA64340F72F5738D0877ECE4FF2831B6DEE291CAC98CD385BEE07270E44A1CB5635CA3660946761293B1BC238C13670D2432BC3A0227A4CF94959E6C61B391E74BB14B27B0D767BD8AE8AAB60FDD6D2593A5E3B83518283B5DF4510A47D8B116229EF409F44B8A9AAF5452FB5D7A0C8DBCB8692A479A9BA1C8309E84E8989782D868AE1884150E1D645FE053C7430921514E4E76358AD4CC7E096C8BD390488DA2D7AFBB5408299F892A1CFE708D918FED3D7D6BCB27EF17A1E03B50A3EE76D507B19C0AFE7178D4455A2D77A787ACF0B75DEE48757602D6D6DED0224F75B0B64D9381B39436BB9D196F31347B55E346A6C0A335C85CE4E098F07A6CC3DDAC549371DDB1447DB0A02E39F96A87BF7ADE1610A51ABE79A84394DEDAAA74B61AC13E5A957079FA2841BD663CDB5CA731536034855AEBE2740248F7DE86463FCA8BCC66FCE3F38CE11215FC6890874E458244AB9691818289EF7DF05A0B0C2215BA36654483E7FF73B6630811DD6237414D4C7FE8863CCCDB5563FF36F534113B392BCCBE46566BCF10238C8127BCF74389674774996253EA6742242E1D62509AC1EEAB577D7149924F5640BFF4EB364EEF4C2664D98824E0F0ED0D91C1065E9FEB96160925BCEB1FB48E6E8658BE8032F01FC10A63D9D79C7F5E49AFEF6C43A6D665D95F9D7E46AACDB8FB3F6086EBAF56B3149C2641B4AFBCDA992C8399B915EE2D23F8DAD37023B4E40C07F3341FF3097F25D238C692C5F816E128B922A09249DCA1FE0BA4B1E77A4ECCDC53712A5CE588D688D13370163A925867CB4E1D41FDED4CE244D852ED1D3F17D48A04921973F4D8F34180AF748B6C292181FFAC33D2EEEA7BC91E993EA29E5F2798930C8B149F5478C05F59F7ACA8E862BB37B5A0A792DCE1BF4E76DB82DC1408733CD8F06995746726738F3E1416792AC8F8A91532B7F9331111DF835F3A60BB2134009D6BEC469B0CA1AD6352C7E6EA928332ECA13CF2862A8C845734B00B230C8EEEA10FD0FE2BC62E7304ECD40E54B8D28C78E4C44FBF535A2F59FCF2D4B4A550FB5AE7AE469B2BA9DDC08C741653A405D5BAFD0C677C8D0B43984C82F7B814CAA0989518C71DB8DD93E12C1F3EFFA453C03A11E2F338DDCD50D4C7CDCFC7B32A7DCFEAEA1D66815AA1E91D1FE3D62AAECF9BF9F5CC7C02278E0C5DC0DD322BCF90FF81EC1A5BFBBE2CF708CAEBE520CB89620A0AD847A405648E6A01F658313107B1E143EF2D86100F4610000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; + hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); + + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) + { + printf("Checking %02x against %02X\n", (uint8_t)raw_aos_sdls_ping_b[i], (uint8_t) * (truth_aos_b + i)); + ASSERT_EQ((uint8_t)raw_aos_sdls_ping_b[i], (uint8_t) * (truth_aos_b + i)); + } + + Crypto_Shutdown(); + free(raw_aos_sdls_ping_b); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +} + +/** + * @brief Unit Test: Nominal Decryption CBC KMC + **/ +UTEST(AOS_PROCESS_KMC, HAPPY_PATH_DEC_AOS_CBC_KMC) +{ + AOS_t *ptr_processed_frame = malloc(AOS_SIZE); + uint16_t processed_aos_len = 0; + + remove("sa_save_file.bin"); + reload_db(); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_INTERNAL, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + + int32_t return_val = Crypto_Init(); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + + char *raw_aos_sdls_ping_h = + "40C0000000000013000000000000000000000001BB73A3818AB2D7C51A5A14B6674439BB9B7DC0B21A44256075B5413488F77FC590A9C521DB9A013DC0456F5FE9F99D111B1C31BABCDB7E0FB2822BEA152FAA73F5D3F06EBE6D18CC1B85D5DCF1F293E77A384916E28A7C8206708C3758D87CA6BDD7FEAE2225ACDDFA1B878C3F831AD4ECB8026ACC50E58B1367455A1E5879886B414BF33B0BB5F8EE44750E15051A2554A6B172BEAA92F03B90DCEB57165CC1CA8ED97A7E76968F655549B28080BF25ED4E9A6377166C137CFEB884A8D9B9405C84883F7880D60FEFFDB7CA4E9F8FB4F7D77315A6E8E3F3326751F8855349EDE8797A57B7F07CD8B1531539B05A7FFEF4708864847C3EBEDFA656D6243941F06B21132953BA22B5E8F3EC7079F096D2A621D29FF0625147D32A7C0F644FA557A70567579F10D461C4198A360D0BB2361E1599533A4B69F8ADC8FA64174E1092B996BC01B87453EE54E961D14BE002FE7D24BE389F892D4C6967B910D650C36FA653BAF214E93CBDD813F8078D534303BA8FC795CBB2292A770F9959F60DC0ED141375BBEB86ED099CC1EBCDE6488B911508B7213C9AB1346E4B90D4B9AA8EAE02EC8B8AB54957309CE1266FD80907E5B16441CE0A9B2A4146A2885537688577D6C9FECFD9E9F584EC860A276684667BAE255ABC0CB808FD685EA95DC86BFCEC9EC0EA352A317DCF8AA579B0746C8B5359F6E1BB4881BAC194A6D9B3881907621C8EC65FF1AB61B6DCDA3BC9B07165FAE18ABA0E849CC09B9C8BBAB5963C8EB855273DC61B4487C85C1BB88943AEFFFF08830852EE074B6DCF71146D28B4AB311A043663E9EC5824426553BE583AF18E2C172A11849E70A4814F8ABFFE851F1716B16466011293161DD44FFD1F2519BA82F8B21798004EFD1F2246623CF98C92323D202A7E1FF3A7EF204A729CB1EAF6F2E16FCC18FC0826D60D113A17D1BCF887461A0E79B5D0A9A3980CCD7073476D431524EE5E5FEA0B3A8F037F5E95213EC3D3FBB04CA49A35D99BDD22AC41150653BD8B75F8C3CC060B0DC09BC062DDF8E3CC3C9DF13BA44A96C53EA336A19138557A23C94E508839CAA76458636B68AB5DFED7D268C1CE329BF430D4306159ECA035B079927A5597F1E80FDCE67F5B23580C85D6971D9DF12D1A50556C7F612530B4A5C2C2469E0AD0FAFF88D58C466C3CD601CDCF0AF65D0219E1C94D7461B1D39CF05D1B0F2C1EC94C985E4DD1B1C1AD935537B6FE53FA9581C209EDA64340F72F5738D0877ECE4FF2831B6DEE291CAC98CD385BEE07270E44A1CB5635CA3660946761293B1BC238C13670D2432BC3A0227A4CF94959E6C61B391E74BB14B27B0D767BD8AE8AAB60FDD6D2593A5E3B83518283B5DF4510A47D8B116229EF409F44B8A9AAF5452FB5D7A0C8DBCB8692A479A9BA1C8309E84E8989782D868AE1884150E1D645FE053C7430921514E4E76358AD4CC7E096C8BD390488DA2D7AFBB5408299F892A1CFE708D918FED3D7D6BCB27EF17A1E03B50A3EE76D507B19C0AFE7178D4455A2D77A787ACF0B75DEE48757602D6D6DED0224F75B0B64D9381B39436BB9D196F31347B55E346A6C0A335C85CE4E098F07A6CC3DDAC549371DDB1447DB0A02E39F96A87BF7ADE1610A51ABE79A84394DEDAAA74B61AC13E5A957079FA2841BD663CDB5CA731536034855AEBE2740248F7DE86463FCA8BCC66FCE3F38CE11215FC6890874E458244AB9691818289EF7DF05A0B0C2215BA36654483E7FF73B6630811DD6237414D4C7FE8863CCCDB5563FF36F534113B392BCCBE46566BCF10238C8127BCF74389674774996253EA6742242E1D62509AC1EEAB577D7149924F5640BFF4EB364EEF4C2664D98824E0F0ED0D91C1065E9FEB96160925BCEB1FB48E6E8658BE8032F01FC10A63D9D79C7F5E49AFEF6C43A6D665D95F9D7E46AACDB8FB3F6086EBAF56B3149C2641B4AFBCDA992C8399B915EE2D23F8DAD37023B4E40C07F3341FF3097F25D238C692C5F816E128B922A09249DCA1FE0BA4B1E77A4ECCDC53712A5CE588D688D13370163A925867CB4E1D41FDED4CE244D852ED1D3F17D48A04921973F4D8F34180AF748B6C292181FFAC33D2EEEA7BC91E993EA29E5F2798930C8B149F5478C05F59F7ACA8E862BB37B5A0A792DCE1BF4E76DB82DC1408733CD8F06995746726738F3E1416792AC8F8A91532B7F9331111DF835F3A60BB2134009D6BEC469B0CA1AD6352C7E6EA928332ECA13CF2862A8C845734B00B230C8EEEA10FD0FE2BC62E7304ECD40E54B8D28C78E4C44FBF535A2F59FCF2D4B4A550FB5AE7AE469B2BA9DDC08C741653A405D5BAFD0C677C8D0B43984C82F7B814CAA0989518C71DB8DD93E12C1F3EFFA453C03A11E2F338DDCD50D4C7CDCFC7B32A7DCFEAEA1D66815AA1E91D1FE3D62AAECF9BF9F5CC7C02278E0C5DC0DD322BCF90FF81EC1A5BFBBE2CF708CAEBE520CB89620A0AD847A405648E6A01F658313107B1E143EF2D86100F4610000"; + char *raw_aos_sdls_ping_b = NULL; + int raw_aos_sdls_ping_len = 0; + + hex_conversion(raw_aos_sdls_ping_h, &raw_aos_sdls_ping_b, &raw_aos_sdls_ping_len); + + aos_frame_pri_hdr.tfvn = ((uint8_t)raw_aos_sdls_ping_b[0] & 0xC0) >> 6; + aos_frame_pri_hdr.scid = (((uint16_t)raw_aos_sdls_ping_b[0] & 0x3F) << 2) | (((uint16_t)raw_aos_sdls_ping_b[1] & 0xC0) >> 6); + aos_frame_pri_hdr.vcid = ((uint8_t)raw_aos_sdls_ping_b[1] & 0x3F); + + return_val = + Crypto_AOS_ProcessSecurity((uint8_t *)raw_aos_sdls_ping_b, raw_aos_sdls_ping_len, ptr_processed_frame, &processed_aos_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + + char *truth_aos_h = + "40C0000000000000000000000000000000000000DDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA000000000000000000000000000000000000"; + char *truth_aos_b = NULL; + int truth_aos_len = 0; + hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); + + SecurityAssociation_t *sa_ptr = NULL; + sa_if->sa_get_from_spi(19, &sa_ptr); // Enable and setup 9 + uint16_t sh_len = Crypto_Get_Security_Header_Length(sa_ptr); + uint16_t offset = 6 + sh_len; + for (int i = 0; i < ptr_processed_frame->aos_pdu_len; i++) + { + // printf("Checking %02x against %02X\n", (uint8_t)aos_frame->aos_pdu[i], (uint8_t)*(truth_aos_b + offset + i)); + ASSERT_EQ((uint8_t)ptr_processed_frame->aos_pdu[i], (uint8_t) * (truth_aos_b + offset + i)); + } + + Crypto_aosPrint(ptr_processed_frame); + + Crypto_Shutdown(); + free(truth_aos_b); + free(ptr_processed_frame); + free(raw_aos_sdls_ping_b); +} + +UTEST_MAIN(); \ No newline at end of file diff --git a/test/kmc/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c index c3c44d84..5120428c 100644 --- a/test/kmc/ut_kmc_crypto.c +++ b/test/kmc/ut_kmc_crypto.c @@ -30,6 +30,27 @@ #include #include +#define KMC_HOSTNAME "itc.kmc.nasa.gov" +#define CA_PATH "/home/jstar/Desktop/kmc_certs/ca.pem" +#define CLIENT_CERTIFICATE "/home/jstar/Desktop/kmc_certs/ammos-client-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/home/jstar/Desktop/kmc_certs/ammos-client-key.pem" + +void reload_db(void) +{ + printf("Resetting Database\n"); + system("mysql --host=localhost -u cryptosvc --skip-ssl-verify-server-cert " + "--ssl-ca=/home/jstar/Desktop/kmc_certs/ca.pem " + "--ssl-cert=/home/jstar/Desktop/kmc_certs/ammos-server-cert.pem " + "--ssl-key=/home/jstar/Desktop/kmc_certs/ammos-server-key.pem < " + "src/sa/sadb_mariadb_sql/empty_sadb_tc.sql"); + printf("first call done\n"); + system("mysql --host=localhost -u cryptosvc --skip-ssl-verify-server-cert " + "--ssl-ca=/home/jstar/Desktop/kmc_certs/ca.pem " + "--ssl-cert=/home/jstar/Desktop/kmc_certs/ammos-server-cert.pem " + "--ssl-key=/home/jstar/Desktop/kmc_certs/ammos-server-key.pem < " + "src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tc_unit_tests.sql"); +} + // #ifdef KMC_MDB_RH // #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" // #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" @@ -154,188 +175,214 @@ // /** // * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB // **/ -// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) -// { -// // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, -// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, -// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, -// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", -// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", -// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, -// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 56, TC_HAS_FECF, -// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - -// char* raw_tc_jpl_mmt_scid44_vcid1= "2003E008000001bf1a"; -// char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; -// int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, -// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - -// uint8_t* ptr_enc_frame = NULL; -// uint16_t enc_frame_len = 0; - -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// printf("Frame before encryption:\n"); -// for (int i=0; i %02x ", ptr_enc_frame[i], truth_data_b[i]); + ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); + } + + printf("Frame after encryption:\n"); + for (int i = 0; i < enc_frame_len; i++) + { + printf("%02x ", ptr_enc_frame[i]); + } + printf("\n"); + + Crypto_Shutdown(); + free(raw_tc_jpl_mmt_scid44_vcid1_expect); + free(ptr_enc_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +} -// /** -// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB -// **/ -// UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) -// { -// // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, -// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, -// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, -// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", -// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", -// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, -// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 55, TC_HAS_FECF, -// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); - -// char* enc_tc_jpl_mmt_scid44_vcid1= -// "2003DC250000130000000000000000000000016746C816E9C1D758FB457D8AAE7A5B83842A5A"; char* -// enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - -// // Data=0001 -// // IV=000000000000000000000001 -// // AAD=00000000000000000000000000000000000000 - -// TC_t* tc_processed_frame; -// tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - -// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, -// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); - -// uint8_t* ptr_enc_frame = NULL; - -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// printf("Encrypted Frame Before Processing:\n"); -// for (int i=0; itc_pdu_len; i++) -// { -// printf("%02x ", tc_processed_frame->tc_pdu[i]); -// } -// printf("\n"); -// ASSERT_EQ(0x01,tc_processed_frame->tc_pdu[0]); - -// Crypto_Shutdown(); -// free(enc_tc_jpl_mmt_scid44_vcid1_expect); -// free(ptr_enc_frame); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// } -// //// Commenting out test - AEAD algorithms must have a tag -- Enc only config is invalid -// ///** -// // * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB -// // **/ -// //UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_ONLY) -// //{ -// // // Setup & Initialize CryptoLib -// // Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, -// // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, -// // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, -// // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// // Crypto_Config_MariaDB("sa_user", "sa_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, +/** + * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB + **/ +UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) +{ + remove("sa_save_file.bin"); + reload_db(); + + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 55, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + int32_t status = Crypto_Init(); + + char *enc_tc_jpl_mmt_scid44_vcid1 = "2003DC250000130000000000000000000000016746C816E9C1D758FB457D8AAE7A5B83842A5A"; + char *enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + + // Data=0001 + // IV=000000000000000000000001 + // AAD=00000000000000000000000000000000000000 + + TC_t *tc_processed_frame; + tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + + hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, + &enc_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; + + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("Encrypted Frame Before Processing:\n"); + for (int i = 0; i < enc_tc_jpl_mmt_scid44_vcid1_expect_len; i++) + { + printf("%02x ", (uint8_t)enc_tc_jpl_mmt_scid44_vcid1_expect[i]); + } + printf("\n"); + + status = Crypto_TC_ProcessSecurity((uint8_t *)enc_tc_jpl_mmt_scid44_vcid1_expect, + &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); + if (status != CRYPTO_LIB_SUCCESS) + { + Crypto_Shutdown(); + } + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + printf("Processed PDU:\n"); + for (int i = 0; i < tc_processed_frame->tc_pdu_len; i++) + { + printf("%02x ", tc_processed_frame->tc_pdu[i]); + } + printf("\n"); + ASSERT_EQ(0x01, tc_processed_frame->tc_pdu[0]); + + Crypto_Shutdown(); + free(enc_tc_jpl_mmt_scid44_vcid1_expect); + free(ptr_enc_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +} + +//// Commenting out test - AEAD algorithms must have a tag -- Enc only config is invalid +///** +// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB +// **/ +// UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_ONLY) +//{ +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("sa_user", "sa_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, // 0, NULL); -// // Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service", +// Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service", // "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", // "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", // NULL, NULL, CRYPTO_FALSE); -// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, // AOS_IZ_NA, 0); -// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, // AOS_IZ_NA, 0); -// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, // AOS_IZ_NA, 0); -// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, // AOS_IZ_NA, 0); -// // int32_t status = Crypto_Init(); -// // -// // char* enc_tc_jpl_mmt_scid44_vcid1= "202C0816000003000000000000000000000001669CD238"; -// // char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; -// // int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// // -// // // IV = 000000000000000000000001 -// // -// // TC_t* tc_processed_frame; -// // tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); -// // -// // hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, -// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); -// // -// // uint8_t* ptr_enc_frame = NULL; -// // -// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// // -// // printf("Encrypted Frame Before Processing:\n"); -// // for (int i=0; itc_pdu_len; i++) -// // for (int i=0; i<2; i++) -// // { -// // printf("%02x ", tc_processed_frame->tc_pdu[i]); -// // } -// // printf("\n"); -// // -// // // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); -// // // ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); -// // -// // Crypto_Shutdown(); -// // free(enc_tc_jpl_mmt_scid44_vcid1_expect); -// // free(ptr_enc_frame); -// // // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// //} +// int32_t status = Crypto_Init(); +// +// char* enc_tc_jpl_mmt_scid44_vcid1= "202C0816000003000000000000000000000001669CD238"; +// char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; +// +// // IV = 000000000000000000000001 +// +// TC_t* tc_processed_frame; +// tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// +// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); +// +// uint8_t* ptr_enc_frame = NULL; +// +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// +// printf("Encrypted Frame Before Processing:\n"); +// for (int i=0; itc_pdu_len; i++) +// for (int i=0; i<2; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); +// +// // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// // ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); +// +// Crypto_Shutdown(); +// free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// free(ptr_enc_frame); +// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +//} // /** // * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB // * This doesn't work -- Apply Security Auth Only doesn't return the proper tag. @@ -404,223 +451,243 @@ // // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // } -// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) +UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) +{ + // Setup & Initialize CryptoLib + remove("sa_save_file.bin"); + reload_db(); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 57, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + int32_t status = Crypto_Init(); + + char *raw_tc_jpl_mmt_scid44_vcid1 = "2003e408000001bd37"; + char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, + &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("Frame before encryption:\n"); + for (int i = 0; i < raw_tc_jpl_mmt_scid44_vcid1_expect_len; i++) + { + printf("%02x ", (uint8_t)raw_tc_jpl_mmt_scid44_vcid1_expect[i]); + } + printf("\n"); + + status = Crypto_TC_ApplySecurity((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, + raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); + if (status != CRYPTO_LIB_SUCCESS) + { + Crypto_Shutdown(); + } + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + printf("Frame after encryption:\n"); + for (int i = 0; i < enc_frame_len; i++) + { + printf("%02x ", ptr_enc_frame[i]); + } + printf("\n"); + + Crypto_Shutdown(); + free(raw_tc_jpl_mmt_scid44_vcid1_expect); + free(ptr_enc_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +} + +UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) +{ + // Setup & Initialize CryptoLib + remove("sa_save_file.bin"); + reload_db(); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 57, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + int32_t status = Crypto_Init(); + + char *enc_tc_jpl_mmt_scid44_vcid1 = "2003E41E0000150000000000000000000000040001EF029857C5ED7E5B1807"; + char *enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + + // Data=0001 + // IV=000000000000000000000001 + // AAD=00000000000000000000000000000000000000 + + TC_t *tc_processed_frame; + tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + + hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, + &enc_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t *ptr_enc_frame = NULL; + + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("Encrypted Frame Before Processing:\n"); + for (int i = 0; i < enc_tc_jpl_mmt_scid44_vcid1_expect_len; i++) + { + printf("%02x ", (uint8_t)enc_tc_jpl_mmt_scid44_vcid1_expect[i]); + } + printf("\n"); + + status = Crypto_TC_ProcessSecurity((uint8_t *)enc_tc_jpl_mmt_scid44_vcid1_expect, + &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); + if (status != CRYPTO_LIB_SUCCESS) + { + Crypto_Shutdown(); + } + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + printf("Processed PDU:\n"); + for (int i = 0; i < tc_processed_frame->tc_pdu_len; i++) + { + printf("%02x ", tc_processed_frame->tc_pdu[i]); + } + printf("\n"); + + ASSERT_EQ(0x00, tc_processed_frame->tc_pdu[0]); + ASSERT_EQ(0x00, tc_processed_frame->tc_pdu[1]); + + Crypto_Shutdown(); + free(enc_tc_jpl_mmt_scid44_vcid1_expect); + free(ptr_enc_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +} + +// Think this is a bad test, or at least is not erroring how it should. Might want to reevaluate +// UTEST(KMC_CRYPTO, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib +// remove("sa_save_file.bin"); +// reload_db(); +// // Setup & Initialize CryptoLib // Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, -// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", -// NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); Crypto_Config_Kmc_Crypto_Service("https", -// "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, -// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 57, TC_HAS_FECF, -// TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t status = Crypto_Init(); +// Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, +// CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", +// "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, +// "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// GvcidManagedParameters_t TC_UT_Managed_Parameters = { +// 0, 0x0003, 11, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; +// Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); +// int32_t status = Crypto_Init(); + +// char *enc_tc_jpl_mmt_scid44_vcid1 = "20032C1E000009000000000000000000000001669C5639DCCDEA8C6CE3EEF2"; +// char *enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// char* raw_tc_jpl_mmt_scid44_vcid1= "2003e408000001bd37"; -// char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; -// int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; +// // Data=0001 +// // IV=000000000000000000000001 +// // AAD=00000000000000000000000000000000000000 -// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, -// &raw_tc_jpl_mmt_scid44_vcid1_expect_len); +// TC_t *tc_processed_frame; +// tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); -// uint8_t* ptr_enc_frame = NULL; -// uint16_t enc_frame_len = 0; +// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, +// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); + +// uint8_t *ptr_enc_frame = NULL; // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// printf("Frame before encryption:\n"); -// for (int i=0; itc_pdu_len; i++) -// // { -// // printf("%02x ", tc_processed_frame->tc_pdu[i]); -// // } -// // printf("\n"); - -// // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); -// // ASSERT_EQ( 0x00,tc_processed_frame->tc_pdu[1]); - -// // Crypto_Shutdown(); -// // free(enc_tc_jpl_mmt_scid44_vcid1_expect); -// // free(ptr_enc_frame); -// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// // } - -// // UTEST(KMC_CRYPTO, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) -// // { -// // // Setup & Initialize CryptoLib -// // Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, -// // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, -// // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, -// // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, -// "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); -// // Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, -// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, -// NULL, NULL); -// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, -// AOS_IZ_NA, 0); -// // int32_t status = Crypto_Init(); - -// // char* enc_tc_jpl_mmt_scid44_vcid1= "20032C1E000009000000000000000000000001669C5639DCCDEA8C6CE3EEF2"; -// // char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; -// // int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - -// // // Data=0001 -// // // IV=000000000000000000000001 -// // // AAD=00000000000000000000000000000000000000 - -// // TC_t* tc_processed_frame; -// // tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - -// // hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, -// &enc_tc_jpl_mmt_scid44_vcid1_expect_len); - -// // uint8_t* ptr_enc_frame = NULL; - -// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - -// // printf("Encrypted Frame Before Processing:\n"); -// // for (int i=0; i #define KMC_HOSTNAME "itc.kmc.nasa.gov" -#define CA_PATH "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt" -#define CLIENT_CERTIFICATE "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem" -#define CLIENT_CERTIFICATE_KEY "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem" +#define CA_PATH "/home/jstar/Desktop/kmc_certs/ca.pem" +#define CLIENT_CERTIFICATE "/home/jstar/Desktop/kmc_certs/ammos-client-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/home/jstar/Desktop/kmc_certs/ammos-client-key.pem" /** * @brief Error Function for MDB_DB_RESET @@ -50,17 +50,17 @@ void finish_with_error(MYSQL *con) void reload_db(void) { printf("Resetting Database\n"); - system("mysql --host=itc.kmc.nasa.gov -u cryptosvc " - "--ssl-ca=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt --ssl-verify-server-cert " - "--ssl-cert=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem " - "--ssl-key=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem < " - "src/sa/sadb_mariadb_sql/empty_sadb.sql"); + system("mysql --host=localhost -u cryptosvc --skip-ssl-verify-server-cert " + "--ssl-ca=/home/jstar/Desktop/kmc_certs/ca.pem " + "--ssl-cert=/home/jstar/Desktop/kmc_certs/ammos-server-cert.pem " + "--ssl-key=/home/jstar/Desktop/kmc_certs/ammos-server-key.pem < " + "src/sa/sadb_mariadb_sql/empty_sadb_tc.sql"); printf("first call done\n"); - system("mysql --host=itc.kmc.nasa.gov -u cryptosvc " - "--ssl-ca=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt --ssl-verify-server-cert " - "--ssl-cert=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem " - "--ssl-key=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem < " - "src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql"); + system("mysql --host=localhost -u cryptosvc --skip-ssl-verify-server-cert " + "--ssl-ca=/home/jstar/Desktop/kmc_certs/ca.pem " + "--ssl-cert=/home/jstar/Desktop/kmc_certs/ammos-server-cert.pem " + "--ssl-key=/home/jstar/Desktop/kmc_certs/ammos-server-key.pem < " + "src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tc_unit_tests.sql"); } /** @@ -152,6 +152,7 @@ void MDB_DB_RESET() **/ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) { + remove("sa_save_file.bin"); reload_db(); // Setup & Initialize CryptoLib Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, @@ -159,132 +160,115 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, - CLIENT_CERTIFICATE_KEY, NULL, "root", "changeit"); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service", "/certs/ammos-ca-bundle.crt", + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - GvcidManagedParameters_t TC_UT_Managed_Parameters0 = { - 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters0); - GvcidManagedParameters_t TC_UT_Managed_Parameters1 = { - 0, 0x0003, 1, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters1); - GvcidManagedParameters_t TC_UT_Managed_Parameters2 = { - 0, 0x0003, 2, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters2); - GvcidManagedParameters_t TC_UT_Managed_Parameters3 = { - 0, 0x0003, 3, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; - Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters3); - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, - // AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, - // TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, - // TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + Crypto_Init(); - char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char *raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - // SaInterface sa_if = get_sa_interface_inmemory(); + // Setup & Initialize CryptoLib + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; + int32_t return_val = CRYPTO_LIB_ERROR; - // SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - // sa_if->sa_get_from_spi(1, &test_association); - // test_association->sa_state = SA_NONE; - // sa_if->sa_get_from_spi(11, &test_association); - // test_association->arsn_len = 0; - // test_association->shsnf_len = 0; - // test_association->ast = 0; - // test_association->stmacf_len = 0; - // test_association->sa_state = SA_OPERATIONAL; - // sa_if->sa_get_from_spi(11, &test_association); return_val = Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - char *truth_data_h = "2003002A0000000B00000000000000000000000000000000025364F9BC3344AF359DA06CA886746F59A0AB"; - uint8_t *truth_data_b = NULL; - int truth_data_l = 0; + char* truth_data_h = "2003003300000002000000000000000000000000E64F9B208554A8CE1CB9BF0C6D100000000000000000000000000000000084C2"; + uint8_t* truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - // printf("Encrypted Frame:\n"); - for (int i = 0; i < enc_frame_len; i++) + //printf("Encrypted Frame:\n"); + for(int i = 0; i < enc_frame_len; i++) { - // printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); + //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } - // printf("\n"); - Crypto_Shutdown(); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); } -// /** -// * @brief Unit Test: Encryption CBC KMC 1 Byte of padding -// **/ -// UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) -// { -// // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, -// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, -// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, -// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, -// "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", -// CLIENT_CERTIFICATE_KEY, NULL, NULL); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, -// TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, -// TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); Crypto_Config_Add_Gvcid_Managed_Parameter(0, -// 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, -// AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +/** + * @brief Unit Test: Encryption CBC KMC 1 Byte of padding + **/ +UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) +{ + remove("sa_save_file.bin"); + reload_db(); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", "/home/jstar/Desktop/kmc_certs/ca.pem", + NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + GvcidManagedParameters_t TC_UT_Managed_Parameters = { + 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + TC_UT_Managed_Parameters.vcid = 1; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + TC_UT_Managed_Parameters.vcid = 2; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + TC_UT_Managed_Parameters.vcid = 3; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + + + int32_t return_val = Crypto_Init(); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -// char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; -// char* raw_tc_sdls_ping_b = NULL; -// int raw_tc_sdls_ping_len = 0; -// SaInterface sa_if = get_sa_interface_inmemory(); + char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; + char* raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; -// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); -// uint8_t* ptr_enc_frame = NULL; -// uint16_t enc_frame_len = 0; + uint8_t* ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; -// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); -// // Expose the SADB Security Association for test edits. -// sa_if->sa_get_from_spi(1, &test_association); -// test_association->sa_state = SA_NONE; -// sa_if->sa_get_from_spi(11, &test_association); -// printf("SPI: %d\n", test_association->spi); -// test_association->sa_state = SA_OPERATIONAL; -// test_association->ast = 0; -// test_association->arsn_len = 0; -// sa_if->sa_get_from_spi(11, &test_association); -// return_val = -// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + // Expose the SADB Security Association for test edits. + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + sa_if->sa_get_from_spi(11, &test_association); + printf("SPI: %d\n", test_association->spi); + test_association->sa_state = SA_OPERATIONAL; + test_association->ast = 0; + test_association->arsn_len = 0; + sa_if->sa_get_from_spi(11, &test_association); + return_val = + Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); -// char* truth_data_h = "2003002A0000000B00000000000000000000000000000000011C1741A95DE7EF6FCF2B20B6F09E9FD29988"; -// uint8_t* truth_data_b = NULL; -// int truth_data_l = 0; + char* truth_data_h = "2003003400000002000000000000000000000000E64F9B208554A8CE1CB9BF0CDC5F7C00000000000000000000000000000000DF62"; + uint8_t* truth_data_b = NULL; + int truth_data_l = 0; -// hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); -// //printf("Encrypted Frame:\n"); -// for(int i = 0; i < enc_frame_len; i++) -// { -// //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); -// ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); -// } -// //printf("\n"); + hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); + //printf("Encrypted Frame:\n"); + for(int i = 0; i < enc_frame_len; i++) + { + //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); + ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); + } + //printf("\n"); -// Crypto_Shutdown(); -// free(raw_tc_sdls_ping_b); -// free(ptr_enc_frame); -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -// } + Crypto_Shutdown(); + free(raw_tc_sdls_ping_b); + free(ptr_enc_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +} // /** // * @brief Unit Test: Encryption CBC KMC 16 Bytes of padding diff --git a/test/kmc/ut_tm_kmc.c b/test/kmc/ut_tm_kmc.c new file mode 100644 index 00000000..e529aae0 --- /dev/null +++ b/test/kmc/ut_tm_kmc.c @@ -0,0 +1,278 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +/** + * Unit Tests that make use of TM Functionality with KMC Service. + **/ + +#include "ut_tm_apply.h" +#include "ut_tm_process.h" +#include "crypto.h" +#include "crypto_error.h" +#include "sa_interface.h" +#include "utest.h" + +#include +#include + +#define KMC_HOSTNAME "itc.kmc.nasa.gov" +#define CA_PATH "/home/jstar/Desktop/kmc_certs/ca.pem" +#define CLIENT_CERTIFICATE "/home/jstar/Desktop/kmc_certs/ammos-client-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/home/jstar/Desktop/kmc_certs/ammos-client-key.pem" + +void reload_db(void) +{ + printf("Resetting Database\n"); + system("mysql --host=localhost -u cryptosvc --skip-ssl-verify-server-cert " + "--ssl-ca=/home/jstar/Desktop/kmc_certs/ca.pem " + "--ssl-cert=/home/jstar/Desktop/kmc_certs/ammos-server-cert.pem " + "--ssl-key=/home/jstar/Desktop/kmc_certs/ammos-server-key.pem < " + "src/sa/sadb_mariadb_sql/empty_sadb_tm.sql"); + printf("first call done\n"); + system("mysql --host=localhost -u cryptosvc --skip-ssl-verify-server-cert " + "--ssl-ca=/home/jstar/Desktop/kmc_certs/ca.pem " + "--ssl-cert=/home/jstar/Desktop/kmc_certs/ammos-server-cert.pem " + "--ssl-key=/home/jstar/Desktop/kmc_certs/ammos-server-key.pem < " + "src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tm_unit_tests.sql"); +} + + +/** + * @brief MariaDB: Table Cleanup for Unit Tests + * Be sure to use only after initialization + * TODO: Move to shared function for all Unit Tests + */ +void MDB_DB_RESET() +{ + MYSQL *con = mysql_init(NULL); + if (sa_mariadb_config->mysql_mtls_key != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_KEY, sa_mariadb_config->mysql_mtls_key); + } + if (sa_mariadb_config->mysql_mtls_cert != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CERT, sa_mariadb_config->mysql_mtls_cert); + } + if (sa_mariadb_config->mysql_mtls_ca != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CA, sa_mariadb_config->mysql_mtls_ca); + } + if (sa_mariadb_config->mysql_mtls_capath != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CAPATH, sa_mariadb_config->mysql_mtls_capath); + } + if (sa_mariadb_config->mysql_tls_verify_server != CRYPTO_FALSE) + { + mysql_optionsv(con, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &(sa_mariadb_config->mysql_tls_verify_server)); + } + if (sa_mariadb_config->mysql_mtls_client_key_password != NULL) + { + mysql_optionsv(con, MARIADB_OPT_TLS_PASSPHRASE, sa_mariadb_config->mysql_mtls_client_key_password); + } + if (sa_mariadb_config->mysql_require_secure_transport == CRYPTO_TRUE) + { + mysql_optionsv(con, MYSQL_OPT_SSL_ENFORCE, &(sa_mariadb_config->mysql_require_secure_transport)); + } + // if encrypted connection (TLS) connection. No need for SSL Key + if (mysql_real_connect(con, sa_mariadb_config->mysql_hostname, sa_mariadb_config->mysql_username, + sa_mariadb_config->mysql_password, sa_mariadb_config->mysql_database, + sa_mariadb_config->mysql_port, NULL, 0) == NULL) + { + // 0,NULL,0 are port number, unix socket, client flag + //finish_with_error(con); + } + + printf("Truncating Tables\n"); + char *query = "TRUNCATE TABLE security_associations_tm\n"; + if (mysql_real_query(con, query, strlen(query))) + { // query should be NUL terminated! + printf("Failed to Truncate Table\n"); + //finish_with_error(con); + } + query = + "INSERT INTO security_associations_tm " + "(spi,ekid,sa_state,ecs,est,ast,shivf_len,iv_len,stmacf_len,iv,abm_len,abm,arsnw,arsn_len,tfvn,scid,vcid,mapid," + "ecs_len, shplf_len) VALUES " + "(11,'kmc/test/" + "key130',3,X'02',1,0,16,16,0,X'00000000000000000000000000000001',1024,X'" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" + "00000000000000000000000000000000000000000000000000000000000000000000',5,0,0,3,0,0,1,1)"; + if (mysql_real_query(con, query, strlen(query))) + { // query should be NUL terminated! + printf("Failed to re-create security_association_tm table for SPI 11\n"); + //finish_with_error(con); + } +} + +/** + * @brief Unit Test: Nominal Encryption CBC KMC + **/ +UTEST(TM_APPLY_KMC, HAPPY_PATH_ENC_TM_GCM_KMC) +{ + remove("sa_save_file.bin"); + reload_db(); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x0003, 1, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); + + int32_t return_val = Crypto_Init(); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + + char *raw_tm_sdls_ping_h = + "003200001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB00000000000000000000000000000000415B"; + char *raw_tm_sdls_ping_b = NULL; + int raw_tm_sdls_ping_len = 0; + // SaInterface sa_if = get_sa_interface_inmemory(); + + hex_conversion(raw_tm_sdls_ping_h, &raw_tm_sdls_ping_b, &raw_tm_sdls_ping_len); + + return_val = + Crypto_TM_ApplySecurity((uint8_t *)raw_tm_sdls_ping_b, raw_tm_sdls_ping_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + + char *truth_tm_h = "003200001800000300000000000000000000000100EAD4B927F61B18F2771E0B23EE8217F27CC1A30B55347164A4502599E66ED481B8D430CA8B102CD1547E4EF8E88C000A0D20ABADCA6F1EA3933AFB043EBB62E4C2E17FAF7C09DD0A94C4CDE0E382F66B295807F39B6D9317619D2649C96DB7ACC6EFBF3334BDCCEB0A969D2E920BC5FDA9137BDD41F49A0276544B0F4968997A505AE22A1AA4E9FF55641F04140B3445B7A063AFBB83E12A81CDFA46074DD0DB9FC86B6F67879E744458A39191AE34FC5F8B7266077D026DEFA995B9C8A8514D95992E6991C71EFEECA6DB5F8E9EA5E6C66204B7F9F2E2237640E9944258FCF9686B46A6E16DC9A0420428A14B6EEFE5619975956D2FAFCEB747C7352850E17A30023842AB33A4F9E2FD6168E187C3B730C38EE1734056C23B6D1E755EB446B61476468E01C570D5089B271C1AA3270F0488422B5A78E9BCD9EB75065F0183A887AD10A96542FF45F870C05AF113EF6C35AF298E983C5D7876A801C741D27EB742ABE305F82DACC902E9169C425212AB9ED684DAA3383B661E8848E71CD1FC050264AAFA97FC188DD0FADCF7599A800419A6302D8BA0257F5A81C5A8BB9FBF13FD9A9BA45846218DF0377EC91816F4A07550DF1B8A3B5057B3994426799466C7D8EFDEC8F8E495FD971B367795776ABF344BAD1DA919EC794FB84CD97AEDFD8FD1FB243B206CDE9BB468A1657D9A4248E7F0AA5990ABD085B7C8A2990816730D9FD74EE0BA70A7CDCB2AD8A16074EBF09BAB1F958DD18A8D9AABA4872D9FA944362CD70A5596D94D0AA99852BFEEEE19921943FF165A7CDE60057C39A5BA200B152772F8FD4935537442AF492BE09F3D063B00958F61B5905E9BAEEF940E0607A07577100382070CC55EEC0E3408AB93E9A30689115FEC0E3357732DE89D83232C313B6F0EE2B6FE315B638DA0FBE7E3F07EDD09ED1937C71C002B06C0ADE996570B1F68A4C1B8B2891DDC6162567C520435FF4F4EFB1A2B9E126E4F84302FD2C2EAA15DB58B24C88ACC33BD50041742AC9A64E9D2DD171A1CD18AD173CCE9F2DD2D8CE02AB55B87D42FB227B08029446B32D85F419928DBB67549727A79BA4CEFC6C379D0DF238AE521C5217048FDB124A168836B4486E0F91ECDF76E4A32491D94C7860C8CE03C0B41447D6E703421A5B4D3D3578F1BC1EBEE99C49D577D2DC710DCDE1BE74C1308F0D85C6570A0C28DE14C0A1E3D0FD85D894F5CC0A0D0BC824426A7EF42EB8490D318FCB75251E63E4629C1966FDF5EE3920A7CFF380DBD89DC294AFF16361F55B0DA4724DB2771857670382A0AD329D02761C3523AD2B1336B5DE85848F7D70A280F65AA05A36A1C676AC9BF9BBA71ECC7C3482B4F2A92409392A4CE5401B56C9A007338FE518E55A9B8BBE4543EA4C6B1D9CADA9783B568B8AB0D9218F95F9898693C979BF0995041F0C754EF142D6521830405F5F67249BC5DD6F187D9AC281599CB3C6BEAA4519388E983B0DEF619C809EFC2C6C7ADA36FE06B0F12A41B2FF67C416A08D1BEF6069C5544B3C66B696BDE1A64CFF59646713C7C7CFC1335E64A1A75C8290A28527AA8C087E20256A44F257B7D1B224D94DF5F189E16B7DD2CCBD458260CCA0556CA1B13F28E87B96AE6BCF0701B40BAF68B95285CFCBBB65A70BD02F4B846168EB3950AC772DCA4DB620427125944BFAF3651359E6CF97572EDB9ADD77EDF2E29DF00304ED7981965F549355BA8780909398FE6CE14B1A1D3304AB27745592F6EE62A7721900CC7326505C5D6EF9972DDDCA4472EE27E425002A283ADDAF57477ADE01329D9036ADE65298765665887342FB7653353F0C73418BD0FFBA466C6058835E4751AEE5FA275FFE5D3775C89935F1E1FC1C80D0174F8EFA87071834ADFA0EA59F7F9749AF9123E10ED01B72C8C68D6E4F58BEFE7D52B7C774C84E8C6F57BBDCA9EA2E7197FABE47A2058D3750A5BEADCB883D9288A804FF3C32E9CBC26132A5F51D16E2250EE2186E34C329D783D4E907F039A833B18358CDB0EF1AB5A0F66B5FDDCD42603B4DF499C799C02261072B834976DA5F0C50ECFC5DF355C943FC0C2E06C59B15830862E5C9E25091BE659A7D383090EEBD22C3FFFB6AD80F882FB38F4E3689821D9A058E4569D14E48E6BDB9F973AA26A4B1B683CDF0AE5F67CA93CD0519622DC9E17884657637629E2F0507683BD9E9B80423A6E8220000CE924E2B71AA3025118C7AFD578A1DB0BC7243D6F7FB839223FDB02DE3973B9D954625A11A321D9FFFB01EC1EF3AD73F6215FDC51F45A9C39D69F5D55EAE424B3E48EDE3C5A5B441EA4BF6BF578A3AB8CCD19D650742B514C4ABEC1D766D9C1A52895D93E6A905DBB1898409D60CA9CC82F03D0E2FEEB542D12B00F3E229CCDC41C5D6DCDED6A23B6CDEFBFB0C77904BB0F80C0EF2C73BBFDE8AE8E4DD6D13369F1D4CD1CC233ADE81EE90FD0B4AEAAF3DE619DBFAF431DA98731B1BC956B514759F75CCF0497561450560E01656399DDC34B0000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; + hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); + + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) + { + // printf("Checking %02x against %02X\n", (uint8_t)raw_tm_sdls_ping_b[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ((uint8_t)raw_tm_sdls_ping_b[i], (uint8_t) * (truth_tm_b + i)); + } + + Crypto_Shutdown(); + free(raw_tm_sdls_ping_b); +} + +/** + * @brief Unit Test: Nominal Encryption CBC KMC + **/ +UTEST(TM_PROCESS_KMC, HAPPY_PATH_DEC_TM_GCM_KMC) +{ + remove("sa_save_file.bin"); + reload_db(); + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, + CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + GvcidManagedParameters_t TM_UT_Managed_Parameters = { + 0, 0x0003, 1, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); + + int32_t return_val = Crypto_Init(); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + + char *raw_tm_sdls_ping_h = + "003200001800000300000000000000000000000100EAD4B927F61B18F2771E0B23EE8217F27CC1A30B55347164A4502599E66ED481B8D430CA8B102CD1547E4EF8E88C000A0D20ABADCA6F1EA3933AFB043EBB62E4C2E17FAF7C09DD0A94C4CDE0E382F66B295807F39B6D9317619D2649C96DB7ACC6EFBF3334BDCCEB0A969D2E920BC5FDA9137BDD41F49A0276544B0F4968997A505AE22A1AA4E9FF55641F04140B3445B7A063AFBB83E12A81CDFA46074DD0DB9FC86B6F67879E744458A39191AE34FC5F8B7266077D026DEFA995B9C8A8514D95992E6991C71EFEECA6DB5F8E9EA5E6C66204B7F9F2E2237640E9944258FCF9686B46A6E16DC9A0420428A14B6EEFE5619975956D2FAFCEB747C7352850E17A30023842AB33A4F9E2FD6168E187C3B730C38EE1734056C23B6D1E755EB446B61476468E01C570D5089B271C1AA3270F0488422B5A78E9BCD9EB75065F0183A887AD10A96542FF45F870C05AF113EF6C35AF298E983C5D7876A801C741D27EB742ABE305F82DACC902E9169C425212AB9ED684DAA3383B661E8848E71CD1FC050264AAFA97FC188DD0FADCF7599A800419A6302D8BA0257F5A81C5A8BB9FBF13FD9A9BA45846218DF0377EC91816F4A07550DF1B8A3B5057B3994426799466C7D8EFDEC8F8E495FD971B367795776ABF344BAD1DA919EC794FB84CD97AEDFD8FD1FB243B206CDE9BB468A1657D9A4248E7F0AA5990ABD085B7C8A2990816730D9FD74EE0BA70A7CDCB2AD8A16074EBF09BAB1F958DD18A8D9AABA4872D9FA944362CD70A5596D94D0AA99852BFEEEE19921943FF165A7CDE60057C39A5BA200B152772F8FD4935537442AF492BE09F3D063B00958F61B5905E9BAEEF940E0607A07577100382070CC55EEC0E3408AB93E9A30689115FEC0E3357732DE89D83232C313B6F0EE2B6FE315B638DA0FBE7E3F07EDD09ED1937C71C002B06C0ADE996570B1F68A4C1B8B2891DDC6162567C520435FF4F4EFB1A2B9E126E4F84302FD2C2EAA15DB58B24C88ACC33BD50041742AC9A64E9D2DD171A1CD18AD173CCE9F2DD2D8CE02AB55B87D42FB227B08029446B32D85F419928DBB67549727A79BA4CEFC6C379D0DF238AE521C5217048FDB124A168836B4486E0F91ECDF76E4A32491D94C7860C8CE03C0B41447D6E703421A5B4D3D3578F1BC1EBEE99C49D577D2DC710DCDE1BE74C1308F0D85C6570A0C28DE14C0A1E3D0FD85D894F5CC0A0D0BC824426A7EF42EB8490D318FCB75251E63E4629C1966FDF5EE3920A7CFF380DBD89DC294AFF16361F55B0DA4724DB2771857670382A0AD329D02761C3523AD2B1336B5DE85848F7D70A280F65AA05A36A1C676AC9BF9BBA71ECC7C3482B4F2A92409392A4CE5401B56C9A007338FE518E55A9B8BBE4543EA4C6B1D9CADA9783B568B8AB0D9218F95F9898693C979BF0995041F0C754EF142D6521830405F5F67249BC5DD6F187D9AC281599CB3C6BEAA4519388E983B0DEF619C809EFC2C6C7ADA36FE06B0F12A41B2FF67C416A08D1BEF6069C5544B3C66B696BDE1A64CFF59646713C7C7CFC1335E64A1A75C8290A28527AA8C087E20256A44F257B7D1B224D94DF5F189E16B7DD2CCBD458260CCA0556CA1B13F28E87B96AE6BCF0701B40BAF68B95285CFCBBB65A70BD02F4B846168EB3950AC772DCA4DB620427125944BFAF3651359E6CF97572EDB9ADD77EDF2E29DF00304ED7981965F549355BA8780909398FE6CE14B1A1D3304AB27745592F6EE62A7721900CC7326505C5D6EF9972DDDCA4472EE27E425002A283ADDAF57477ADE01329D9036ADE65298765665887342FB7653353F0C73418BD0FFBA466C6058835E4751AEE5FA275FFE5D3775C89935F1E1FC1C80D0174F8EFA87071834ADFA0EA59F7F9749AF9123E10ED01B72C8C68D6E4F58BEFE7D52B7C774C84E8C6F57BBDCA9EA2E7197FABE47A2058D3750A5BEADCB883D9288A804FF3C32E9CBC26132A5F51D16E2250EE2186E34C329D783D4E907F039A833B18358CDB0EF1AB5A0F66B5FDDCD42603B4DF499C799C02261072B834976DA5F0C50ECFC5DF355C943FC0C2E06C59B15830862E5C9E25091BE659A7D383090EEBD22C3FFFB6AD80F882FB38F4E3689821D9A058E4569D14E48E6BDB9F973AA26A4B1B683CDF0AE5F67CA93CD0519622DC9E17884657637629E2F0507683BD9E9B80423A6E8220000CE924E2B71AA3025118C7AFD578A1DB0BC7243D6F7FB839223FDB02DE3973B9D954625A11A321D9FFFB01EC1EF3AD73F6215FDC51F45A9C39D69F5D55EAE424B3E48EDE3C5A5B441EA4BF6BF578A3AB8CCD19D650742B514C4ABEC1D766D9C1A52895D93E6A905DBB1898409D60CA9CC82F03D0E2FEEB542D12B00F3E229CCDC41C5D6DCDED6A23B6CDEFBFB0C77904BB0F80C0EF2C73BBFDE8AE8E4DD6D13369F1D4CD1CC233ADE81EE90FD0B4AEAAF3DE619DBFAF431DA98731B1BC956B514759F75CCF0497561450560E01656399DDC34B0000"; + char *raw_tm_sdls_ping_b = NULL; + int raw_tm_sdls_ping_len = 0; + + hex_conversion(raw_tm_sdls_ping_h, &raw_tm_sdls_ping_b, &raw_tm_sdls_ping_len); + TM_t *tm_frame; + tm_frame = malloc(sizeof(uint8_t) * TM_SIZE); + memset(tm_frame, 0, (sizeof(uint8_t) * TM_SIZE)); + uint16_t processed_tm_len = 0; + + return_val = + Crypto_TM_ProcessSecurity((uint8_t *)raw_tm_sdls_ping_b, raw_tm_sdls_ping_len, tm_frame, &processed_tm_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + + char *truth_tm_h = "003200001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; + char *truth_tm_b = NULL; + int truth_tm_len = 0; + hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); + SecurityAssociation_t *sa_ptr = NULL; + sa_if->sa_get_from_spi(3, &sa_ptr); + uint16_t offset = TM_FRAME_PRIMARYHEADER_SIZE + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + sa_ptr->shplf_len; + for (int i = 0; i < tm_frame->tm_pdu_len; i++) + { + // printf("Checking %02x against %02X\n", (uint8_t)raw_tm_sdls_ping_b[i], (uint8_t) * (truth_tm_b + i)); + ASSERT_EQ((uint8_t)tm_frame->tm_pdu[i], (uint8_t) * (truth_tm_b + i + offset)); + } + + Crypto_Shutdown(); + free(raw_tm_sdls_ping_b); +} + +UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 519e798b..716c49ab 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -364,14 +364,14 @@ UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) ASSERT_EQ(SDLS_TLV_HDR_SIZE, (size_t)3); ASSERT_EQ(SDLS_TLV_SIZE, (size_t)497); ASSERT_EQ(SDLS_EKB_SIZE, (size_t)514); - ASSERT_EQ(SDLS_OTAR_SIZE, (size_t)(2 + 16 + 30 * 514 + 16)); + ASSERT_EQ(SDLS_OTAR_SIZE, (size_t)(2 + IV_SIZE + SDLS_EKB_LEN * 514 + MAC_SIZE)); ASSERT_EQ(SDLS_KEY_SIZE, (size_t)2); ASSERT_EQ(SDLS_KEY_INVENTORY_CMD_SIZE, (size_t)4); ASSERT_EQ(SDLS_KEY_INVENTORY_RPLY_SIZE, (size_t)3); ASSERT_EQ(SDLS_KEYV_CMD_BLK_SIZE, (size_t)18); ASSERT_EQ(SDLS_KEYV_CMD_SIZE, (size_t)(29 * 18)); - ASSERT_EQ(SDLS_KEYV_RPLY_BLK_SIZE, (size_t)46); - ASSERT_EQ(SDLS_KEYV_RPLY_SIZE, (size_t)(46 * 29)); + ASSERT_EQ(SDLS_KEYV_RPLY_BLK_SIZE, (size_t)30 + MAC_SIZE); + ASSERT_EQ(SDLS_KEYV_RPLY_SIZE, (size_t)((30 + MAC_SIZE) * 29)); ASSERT_EQ(SDLS_KEYDB_CMD_SIZE, (size_t)12); ASSERT_EQ(SDLS_KEYDB_RPLY_SIZE, (size_t)38); ASSERT_EQ(SDLS_SA_STATUS_RPLY_SIZE, (size_t)3); @@ -383,8 +383,8 @@ UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) ASSERT_EQ(SDLS_MC_SN_RPLY_SIZE, (size_t)16); ASSERT_EQ(TC_FRAME_PRIMARYHEADER_STRUCT_SIZE, (size_t)5); ASSERT_EQ(TC_FRAME_SECHEADER_SIZE, (size_t)40); - ASSERT_EQ(TC_FRAME_SECTRAILER_SIZE, (size_t)19); - ASSERT_EQ(TC_SIZE, (size_t)(5 + 40 + 19 + 2 + 1019)); + ASSERT_EQ(TC_FRAME_SECTRAILER_SIZE, (size_t)MAC_SIZE + 3); + ASSERT_EQ(TC_SIZE, (size_t)(5 + 40 + MAC_SIZE + 3 + 2 + 1019)); ASSERT_EQ(CCSDS_HDR_SIZE, (size_t)6); ASSERT_EQ(ECSS_PUS_SIZE, (size_t)4); ASSERT_EQ(CCSDS_SIZE, (size_t)(6 + 4 + 497)); @@ -392,12 +392,12 @@ UTEST(CRYPTO_C, STRUCT_SIZE_VERIFICATION) ASSERT_EQ(TELEMETRY_FRAME_OCF_FSR_SIZE, (size_t)4); ASSERT_EQ(TM_FRAME_PRIMARYHEADER_SIZE, (size_t)6); ASSERT_EQ(TM_FRAME_SECHEADER_SIZE, (size_t)39); - ASSERT_EQ(TM_FRAME_SECTRAILER_SIZE, (size_t)24); - ASSERT_EQ(TM_SIZE, (size_t)(6 + 39 + 1786 + 24 + 2)); + ASSERT_EQ(TM_FRAME_SECTRAILER_SIZE, (size_t)MAC_SIZE + 8); + ASSERT_EQ(TM_SIZE, (size_t)(6 + 39 + 1786 + MAC_SIZE + 8 + 2)); ASSERT_EQ(AOS_FRAME_PRIMARYHEADER_SIZE, (size_t)8); ASSERT_EQ(AOS_FRAME_SECHEADER_SIZE, (size_t)71); - ASSERT_EQ(AOS_FRAME_SECTRAILER_SIZE, (size_t)24); - ASSERT_EQ(AOS_SIZE, (size_t)(8 + 71 + 1786 + 24 + 2)); + ASSERT_EQ(AOS_FRAME_SECTRAILER_SIZE, (size_t)MAC_SIZE + 8); + ASSERT_EQ(AOS_SIZE, (size_t)(8 + 71 + 1786 + MAC_SIZE + 8 + 2)); } #ifndef CRYPTO_EPROC From a7beb804b20cb1df62ff940f964d8ec6d09715aa Mon Sep 17 00:00:00 2001 From: Donnie-Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Tue, 19 Aug 2025 20:16:08 +0000 Subject: [PATCH 15/37] style: auto-format via clang-format --- src/core/crypto_config.c | 2 +- .../mariadb/sa_interface_mariadb.template.c | 4 +- test/kmc/ut_aos_kmc.c | 129 +++++++++++++++--- test/kmc/ut_tc_kmc.c | 63 +++++---- test/kmc/ut_tm_kmc.c | 124 +++++++++++++++-- 5 files changed, 259 insertions(+), 63 deletions(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 4c98dfd5..d0b923cb 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -308,7 +308,7 @@ int32_t Crypto_Init(void) { return status; } - + // TODO: Check and return status on error /* MC Interface */ if (mc_if == NULL) diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index 53d5d383..83861027 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -223,8 +223,8 @@ static int32_t sa_save_sa(SecurityAssociation_t *sa) char *arsn_h = malloc(sa->arsn_len * 2 + 1); convert_byte_array_to_hexstring(sa->arsn, sa->arsn_len, arsn_h); - snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, mariadb_table_name, iv_h, arsn_h, sa->spi, - sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); + snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, mariadb_table_name, iv_h, arsn_h, + sa->spi, sa->gvcid_blk.tfvn, sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); free(iv_h); free(arsn_h); diff --git a/test/kmc/ut_aos_kmc.c b/test/kmc/ut_aos_kmc.c index 04767a01..7c99cc2d 100644 --- a/test/kmc/ut_aos_kmc.c +++ b/test/kmc/ut_aos_kmc.c @@ -92,7 +92,7 @@ void MDB_DB_RESET() sa_mariadb_config->mysql_port, NULL, 0) == NULL) { // 0,NULL,0 are port number, unix socket, client flag - //finish_with_error(con); + // finish_with_error(con); } printf("Truncating Tables\n"); @@ -100,7 +100,7 @@ void MDB_DB_RESET() if (mysql_real_query(con, query, strlen(query))) { // query should be NUL terminated! printf("Failed to Truncate Table\n"); - //finish_with_error(con); + // finish_with_error(con); } query = "INSERT INTO security_associations_aos " @@ -130,7 +130,7 @@ void MDB_DB_RESET() if (mysql_real_query(con, query, strlen(query))) { // query should be NUL terminated! printf("Failed to re-create security_association_aos table for SPI 11\n"); - //finish_with_error(con); + // finish_with_error(con); } } @@ -154,11 +154,11 @@ UTEST(AOS_APPLY_KMC, HAPPY_PATH_ENC_AOS_CBC_KMC) GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - + int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char *raw_aos_sdls_ping_h = + char *raw_aos_sdls_ping_h = "40C0000000000000112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" @@ -198,15 +198,47 @@ UTEST(AOS_APPLY_KMC, HAPPY_PATH_ENC_AOS_CBC_KMC) hex_conversion(raw_aos_sdls_ping_h, &raw_aos_sdls_ping_b, &raw_aos_sdls_ping_len); aos_frame_pri_hdr.tfvn = ((uint8_t)raw_aos_sdls_ping_b[0] & 0xC0) >> 6; - aos_frame_pri_hdr.scid = (((uint16_t)raw_aos_sdls_ping_b[0] & 0x3F) << 2) | (((uint16_t)raw_aos_sdls_ping_b[1] & 0xC0) >> 6); + aos_frame_pri_hdr.scid = + (((uint16_t)raw_aos_sdls_ping_b[0] & 0x3F) << 2) | (((uint16_t)raw_aos_sdls_ping_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)raw_aos_sdls_ping_b[1] & 0x3F); - return_val = - Crypto_AOS_ApplySecurity((uint8_t *)raw_aos_sdls_ping_b, raw_aos_sdls_ping_len); + return_val = Crypto_AOS_ApplySecurity((uint8_t *)raw_aos_sdls_ping_b, raw_aos_sdls_ping_len); // Truth frame setup char *truth_aos_h = - "40C0000000000013000000000000000000000001BB73A3818AB2D7C51A5A14B6674439BB9B7DC0B21A44256075B5413488F77FC590A9C521DB9A013DC0456F5FE9F99D111B1C31BABCDB7E0FB2822BEA152FAA73F5D3F06EBE6D18CC1B85D5DCF1F293E77A384916E28A7C8206708C3758D87CA6BDD7FEAE2225ACDDFA1B878C3F831AD4ECB8026ACC50E58B1367455A1E5879886B414BF33B0BB5F8EE44750E15051A2554A6B172BEAA92F03B90DCEB57165CC1CA8ED97A7E76968F655549B28080BF25ED4E9A6377166C137CFEB884A8D9B9405C84883F7880D60FEFFDB7CA4E9F8FB4F7D77315A6E8E3F3326751F8855349EDE8797A57B7F07CD8B1531539B05A7FFEF4708864847C3EBEDFA656D6243941F06B21132953BA22B5E8F3EC7079F096D2A621D29FF0625147D32A7C0F644FA557A70567579F10D461C4198A360D0BB2361E1599533A4B69F8ADC8FA64174E1092B996BC01B87453EE54E961D14BE002FE7D24BE389F892D4C6967B910D650C36FA653BAF214E93CBDD813F8078D534303BA8FC795CBB2292A770F9959F60DC0ED141375BBEB86ED099CC1EBCDE6488B911508B7213C9AB1346E4B90D4B9AA8EAE02EC8B8AB54957309CE1266FD80907E5B16441CE0A9B2A4146A2885537688577D6C9FECFD9E9F584EC860A276684667BAE255ABC0CB808FD685EA95DC86BFCEC9EC0EA352A317DCF8AA579B0746C8B5359F6E1BB4881BAC194A6D9B3881907621C8EC65FF1AB61B6DCDA3BC9B07165FAE18ABA0E849CC09B9C8BBAB5963C8EB855273DC61B4487C85C1BB88943AEFFFF08830852EE074B6DCF71146D28B4AB311A043663E9EC5824426553BE583AF18E2C172A11849E70A4814F8ABFFE851F1716B16466011293161DD44FFD1F2519BA82F8B21798004EFD1F2246623CF98C92323D202A7E1FF3A7EF204A729CB1EAF6F2E16FCC18FC0826D60D113A17D1BCF887461A0E79B5D0A9A3980CCD7073476D431524EE5E5FEA0B3A8F037F5E95213EC3D3FBB04CA49A35D99BDD22AC41150653BD8B75F8C3CC060B0DC09BC062DDF8E3CC3C9DF13BA44A96C53EA336A19138557A23C94E508839CAA76458636B68AB5DFED7D268C1CE329BF430D4306159ECA035B079927A5597F1E80FDCE67F5B23580C85D6971D9DF12D1A50556C7F612530B4A5C2C2469E0AD0FAFF88D58C466C3CD601CDCF0AF65D0219E1C94D7461B1D39CF05D1B0F2C1EC94C985E4DD1B1C1AD935537B6FE53FA9581C209EDA64340F72F5738D0877ECE4FF2831B6DEE291CAC98CD385BEE07270E44A1CB5635CA3660946761293B1BC238C13670D2432BC3A0227A4CF94959E6C61B391E74BB14B27B0D767BD8AE8AAB60FDD6D2593A5E3B83518283B5DF4510A47D8B116229EF409F44B8A9AAF5452FB5D7A0C8DBCB8692A479A9BA1C8309E84E8989782D868AE1884150E1D645FE053C7430921514E4E76358AD4CC7E096C8BD390488DA2D7AFBB5408299F892A1CFE708D918FED3D7D6BCB27EF17A1E03B50A3EE76D507B19C0AFE7178D4455A2D77A787ACF0B75DEE48757602D6D6DED0224F75B0B64D9381B39436BB9D196F31347B55E346A6C0A335C85CE4E098F07A6CC3DDAC549371DDB1447DB0A02E39F96A87BF7ADE1610A51ABE79A84394DEDAAA74B61AC13E5A957079FA2841BD663CDB5CA731536034855AEBE2740248F7DE86463FCA8BCC66FCE3F38CE11215FC6890874E458244AB9691818289EF7DF05A0B0C2215BA36654483E7FF73B6630811DD6237414D4C7FE8863CCCDB5563FF36F534113B392BCCBE46566BCF10238C8127BCF74389674774996253EA6742242E1D62509AC1EEAB577D7149924F5640BFF4EB364EEF4C2664D98824E0F0ED0D91C1065E9FEB96160925BCEB1FB48E6E8658BE8032F01FC10A63D9D79C7F5E49AFEF6C43A6D665D95F9D7E46AACDB8FB3F6086EBAF56B3149C2641B4AFBCDA992C8399B915EE2D23F8DAD37023B4E40C07F3341FF3097F25D238C692C5F816E128B922A09249DCA1FE0BA4B1E77A4ECCDC53712A5CE588D688D13370163A925867CB4E1D41FDED4CE244D852ED1D3F17D48A04921973F4D8F34180AF748B6C292181FFAC33D2EEEA7BC91E993EA29E5F2798930C8B149F5478C05F59F7ACA8E862BB37B5A0A792DCE1BF4E76DB82DC1408733CD8F06995746726738F3E1416792AC8F8A91532B7F9331111DF835F3A60BB2134009D6BEC469B0CA1AD6352C7E6EA928332ECA13CF2862A8C845734B00B230C8EEEA10FD0FE2BC62E7304ECD40E54B8D28C78E4C44FBF535A2F59FCF2D4B4A550FB5AE7AE469B2BA9DDC08C741653A405D5BAFD0C677C8D0B43984C82F7B814CAA0989518C71DB8DD93E12C1F3EFFA453C03A11E2F338DDCD50D4C7CDCFC7B32A7DCFEAEA1D66815AA1E91D1FE3D62AAECF9BF9F5CC7C02278E0C5DC0DD322BCF90FF81EC1A5BFBBE2CF708CAEBE520CB89620A0AD847A405648E6A01F658313107B1E143EF2D86100F4610000"; + "40C0000000000013000000000000000000000001BB73A3818AB2D7C51A5A14B6674439BB9B7DC0B21A44256075B5413488F77FC590A9C5" + "21DB9A013DC0456F5FE9F99D111B1C31BABCDB7E0FB2822BEA152FAA73F5D3F06EBE6D18CC1B85D5DCF1F293E77A384916E28A7C820670" + "8C3758D87CA6BDD7FEAE2225ACDDFA1B878C3F831AD4ECB8026ACC50E58B1367455A1E5879886B414BF33B0BB5F8EE44750E15051A2554" + "A6B172BEAA92F03B90DCEB57165CC1CA8ED97A7E76968F655549B28080BF25ED4E9A6377166C137CFEB884A8D9B9405C84883F7880D60F" + "EFFDB7CA4E9F8FB4F7D77315A6E8E3F3326751F8855349EDE8797A57B7F07CD8B1531539B05A7FFEF4708864847C3EBEDFA656D6243941" + "F06B21132953BA22B5E8F3EC7079F096D2A621D29FF0625147D32A7C0F644FA557A70567579F10D461C4198A360D0BB2361E1599533A4B" + "69F8ADC8FA64174E1092B996BC01B87453EE54E961D14BE002FE7D24BE389F892D4C6967B910D650C36FA653BAF214E93CBDD813F8078D" + "534303BA8FC795CBB2292A770F9959F60DC0ED141375BBEB86ED099CC1EBCDE6488B911508B7213C9AB1346E4B90D4B9AA8EAE02EC8B8A" + "B54957309CE1266FD80907E5B16441CE0A9B2A4146A2885537688577D6C9FECFD9E9F584EC860A276684667BAE255ABC0CB808FD685EA9" + "5DC86BFCEC9EC0EA352A317DCF8AA579B0746C8B5359F6E1BB4881BAC194A6D9B3881907621C8EC65FF1AB61B6DCDA3BC9B07165FAE18A" + "BA0E849CC09B9C8BBAB5963C8EB855273DC61B4487C85C1BB88943AEFFFF08830852EE074B6DCF71146D28B4AB311A043663E9EC582442" + "6553BE583AF18E2C172A11849E70A4814F8ABFFE851F1716B16466011293161DD44FFD1F2519BA82F8B21798004EFD1F2246623CF98C92" + "323D202A7E1FF3A7EF204A729CB1EAF6F2E16FCC18FC0826D60D113A17D1BCF887461A0E79B5D0A9A3980CCD7073476D431524EE5E5FEA" + "0B3A8F037F5E95213EC3D3FBB04CA49A35D99BDD22AC41150653BD8B75F8C3CC060B0DC09BC062DDF8E3CC3C9DF13BA44A96C53EA336A1" + "9138557A23C94E508839CAA76458636B68AB5DFED7D268C1CE329BF430D4306159ECA035B079927A5597F1E80FDCE67F5B23580C85D697" + "1D9DF12D1A50556C7F612530B4A5C2C2469E0AD0FAFF88D58C466C3CD601CDCF0AF65D0219E1C94D7461B1D39CF05D1B0F2C1EC94C985E" + "4DD1B1C1AD935537B6FE53FA9581C209EDA64340F72F5738D0877ECE4FF2831B6DEE291CAC98CD385BEE07270E44A1CB5635CA36609467" + "61293B1BC238C13670D2432BC3A0227A4CF94959E6C61B391E74BB14B27B0D767BD8AE8AAB60FDD6D2593A5E3B83518283B5DF4510A47D" + "8B116229EF409F44B8A9AAF5452FB5D7A0C8DBCB8692A479A9BA1C8309E84E8989782D868AE1884150E1D645FE053C7430921514E4E763" + "58AD4CC7E096C8BD390488DA2D7AFBB5408299F892A1CFE708D918FED3D7D6BCB27EF17A1E03B50A3EE76D507B19C0AFE7178D4455A2D7" + "7A787ACF0B75DEE48757602D6D6DED0224F75B0B64D9381B39436BB9D196F31347B55E346A6C0A335C85CE4E098F07A6CC3DDAC549371D" + "DB1447DB0A02E39F96A87BF7ADE1610A51ABE79A84394DEDAAA74B61AC13E5A957079FA2841BD663CDB5CA731536034855AEBE2740248F" + "7DE86463FCA8BCC66FCE3F38CE11215FC6890874E458244AB9691818289EF7DF05A0B0C2215BA36654483E7FF73B6630811DD6237414D4" + "C7FE8863CCCDB5563FF36F534113B392BCCBE46566BCF10238C8127BCF74389674774996253EA6742242E1D62509AC1EEAB577D7149924" + "F5640BFF4EB364EEF4C2664D98824E0F0ED0D91C1065E9FEB96160925BCEB1FB48E6E8658BE8032F01FC10A63D9D79C7F5E49AFEF6C43A" + "6D665D95F9D7E46AACDB8FB3F6086EBAF56B3149C2641B4AFBCDA992C8399B915EE2D23F8DAD37023B4E40C07F3341FF3097F25D238C69" + "2C5F816E128B922A09249DCA1FE0BA4B1E77A4ECCDC53712A5CE588D688D13370163A925867CB4E1D41FDED4CE244D852ED1D3F17D48A0" + "4921973F4D8F34180AF748B6C292181FFAC33D2EEEA7BC91E993EA29E5F2798930C8B149F5478C05F59F7ACA8E862BB37B5A0A792DCE1B" + "F4E76DB82DC1408733CD8F06995746726738F3E1416792AC8F8A91532B7F9331111DF835F3A60BB2134009D6BEC469B0CA1AD6352C7E6E" + "A928332ECA13CF2862A8C845734B00B230C8EEEA10FD0FE2BC62E7304ECD40E54B8D28C78E4C44FBF535A2F59FCF2D4B4A550FB5AE7AE4" + "69B2BA9DDC08C741653A405D5BAFD0C677C8D0B43984C82F7B814CAA0989518C71DB8DD93E12C1F3EFFA453C03A11E2F338DDCD50D4C7C" + "DCFC7B32A7DCFEAEA1D66815AA1E91D1FE3D62AAECF9BF9F5CC7C02278E0C5DC0DD322BCF90FF81EC1A5BFBBE2CF708CAEBE520CB89620" + "A0AD847A405648E6A01F658313107B1E143EF2D86100F4610000"; char *truth_aos_b = NULL; int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); @@ -245,27 +277,92 @@ UTEST(AOS_PROCESS_KMC, HAPPY_PATH_DEC_AOS_CBC_KMC) GvcidManagedParameters_t AOS_UT_Managed_Parameters = { 1, 0x0003, 0, AOS_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); - + int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char *raw_aos_sdls_ping_h = - "40C0000000000013000000000000000000000001BB73A3818AB2D7C51A5A14B6674439BB9B7DC0B21A44256075B5413488F77FC590A9C521DB9A013DC0456F5FE9F99D111B1C31BABCDB7E0FB2822BEA152FAA73F5D3F06EBE6D18CC1B85D5DCF1F293E77A384916E28A7C8206708C3758D87CA6BDD7FEAE2225ACDDFA1B878C3F831AD4ECB8026ACC50E58B1367455A1E5879886B414BF33B0BB5F8EE44750E15051A2554A6B172BEAA92F03B90DCEB57165CC1CA8ED97A7E76968F655549B28080BF25ED4E9A6377166C137CFEB884A8D9B9405C84883F7880D60FEFFDB7CA4E9F8FB4F7D77315A6E8E3F3326751F8855349EDE8797A57B7F07CD8B1531539B05A7FFEF4708864847C3EBEDFA656D6243941F06B21132953BA22B5E8F3EC7079F096D2A621D29FF0625147D32A7C0F644FA557A70567579F10D461C4198A360D0BB2361E1599533A4B69F8ADC8FA64174E1092B996BC01B87453EE54E961D14BE002FE7D24BE389F892D4C6967B910D650C36FA653BAF214E93CBDD813F8078D534303BA8FC795CBB2292A770F9959F60DC0ED141375BBEB86ED099CC1EBCDE6488B911508B7213C9AB1346E4B90D4B9AA8EAE02EC8B8AB54957309CE1266FD80907E5B16441CE0A9B2A4146A2885537688577D6C9FECFD9E9F584EC860A276684667BAE255ABC0CB808FD685EA95DC86BFCEC9EC0EA352A317DCF8AA579B0746C8B5359F6E1BB4881BAC194A6D9B3881907621C8EC65FF1AB61B6DCDA3BC9B07165FAE18ABA0E849CC09B9C8BBAB5963C8EB855273DC61B4487C85C1BB88943AEFFFF08830852EE074B6DCF71146D28B4AB311A043663E9EC5824426553BE583AF18E2C172A11849E70A4814F8ABFFE851F1716B16466011293161DD44FFD1F2519BA82F8B21798004EFD1F2246623CF98C92323D202A7E1FF3A7EF204A729CB1EAF6F2E16FCC18FC0826D60D113A17D1BCF887461A0E79B5D0A9A3980CCD7073476D431524EE5E5FEA0B3A8F037F5E95213EC3D3FBB04CA49A35D99BDD22AC41150653BD8B75F8C3CC060B0DC09BC062DDF8E3CC3C9DF13BA44A96C53EA336A19138557A23C94E508839CAA76458636B68AB5DFED7D268C1CE329BF430D4306159ECA035B079927A5597F1E80FDCE67F5B23580C85D6971D9DF12D1A50556C7F612530B4A5C2C2469E0AD0FAFF88D58C466C3CD601CDCF0AF65D0219E1C94D7461B1D39CF05D1B0F2C1EC94C985E4DD1B1C1AD935537B6FE53FA9581C209EDA64340F72F5738D0877ECE4FF2831B6DEE291CAC98CD385BEE07270E44A1CB5635CA3660946761293B1BC238C13670D2432BC3A0227A4CF94959E6C61B391E74BB14B27B0D767BD8AE8AAB60FDD6D2593A5E3B83518283B5DF4510A47D8B116229EF409F44B8A9AAF5452FB5D7A0C8DBCB8692A479A9BA1C8309E84E8989782D868AE1884150E1D645FE053C7430921514E4E76358AD4CC7E096C8BD390488DA2D7AFBB5408299F892A1CFE708D918FED3D7D6BCB27EF17A1E03B50A3EE76D507B19C0AFE7178D4455A2D77A787ACF0B75DEE48757602D6D6DED0224F75B0B64D9381B39436BB9D196F31347B55E346A6C0A335C85CE4E098F07A6CC3DDAC549371DDB1447DB0A02E39F96A87BF7ADE1610A51ABE79A84394DEDAAA74B61AC13E5A957079FA2841BD663CDB5CA731536034855AEBE2740248F7DE86463FCA8BCC66FCE3F38CE11215FC6890874E458244AB9691818289EF7DF05A0B0C2215BA36654483E7FF73B6630811DD6237414D4C7FE8863CCCDB5563FF36F534113B392BCCBE46566BCF10238C8127BCF74389674774996253EA6742242E1D62509AC1EEAB577D7149924F5640BFF4EB364EEF4C2664D98824E0F0ED0D91C1065E9FEB96160925BCEB1FB48E6E8658BE8032F01FC10A63D9D79C7F5E49AFEF6C43A6D665D95F9D7E46AACDB8FB3F6086EBAF56B3149C2641B4AFBCDA992C8399B915EE2D23F8DAD37023B4E40C07F3341FF3097F25D238C692C5F816E128B922A09249DCA1FE0BA4B1E77A4ECCDC53712A5CE588D688D13370163A925867CB4E1D41FDED4CE244D852ED1D3F17D48A04921973F4D8F34180AF748B6C292181FFAC33D2EEEA7BC91E993EA29E5F2798930C8B149F5478C05F59F7ACA8E862BB37B5A0A792DCE1BF4E76DB82DC1408733CD8F06995746726738F3E1416792AC8F8A91532B7F9331111DF835F3A60BB2134009D6BEC469B0CA1AD6352C7E6EA928332ECA13CF2862A8C845734B00B230C8EEEA10FD0FE2BC62E7304ECD40E54B8D28C78E4C44FBF535A2F59FCF2D4B4A550FB5AE7AE469B2BA9DDC08C741653A405D5BAFD0C677C8D0B43984C82F7B814CAA0989518C71DB8DD93E12C1F3EFFA453C03A11E2F338DDCD50D4C7CDCFC7B32A7DCFEAEA1D66815AA1E91D1FE3D62AAECF9BF9F5CC7C02278E0C5DC0DD322BCF90FF81EC1A5BFBBE2CF708CAEBE520CB89620A0AD847A405648E6A01F658313107B1E143EF2D86100F4610000"; + char *raw_aos_sdls_ping_h = + "40C0000000000013000000000000000000000001BB73A3818AB2D7C51A5A14B6674439BB9B7DC0B21A44256075B5413488F77FC590A9C5" + "21DB9A013DC0456F5FE9F99D111B1C31BABCDB7E0FB2822BEA152FAA73F5D3F06EBE6D18CC1B85D5DCF1F293E77A384916E28A7C820670" + "8C3758D87CA6BDD7FEAE2225ACDDFA1B878C3F831AD4ECB8026ACC50E58B1367455A1E5879886B414BF33B0BB5F8EE44750E15051A2554" + "A6B172BEAA92F03B90DCEB57165CC1CA8ED97A7E76968F655549B28080BF25ED4E9A6377166C137CFEB884A8D9B9405C84883F7880D60F" + "EFFDB7CA4E9F8FB4F7D77315A6E8E3F3326751F8855349EDE8797A57B7F07CD8B1531539B05A7FFEF4708864847C3EBEDFA656D6243941" + "F06B21132953BA22B5E8F3EC7079F096D2A621D29FF0625147D32A7C0F644FA557A70567579F10D461C4198A360D0BB2361E1599533A4B" + "69F8ADC8FA64174E1092B996BC01B87453EE54E961D14BE002FE7D24BE389F892D4C6967B910D650C36FA653BAF214E93CBDD813F8078D" + "534303BA8FC795CBB2292A770F9959F60DC0ED141375BBEB86ED099CC1EBCDE6488B911508B7213C9AB1346E4B90D4B9AA8EAE02EC8B8A" + "B54957309CE1266FD80907E5B16441CE0A9B2A4146A2885537688577D6C9FECFD9E9F584EC860A276684667BAE255ABC0CB808FD685EA9" + "5DC86BFCEC9EC0EA352A317DCF8AA579B0746C8B5359F6E1BB4881BAC194A6D9B3881907621C8EC65FF1AB61B6DCDA3BC9B07165FAE18A" + "BA0E849CC09B9C8BBAB5963C8EB855273DC61B4487C85C1BB88943AEFFFF08830852EE074B6DCF71146D28B4AB311A043663E9EC582442" + "6553BE583AF18E2C172A11849E70A4814F8ABFFE851F1716B16466011293161DD44FFD1F2519BA82F8B21798004EFD1F2246623CF98C92" + "323D202A7E1FF3A7EF204A729CB1EAF6F2E16FCC18FC0826D60D113A17D1BCF887461A0E79B5D0A9A3980CCD7073476D431524EE5E5FEA" + "0B3A8F037F5E95213EC3D3FBB04CA49A35D99BDD22AC41150653BD8B75F8C3CC060B0DC09BC062DDF8E3CC3C9DF13BA44A96C53EA336A1" + "9138557A23C94E508839CAA76458636B68AB5DFED7D268C1CE329BF430D4306159ECA035B079927A5597F1E80FDCE67F5B23580C85D697" + "1D9DF12D1A50556C7F612530B4A5C2C2469E0AD0FAFF88D58C466C3CD601CDCF0AF65D0219E1C94D7461B1D39CF05D1B0F2C1EC94C985E" + "4DD1B1C1AD935537B6FE53FA9581C209EDA64340F72F5738D0877ECE4FF2831B6DEE291CAC98CD385BEE07270E44A1CB5635CA36609467" + "61293B1BC238C13670D2432BC3A0227A4CF94959E6C61B391E74BB14B27B0D767BD8AE8AAB60FDD6D2593A5E3B83518283B5DF4510A47D" + "8B116229EF409F44B8A9AAF5452FB5D7A0C8DBCB8692A479A9BA1C8309E84E8989782D868AE1884150E1D645FE053C7430921514E4E763" + "58AD4CC7E096C8BD390488DA2D7AFBB5408299F892A1CFE708D918FED3D7D6BCB27EF17A1E03B50A3EE76D507B19C0AFE7178D4455A2D7" + "7A787ACF0B75DEE48757602D6D6DED0224F75B0B64D9381B39436BB9D196F31347B55E346A6C0A335C85CE4E098F07A6CC3DDAC549371D" + "DB1447DB0A02E39F96A87BF7ADE1610A51ABE79A84394DEDAAA74B61AC13E5A957079FA2841BD663CDB5CA731536034855AEBE2740248F" + "7DE86463FCA8BCC66FCE3F38CE11215FC6890874E458244AB9691818289EF7DF05A0B0C2215BA36654483E7FF73B6630811DD6237414D4" + "C7FE8863CCCDB5563FF36F534113B392BCCBE46566BCF10238C8127BCF74389674774996253EA6742242E1D62509AC1EEAB577D7149924" + "F5640BFF4EB364EEF4C2664D98824E0F0ED0D91C1065E9FEB96160925BCEB1FB48E6E8658BE8032F01FC10A63D9D79C7F5E49AFEF6C43A" + "6D665D95F9D7E46AACDB8FB3F6086EBAF56B3149C2641B4AFBCDA992C8399B915EE2D23F8DAD37023B4E40C07F3341FF3097F25D238C69" + "2C5F816E128B922A09249DCA1FE0BA4B1E77A4ECCDC53712A5CE588D688D13370163A925867CB4E1D41FDED4CE244D852ED1D3F17D48A0" + "4921973F4D8F34180AF748B6C292181FFAC33D2EEEA7BC91E993EA29E5F2798930C8B149F5478C05F59F7ACA8E862BB37B5A0A792DCE1B" + "F4E76DB82DC1408733CD8F06995746726738F3E1416792AC8F8A91532B7F9331111DF835F3A60BB2134009D6BEC469B0CA1AD6352C7E6E" + "A928332ECA13CF2862A8C845734B00B230C8EEEA10FD0FE2BC62E7304ECD40E54B8D28C78E4C44FBF535A2F59FCF2D4B4A550FB5AE7AE4" + "69B2BA9DDC08C741653A405D5BAFD0C677C8D0B43984C82F7B814CAA0989518C71DB8DD93E12C1F3EFFA453C03A11E2F338DDCD50D4C7C" + "DCFC7B32A7DCFEAEA1D66815AA1E91D1FE3D62AAECF9BF9F5CC7C02278E0C5DC0DD322BCF90FF81EC1A5BFBBE2CF708CAEBE520CB89620" + "A0AD847A405648E6A01F658313107B1E143EF2D86100F4610000"; char *raw_aos_sdls_ping_b = NULL; int raw_aos_sdls_ping_len = 0; hex_conversion(raw_aos_sdls_ping_h, &raw_aos_sdls_ping_b, &raw_aos_sdls_ping_len); aos_frame_pri_hdr.tfvn = ((uint8_t)raw_aos_sdls_ping_b[0] & 0xC0) >> 6; - aos_frame_pri_hdr.scid = (((uint16_t)raw_aos_sdls_ping_b[0] & 0x3F) << 2) | (((uint16_t)raw_aos_sdls_ping_b[1] & 0xC0) >> 6); + aos_frame_pri_hdr.scid = + (((uint16_t)raw_aos_sdls_ping_b[0] & 0x3F) << 2) | (((uint16_t)raw_aos_sdls_ping_b[1] & 0xC0) >> 6); aos_frame_pri_hdr.vcid = ((uint8_t)raw_aos_sdls_ping_b[1] & 0x3F); - return_val = - Crypto_AOS_ProcessSecurity((uint8_t *)raw_aos_sdls_ping_b, raw_aos_sdls_ping_len, ptr_processed_frame, &processed_aos_len); + return_val = Crypto_AOS_ProcessSecurity((uint8_t *)raw_aos_sdls_ping_b, raw_aos_sdls_ping_len, ptr_processed_frame, + &processed_aos_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); char *truth_aos_h = - "40C0000000000000000000000000000000000000DDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA000000000000000000000000000000000000"; + "40C0000000000000000000000000000000000000DDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAA000000000000000000000000000000000000"; char *truth_aos_b = NULL; int truth_aos_len = 0; hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len); diff --git a/test/kmc/ut_tc_kmc.c b/test/kmc/ut_tc_kmc.c index faff2dfe..9af194ba 100644 --- a/test/kmc/ut_tc_kmc.c +++ b/test/kmc/ut_tc_kmc.c @@ -161,36 +161,38 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", "/home/jstar/Desktop/kmc_certs/ca.pem", - NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); GvcidManagedParameters_t TC_UT_Managed_Parameters = { 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); Crypto_Init(); // Setup & Initialize CryptoLib - char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char *raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + char *raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - int32_t return_val = CRYPTO_LIB_ERROR; + int32_t return_val = CRYPTO_LIB_ERROR; return_val = Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - char* truth_data_h = "2003003300000002000000000000000000000000E64F9B208554A8CE1CB9BF0C6D100000000000000000000000000000000084C2"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = + "2003003300000002000000000000000000000000E64F9B208554A8CE1CB9BF0C6D100000000000000000000000000000000084C2"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) + // printf("Encrypted Frame:\n"); + for (int i = 0; i < enc_frame_len; i++) { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); + // printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } Crypto_Shutdown(); @@ -213,8 +215,9 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB(KMC_HOSTNAME, "sadb", 3306, CRYPTO_TRUE, CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, "changeit", "cryptosvc", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", "/home/jstar/Desktop/kmc_certs/ca.pem", - NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + Crypto_Config_Kmc_Crypto_Service("https", "itc.kmc.nasa.gov", 8443, "crypto-service", + "/home/jstar/Desktop/kmc_certs/ca.pem", NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, + "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); GvcidManagedParameters_t TC_UT_Managed_Parameters = { 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); @@ -225,44 +228,44 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) TC_UT_Managed_Parameters.vcid = 3; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - int32_t return_val = Crypto_Init(); + int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + char *raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; + char *raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. sa_if->sa_get_from_spi(1, &test_association); test_association->sa_state = SA_NONE; sa_if->sa_get_from_spi(11, &test_association); printf("SPI: %d\n", test_association->spi); test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; + test_association->ast = 0; test_association->arsn_len = 0; sa_if->sa_get_from_spi(11, &test_association); return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - char* truth_data_h = "2003003400000002000000000000000000000000E64F9B208554A8CE1CB9BF0CDC5F7C00000000000000000000000000000000DF62"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; + char *truth_data_h = + "2003003400000002000000000000000000000000E64F9B208554A8CE1CB9BF0CDC5F7C00000000000000000000000000000000DF62"; + uint8_t *truth_data_b = NULL; + int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) + // printf("Encrypted Frame:\n"); + for (int i = 0; i < enc_frame_len; i++) { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); + // printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } - //printf("\n"); + // printf("\n"); Crypto_Shutdown(); free(raw_tc_sdls_ping_b); diff --git a/test/kmc/ut_tm_kmc.c b/test/kmc/ut_tm_kmc.c index e529aae0..03ee98da 100644 --- a/test/kmc/ut_tm_kmc.c +++ b/test/kmc/ut_tm_kmc.c @@ -51,7 +51,6 @@ void reload_db(void) "src/sa/test_sadb_mariadb_sql/create_sadb_ivv_tm_unit_tests.sql"); } - /** * @brief MariaDB: Table Cleanup for Unit Tests * Be sure to use only after initialization @@ -94,7 +93,7 @@ void MDB_DB_RESET() sa_mariadb_config->mysql_port, NULL, 0) == NULL) { // 0,NULL,0 are port number, unix socket, client flag - //finish_with_error(con); + // finish_with_error(con); } printf("Truncating Tables\n"); @@ -102,7 +101,7 @@ void MDB_DB_RESET() if (mysql_real_query(con, query, strlen(query))) { // query should be NUL terminated! printf("Failed to Truncate Table\n"); - //finish_with_error(con); + // finish_with_error(con); } query = "INSERT INTO security_associations_tm " @@ -132,7 +131,7 @@ void MDB_DB_RESET() if (mysql_real_query(con, query, strlen(query))) { // query should be NUL terminated! printf("Failed to re-create security_association_tm table for SPI 11\n"); - //finish_with_error(con); + // finish_with_error(con); } } @@ -194,17 +193,49 @@ UTEST(TM_APPLY_KMC, HAPPY_PATH_ENC_TM_GCM_KMC) "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" "AABBAABBAABBAABB00000000000000000000000000000000415B"; - char *raw_tm_sdls_ping_b = NULL; - int raw_tm_sdls_ping_len = 0; + char *raw_tm_sdls_ping_b = NULL; + int raw_tm_sdls_ping_len = 0; // SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tm_sdls_ping_h, &raw_tm_sdls_ping_b, &raw_tm_sdls_ping_len); - return_val = - Crypto_TM_ApplySecurity((uint8_t *)raw_tm_sdls_ping_b, raw_tm_sdls_ping_len); + return_val = Crypto_TM_ApplySecurity((uint8_t *)raw_tm_sdls_ping_b, raw_tm_sdls_ping_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char *truth_tm_h = "003200001800000300000000000000000000000100EAD4B927F61B18F2771E0B23EE8217F27CC1A30B55347164A4502599E66ED481B8D430CA8B102CD1547E4EF8E88C000A0D20ABADCA6F1EA3933AFB043EBB62E4C2E17FAF7C09DD0A94C4CDE0E382F66B295807F39B6D9317619D2649C96DB7ACC6EFBF3334BDCCEB0A969D2E920BC5FDA9137BDD41F49A0276544B0F4968997A505AE22A1AA4E9FF55641F04140B3445B7A063AFBB83E12A81CDFA46074DD0DB9FC86B6F67879E744458A39191AE34FC5F8B7266077D026DEFA995B9C8A8514D95992E6991C71EFEECA6DB5F8E9EA5E6C66204B7F9F2E2237640E9944258FCF9686B46A6E16DC9A0420428A14B6EEFE5619975956D2FAFCEB747C7352850E17A30023842AB33A4F9E2FD6168E187C3B730C38EE1734056C23B6D1E755EB446B61476468E01C570D5089B271C1AA3270F0488422B5A78E9BCD9EB75065F0183A887AD10A96542FF45F870C05AF113EF6C35AF298E983C5D7876A801C741D27EB742ABE305F82DACC902E9169C425212AB9ED684DAA3383B661E8848E71CD1FC050264AAFA97FC188DD0FADCF7599A800419A6302D8BA0257F5A81C5A8BB9FBF13FD9A9BA45846218DF0377EC91816F4A07550DF1B8A3B5057B3994426799466C7D8EFDEC8F8E495FD971B367795776ABF344BAD1DA919EC794FB84CD97AEDFD8FD1FB243B206CDE9BB468A1657D9A4248E7F0AA5990ABD085B7C8A2990816730D9FD74EE0BA70A7CDCB2AD8A16074EBF09BAB1F958DD18A8D9AABA4872D9FA944362CD70A5596D94D0AA99852BFEEEE19921943FF165A7CDE60057C39A5BA200B152772F8FD4935537442AF492BE09F3D063B00958F61B5905E9BAEEF940E0607A07577100382070CC55EEC0E3408AB93E9A30689115FEC0E3357732DE89D83232C313B6F0EE2B6FE315B638DA0FBE7E3F07EDD09ED1937C71C002B06C0ADE996570B1F68A4C1B8B2891DDC6162567C520435FF4F4EFB1A2B9E126E4F84302FD2C2EAA15DB58B24C88ACC33BD50041742AC9A64E9D2DD171A1CD18AD173CCE9F2DD2D8CE02AB55B87D42FB227B08029446B32D85F419928DBB67549727A79BA4CEFC6C379D0DF238AE521C5217048FDB124A168836B4486E0F91ECDF76E4A32491D94C7860C8CE03C0B41447D6E703421A5B4D3D3578F1BC1EBEE99C49D577D2DC710DCDE1BE74C1308F0D85C6570A0C28DE14C0A1E3D0FD85D894F5CC0A0D0BC824426A7EF42EB8490D318FCB75251E63E4629C1966FDF5EE3920A7CFF380DBD89DC294AFF16361F55B0DA4724DB2771857670382A0AD329D02761C3523AD2B1336B5DE85848F7D70A280F65AA05A36A1C676AC9BF9BBA71ECC7C3482B4F2A92409392A4CE5401B56C9A007338FE518E55A9B8BBE4543EA4C6B1D9CADA9783B568B8AB0D9218F95F9898693C979BF0995041F0C754EF142D6521830405F5F67249BC5DD6F187D9AC281599CB3C6BEAA4519388E983B0DEF619C809EFC2C6C7ADA36FE06B0F12A41B2FF67C416A08D1BEF6069C5544B3C66B696BDE1A64CFF59646713C7C7CFC1335E64A1A75C8290A28527AA8C087E20256A44F257B7D1B224D94DF5F189E16B7DD2CCBD458260CCA0556CA1B13F28E87B96AE6BCF0701B40BAF68B95285CFCBBB65A70BD02F4B846168EB3950AC772DCA4DB620427125944BFAF3651359E6CF97572EDB9ADD77EDF2E29DF00304ED7981965F549355BA8780909398FE6CE14B1A1D3304AB27745592F6EE62A7721900CC7326505C5D6EF9972DDDCA4472EE27E425002A283ADDAF57477ADE01329D9036ADE65298765665887342FB7653353F0C73418BD0FFBA466C6058835E4751AEE5FA275FFE5D3775C89935F1E1FC1C80D0174F8EFA87071834ADFA0EA59F7F9749AF9123E10ED01B72C8C68D6E4F58BEFE7D52B7C774C84E8C6F57BBDCA9EA2E7197FABE47A2058D3750A5BEADCB883D9288A804FF3C32E9CBC26132A5F51D16E2250EE2186E34C329D783D4E907F039A833B18358CDB0EF1AB5A0F66B5FDDCD42603B4DF499C799C02261072B834976DA5F0C50ECFC5DF355C943FC0C2E06C59B15830862E5C9E25091BE659A7D383090EEBD22C3FFFB6AD80F882FB38F4E3689821D9A058E4569D14E48E6BDB9F973AA26A4B1B683CDF0AE5F67CA93CD0519622DC9E17884657637629E2F0507683BD9E9B80423A6E8220000CE924E2B71AA3025118C7AFD578A1DB0BC7243D6F7FB839223FDB02DE3973B9D954625A11A321D9FFFB01EC1EF3AD73F6215FDC51F45A9C39D69F5D55EAE424B3E48EDE3C5A5B441EA4BF6BF578A3AB8CCD19D650742B514C4ABEC1D766D9C1A52895D93E6A905DBB1898409D60CA9CC82F03D0E2FEEB542D12B00F3E229CCDC41C5D6DCDED6A23B6CDEFBFB0C77904BB0F80C0EF2C73BBFDE8AE8E4DD6D13369F1D4CD1CC233ADE81EE90FD0B4AEAAF3DE619DBFAF431DA98731B1BC956B514759F75CCF0497561450560E01656399DDC34B0000"; + char *truth_tm_h = + "003200001800000300000000000000000000000100EAD4B927F61B18F2771E0B23EE8217F27CC1A30B55347164A4502599E66ED481B8D4" + "30CA8B102CD1547E4EF8E88C000A0D20ABADCA6F1EA3933AFB043EBB62E4C2E17FAF7C09DD0A94C4CDE0E382F66B295807F39B6D931761" + "9D2649C96DB7ACC6EFBF3334BDCCEB0A969D2E920BC5FDA9137BDD41F49A0276544B0F4968997A505AE22A1AA4E9FF55641F04140B3445" + "B7A063AFBB83E12A81CDFA46074DD0DB9FC86B6F67879E744458A39191AE34FC5F8B7266077D026DEFA995B9C8A8514D95992E6991C71E" + "FEECA6DB5F8E9EA5E6C66204B7F9F2E2237640E9944258FCF9686B46A6E16DC9A0420428A14B6EEFE5619975956D2FAFCEB747C7352850" + "E17A30023842AB33A4F9E2FD6168E187C3B730C38EE1734056C23B6D1E755EB446B61476468E01C570D5089B271C1AA3270F0488422B5A" + "78E9BCD9EB75065F0183A887AD10A96542FF45F870C05AF113EF6C35AF298E983C5D7876A801C741D27EB742ABE305F82DACC902E9169C" + "425212AB9ED684DAA3383B661E8848E71CD1FC050264AAFA97FC188DD0FADCF7599A800419A6302D8BA0257F5A81C5A8BB9FBF13FD9A9B" + "A45846218DF0377EC91816F4A07550DF1B8A3B5057B3994426799466C7D8EFDEC8F8E495FD971B367795776ABF344BAD1DA919EC794FB8" + "4CD97AEDFD8FD1FB243B206CDE9BB468A1657D9A4248E7F0AA5990ABD085B7C8A2990816730D9FD74EE0BA70A7CDCB2AD8A16074EBF09B" + "AB1F958DD18A8D9AABA4872D9FA944362CD70A5596D94D0AA99852BFEEEE19921943FF165A7CDE60057C39A5BA200B152772F8FD493553" + "7442AF492BE09F3D063B00958F61B5905E9BAEEF940E0607A07577100382070CC55EEC0E3408AB93E9A30689115FEC0E3357732DE89D83" + "232C313B6F0EE2B6FE315B638DA0FBE7E3F07EDD09ED1937C71C002B06C0ADE996570B1F68A4C1B8B2891DDC6162567C520435FF4F4EFB" + "1A2B9E126E4F84302FD2C2EAA15DB58B24C88ACC33BD50041742AC9A64E9D2DD171A1CD18AD173CCE9F2DD2D8CE02AB55B87D42FB227B0" + "8029446B32D85F419928DBB67549727A79BA4CEFC6C379D0DF238AE521C5217048FDB124A168836B4486E0F91ECDF76E4A32491D94C786" + "0C8CE03C0B41447D6E703421A5B4D3D3578F1BC1EBEE99C49D577D2DC710DCDE1BE74C1308F0D85C6570A0C28DE14C0A1E3D0FD85D894F" + "5CC0A0D0BC824426A7EF42EB8490D318FCB75251E63E4629C1966FDF5EE3920A7CFF380DBD89DC294AFF16361F55B0DA4724DB27718576" + "70382A0AD329D02761C3523AD2B1336B5DE85848F7D70A280F65AA05A36A1C676AC9BF9BBA71ECC7C3482B4F2A92409392A4CE5401B56C" + "9A007338FE518E55A9B8BBE4543EA4C6B1D9CADA9783B568B8AB0D9218F95F9898693C979BF0995041F0C754EF142D6521830405F5F672" + "49BC5DD6F187D9AC281599CB3C6BEAA4519388E983B0DEF619C809EFC2C6C7ADA36FE06B0F12A41B2FF67C416A08D1BEF6069C5544B3C6" + "6B696BDE1A64CFF59646713C7C7CFC1335E64A1A75C8290A28527AA8C087E20256A44F257B7D1B224D94DF5F189E16B7DD2CCBD458260C" + "CA0556CA1B13F28E87B96AE6BCF0701B40BAF68B95285CFCBBB65A70BD02F4B846168EB3950AC772DCA4DB620427125944BFAF3651359E" + "6CF97572EDB9ADD77EDF2E29DF00304ED7981965F549355BA8780909398FE6CE14B1A1D3304AB27745592F6EE62A7721900CC7326505C5" + "D6EF9972DDDCA4472EE27E425002A283ADDAF57477ADE01329D9036ADE65298765665887342FB7653353F0C73418BD0FFBA466C6058835" + "E4751AEE5FA275FFE5D3775C89935F1E1FC1C80D0174F8EFA87071834ADFA0EA59F7F9749AF9123E10ED01B72C8C68D6E4F58BEFE7D52B" + "7C774C84E8C6F57BBDCA9EA2E7197FABE47A2058D3750A5BEADCB883D9288A804FF3C32E9CBC26132A5F51D16E2250EE2186E34C329D78" + "3D4E907F039A833B18358CDB0EF1AB5A0F66B5FDDCD42603B4DF499C799C02261072B834976DA5F0C50ECFC5DF355C943FC0C2E06C59B1" + "5830862E5C9E25091BE659A7D383090EEBD22C3FFFB6AD80F882FB38F4E3689821D9A058E4569D14E48E6BDB9F973AA26A4B1B683CDF0A" + "E5F67CA93CD0519622DC9E17884657637629E2F0507683BD9E9B80423A6E8220000CE924E2B71AA3025118C7AFD578A1DB0BC7243D6F7F" + "B839223FDB02DE3973B9D954625A11A321D9FFFB01EC1EF3AD73F6215FDC51F45A9C39D69F5D55EAE424B3E48EDE3C5A5B441EA4BF6BF5" + "78A3AB8CCD19D650742B514C4ABEC1D766D9C1A52895D93E6A905DBB1898409D60CA9CC82F03D0E2FEEB542D12B00F3E229CCDC41C5D6D" + "CDED6A23B6CDEFBFB0C77904BB0F80C0EF2C73BBFDE8AE8E4DD6D13369F1D4CD1CC233ADE81EE90FD0B4AEAAF3DE619DBFAF431DA98731" + "B1BC956B514759F75CCF0497561450560E01656399DDC34B0000"; char *truth_tm_b = NULL; int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); @@ -244,9 +275,41 @@ UTEST(TM_PROCESS_KMC, HAPPY_PATH_DEC_TM_GCM_KMC) ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); char *raw_tm_sdls_ping_h = - "003200001800000300000000000000000000000100EAD4B927F61B18F2771E0B23EE8217F27CC1A30B55347164A4502599E66ED481B8D430CA8B102CD1547E4EF8E88C000A0D20ABADCA6F1EA3933AFB043EBB62E4C2E17FAF7C09DD0A94C4CDE0E382F66B295807F39B6D9317619D2649C96DB7ACC6EFBF3334BDCCEB0A969D2E920BC5FDA9137BDD41F49A0276544B0F4968997A505AE22A1AA4E9FF55641F04140B3445B7A063AFBB83E12A81CDFA46074DD0DB9FC86B6F67879E744458A39191AE34FC5F8B7266077D026DEFA995B9C8A8514D95992E6991C71EFEECA6DB5F8E9EA5E6C66204B7F9F2E2237640E9944258FCF9686B46A6E16DC9A0420428A14B6EEFE5619975956D2FAFCEB747C7352850E17A30023842AB33A4F9E2FD6168E187C3B730C38EE1734056C23B6D1E755EB446B61476468E01C570D5089B271C1AA3270F0488422B5A78E9BCD9EB75065F0183A887AD10A96542FF45F870C05AF113EF6C35AF298E983C5D7876A801C741D27EB742ABE305F82DACC902E9169C425212AB9ED684DAA3383B661E8848E71CD1FC050264AAFA97FC188DD0FADCF7599A800419A6302D8BA0257F5A81C5A8BB9FBF13FD9A9BA45846218DF0377EC91816F4A07550DF1B8A3B5057B3994426799466C7D8EFDEC8F8E495FD971B367795776ABF344BAD1DA919EC794FB84CD97AEDFD8FD1FB243B206CDE9BB468A1657D9A4248E7F0AA5990ABD085B7C8A2990816730D9FD74EE0BA70A7CDCB2AD8A16074EBF09BAB1F958DD18A8D9AABA4872D9FA944362CD70A5596D94D0AA99852BFEEEE19921943FF165A7CDE60057C39A5BA200B152772F8FD4935537442AF492BE09F3D063B00958F61B5905E9BAEEF940E0607A07577100382070CC55EEC0E3408AB93E9A30689115FEC0E3357732DE89D83232C313B6F0EE2B6FE315B638DA0FBE7E3F07EDD09ED1937C71C002B06C0ADE996570B1F68A4C1B8B2891DDC6162567C520435FF4F4EFB1A2B9E126E4F84302FD2C2EAA15DB58B24C88ACC33BD50041742AC9A64E9D2DD171A1CD18AD173CCE9F2DD2D8CE02AB55B87D42FB227B08029446B32D85F419928DBB67549727A79BA4CEFC6C379D0DF238AE521C5217048FDB124A168836B4486E0F91ECDF76E4A32491D94C7860C8CE03C0B41447D6E703421A5B4D3D3578F1BC1EBEE99C49D577D2DC710DCDE1BE74C1308F0D85C6570A0C28DE14C0A1E3D0FD85D894F5CC0A0D0BC824426A7EF42EB8490D318FCB75251E63E4629C1966FDF5EE3920A7CFF380DBD89DC294AFF16361F55B0DA4724DB2771857670382A0AD329D02761C3523AD2B1336B5DE85848F7D70A280F65AA05A36A1C676AC9BF9BBA71ECC7C3482B4F2A92409392A4CE5401B56C9A007338FE518E55A9B8BBE4543EA4C6B1D9CADA9783B568B8AB0D9218F95F9898693C979BF0995041F0C754EF142D6521830405F5F67249BC5DD6F187D9AC281599CB3C6BEAA4519388E983B0DEF619C809EFC2C6C7ADA36FE06B0F12A41B2FF67C416A08D1BEF6069C5544B3C66B696BDE1A64CFF59646713C7C7CFC1335E64A1A75C8290A28527AA8C087E20256A44F257B7D1B224D94DF5F189E16B7DD2CCBD458260CCA0556CA1B13F28E87B96AE6BCF0701B40BAF68B95285CFCBBB65A70BD02F4B846168EB3950AC772DCA4DB620427125944BFAF3651359E6CF97572EDB9ADD77EDF2E29DF00304ED7981965F549355BA8780909398FE6CE14B1A1D3304AB27745592F6EE62A7721900CC7326505C5D6EF9972DDDCA4472EE27E425002A283ADDAF57477ADE01329D9036ADE65298765665887342FB7653353F0C73418BD0FFBA466C6058835E4751AEE5FA275FFE5D3775C89935F1E1FC1C80D0174F8EFA87071834ADFA0EA59F7F9749AF9123E10ED01B72C8C68D6E4F58BEFE7D52B7C774C84E8C6F57BBDCA9EA2E7197FABE47A2058D3750A5BEADCB883D9288A804FF3C32E9CBC26132A5F51D16E2250EE2186E34C329D783D4E907F039A833B18358CDB0EF1AB5A0F66B5FDDCD42603B4DF499C799C02261072B834976DA5F0C50ECFC5DF355C943FC0C2E06C59B15830862E5C9E25091BE659A7D383090EEBD22C3FFFB6AD80F882FB38F4E3689821D9A058E4569D14E48E6BDB9F973AA26A4B1B683CDF0AE5F67CA93CD0519622DC9E17884657637629E2F0507683BD9E9B80423A6E8220000CE924E2B71AA3025118C7AFD578A1DB0BC7243D6F7FB839223FDB02DE3973B9D954625A11A321D9FFFB01EC1EF3AD73F6215FDC51F45A9C39D69F5D55EAE424B3E48EDE3C5A5B441EA4BF6BF578A3AB8CCD19D650742B514C4ABEC1D766D9C1A52895D93E6A905DBB1898409D60CA9CC82F03D0E2FEEB542D12B00F3E229CCDC41C5D6DCDED6A23B6CDEFBFB0C77904BB0F80C0EF2C73BBFDE8AE8E4DD6D13369F1D4CD1CC233ADE81EE90FD0B4AEAAF3DE619DBFAF431DA98731B1BC956B514759F75CCF0497561450560E01656399DDC34B0000"; - char *raw_tm_sdls_ping_b = NULL; - int raw_tm_sdls_ping_len = 0; + "003200001800000300000000000000000000000100EAD4B927F61B18F2771E0B23EE8217F27CC1A30B55347164A4502599E66ED481B8D4" + "30CA8B102CD1547E4EF8E88C000A0D20ABADCA6F1EA3933AFB043EBB62E4C2E17FAF7C09DD0A94C4CDE0E382F66B295807F39B6D931761" + "9D2649C96DB7ACC6EFBF3334BDCCEB0A969D2E920BC5FDA9137BDD41F49A0276544B0F4968997A505AE22A1AA4E9FF55641F04140B3445" + "B7A063AFBB83E12A81CDFA46074DD0DB9FC86B6F67879E744458A39191AE34FC5F8B7266077D026DEFA995B9C8A8514D95992E6991C71E" + "FEECA6DB5F8E9EA5E6C66204B7F9F2E2237640E9944258FCF9686B46A6E16DC9A0420428A14B6EEFE5619975956D2FAFCEB747C7352850" + "E17A30023842AB33A4F9E2FD6168E187C3B730C38EE1734056C23B6D1E755EB446B61476468E01C570D5089B271C1AA3270F0488422B5A" + "78E9BCD9EB75065F0183A887AD10A96542FF45F870C05AF113EF6C35AF298E983C5D7876A801C741D27EB742ABE305F82DACC902E9169C" + "425212AB9ED684DAA3383B661E8848E71CD1FC050264AAFA97FC188DD0FADCF7599A800419A6302D8BA0257F5A81C5A8BB9FBF13FD9A9B" + "A45846218DF0377EC91816F4A07550DF1B8A3B5057B3994426799466C7D8EFDEC8F8E495FD971B367795776ABF344BAD1DA919EC794FB8" + "4CD97AEDFD8FD1FB243B206CDE9BB468A1657D9A4248E7F0AA5990ABD085B7C8A2990816730D9FD74EE0BA70A7CDCB2AD8A16074EBF09B" + "AB1F958DD18A8D9AABA4872D9FA944362CD70A5596D94D0AA99852BFEEEE19921943FF165A7CDE60057C39A5BA200B152772F8FD493553" + "7442AF492BE09F3D063B00958F61B5905E9BAEEF940E0607A07577100382070CC55EEC0E3408AB93E9A30689115FEC0E3357732DE89D83" + "232C313B6F0EE2B6FE315B638DA0FBE7E3F07EDD09ED1937C71C002B06C0ADE996570B1F68A4C1B8B2891DDC6162567C520435FF4F4EFB" + "1A2B9E126E4F84302FD2C2EAA15DB58B24C88ACC33BD50041742AC9A64E9D2DD171A1CD18AD173CCE9F2DD2D8CE02AB55B87D42FB227B0" + "8029446B32D85F419928DBB67549727A79BA4CEFC6C379D0DF238AE521C5217048FDB124A168836B4486E0F91ECDF76E4A32491D94C786" + "0C8CE03C0B41447D6E703421A5B4D3D3578F1BC1EBEE99C49D577D2DC710DCDE1BE74C1308F0D85C6570A0C28DE14C0A1E3D0FD85D894F" + "5CC0A0D0BC824426A7EF42EB8490D318FCB75251E63E4629C1966FDF5EE3920A7CFF380DBD89DC294AFF16361F55B0DA4724DB27718576" + "70382A0AD329D02761C3523AD2B1336B5DE85848F7D70A280F65AA05A36A1C676AC9BF9BBA71ECC7C3482B4F2A92409392A4CE5401B56C" + "9A007338FE518E55A9B8BBE4543EA4C6B1D9CADA9783B568B8AB0D9218F95F9898693C979BF0995041F0C754EF142D6521830405F5F672" + "49BC5DD6F187D9AC281599CB3C6BEAA4519388E983B0DEF619C809EFC2C6C7ADA36FE06B0F12A41B2FF67C416A08D1BEF6069C5544B3C6" + "6B696BDE1A64CFF59646713C7C7CFC1335E64A1A75C8290A28527AA8C087E20256A44F257B7D1B224D94DF5F189E16B7DD2CCBD458260C" + "CA0556CA1B13F28E87B96AE6BCF0701B40BAF68B95285CFCBBB65A70BD02F4B846168EB3950AC772DCA4DB620427125944BFAF3651359E" + "6CF97572EDB9ADD77EDF2E29DF00304ED7981965F549355BA8780909398FE6CE14B1A1D3304AB27745592F6EE62A7721900CC7326505C5" + "D6EF9972DDDCA4472EE27E425002A283ADDAF57477ADE01329D9036ADE65298765665887342FB7653353F0C73418BD0FFBA466C6058835" + "E4751AEE5FA275FFE5D3775C89935F1E1FC1C80D0174F8EFA87071834ADFA0EA59F7F9749AF9123E10ED01B72C8C68D6E4F58BEFE7D52B" + "7C774C84E8C6F57BBDCA9EA2E7197FABE47A2058D3750A5BEADCB883D9288A804FF3C32E9CBC26132A5F51D16E2250EE2186E34C329D78" + "3D4E907F039A833B18358CDB0EF1AB5A0F66B5FDDCD42603B4DF499C799C02261072B834976DA5F0C50ECFC5DF355C943FC0C2E06C59B1" + "5830862E5C9E25091BE659A7D383090EEBD22C3FFFB6AD80F882FB38F4E3689821D9A058E4569D14E48E6BDB9F973AA26A4B1B683CDF0A" + "E5F67CA93CD0519622DC9E17884657637629E2F0507683BD9E9B80423A6E8220000CE924E2B71AA3025118C7AFD578A1DB0BC7243D6F7F" + "B839223FDB02DE3973B9D954625A11A321D9FFFB01EC1EF3AD73F6215FDC51F45A9C39D69F5D55EAE424B3E48EDE3C5A5B441EA4BF6BF5" + "78A3AB8CCD19D650742B514C4ABEC1D766D9C1A52895D93E6A905DBB1898409D60CA9CC82F03D0E2FEEB542D12B00F3E229CCDC41C5D6D" + "CDED6A23B6CDEFBFB0C77904BB0F80C0EF2C73BBFDE8AE8E4DD6D13369F1D4CD1CC233ADE81EE90FD0B4AEAAF3DE619DBFAF431DA98731" + "B1BC956B514759F75CCF0497561450560E01656399DDC34B0000"; + char *raw_tm_sdls_ping_b = NULL; + int raw_tm_sdls_ping_len = 0; hex_conversion(raw_tm_sdls_ping_h, &raw_tm_sdls_ping_b, &raw_tm_sdls_ping_len); TM_t *tm_frame; @@ -257,8 +320,41 @@ UTEST(TM_PROCESS_KMC, HAPPY_PATH_DEC_TM_GCM_KMC) return_val = Crypto_TM_ProcessSecurity((uint8_t *)raw_tm_sdls_ping_b, raw_tm_sdls_ping_len, tm_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char *truth_tm_h = "003200001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB000000000000000000000000000000000000"; + + char *truth_tm_h = + "003200001800000000000000000000000000000066778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAA" + "BBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB" + "AABBAABBAABBAABB000000000000000000000000000000000000"; char *truth_tm_b = NULL; int truth_tm_len = 0; hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); From ce8a68d2f27589271fbf43c700051e83fa54e8a0 Mon Sep 17 00:00:00 2001 From: Nicolae Mihalache Date: Wed, 17 Sep 2025 16:03:44 +0200 Subject: [PATCH 16/37] Fix reference to SDSL standard The chapter describing the AAD construction in CCSDS 355.0-B-2 is 4.2.3 not 7.2.3 (this last one does not exist) --- src/core/crypto_aos.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index dc52b9d7..36fd6eb6 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -1440,7 +1440,7 @@ int32_t Crypto_Get_aosLength(int len) * @param aad: uint8_t* * @return status: uint32_t * - * CCSDS Compliance: CCSDS 355.0-B-2 Section 7.2.3 (AAD Construction) + * CCSDS Compliance: CCSDS 355.0-B-2 Section 4.2.3 (AAD Construction) **/ uint32_t Crypto_Prepare_AOS_AAD(const uint8_t *buffer, uint16_t len_aad, const uint8_t *abm_buffer, uint8_t *aad) { @@ -1472,4 +1472,4 @@ uint32_t Crypto_Prepare_AOS_AAD(const uint8_t *buffer, uint16_t len_aad, const u #endif return status; -} \ No newline at end of file +} From 9629093ff5febea641c95a04cce80fd0f76ac68e Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 22 Sep 2025 21:08:57 +0000 Subject: [PATCH 17/37] [nasa/cryptolib#471] Fix AOS UT after merge --- test/unit/ut_aos_process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index 6f4ac8c5..3c0706d8 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -1771,7 +1771,7 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) "9FA014FE307413DFF5DC6FE14B05E0F96A4B77FA826B4E6CEC615EA7BC782D81D850B2F5942B059BCB8378CF84943A503C5C8ED9831031" "924047D1D7FC079136004424FCAE5EE4A63B2E447325D79354D715099463C2B263B989AC7B528AC5B9C7513A39371F90FDF6AAE1DCE4B3" "B3892512398DA171E90C2BFCE9A5B93CDCBCEFC24B97B9A7CE5C46910E6609B04771E8A12F1D1541B606F05F83F369C74DD00A6F16366A" - "7883141E78B010BE440462F966F42C85654F3C10535050F0BD13"; + "7883141E78B010BE83D71977C7641BFB68B93231C825ACD0B4B8"; char *framed_aos_b = NULL; int framed_aos_len = 0; From cc26bee263e78d49ea03be785ef773bf273296d0 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Wed, 24 Sep 2025 20:56:12 +0000 Subject: [PATCH 18/37] [nasa/cryptolib#495] fix abm_size on create_sadb.sql --- src/sa/sadb_mariadb_sql/create_sadb.sql | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/sa/sadb_mariadb_sql/create_sadb.sql b/src/sa/sadb_mariadb_sql/create_sadb.sql index c43d74e0..33136c52 100644 --- a/src/sa/sadb_mariadb_sql/create_sadb.sql +++ b/src/sa/sadb_mariadb_sql/create_sadb.sql @@ -58,7 +58,7 @@ CREATE TABLE IF NOT EXISTS security_associations_tm ,acs_len SMALLINT NOT NULL DEFAULT 0 ,acs VARBINARY(4) NOT NULL DEFAULT X'00' ,abm_len MEDIUMINT - ,abm VARBINARY(1024) NOT NULL DEFAULT X'0000FC0000FFFF000000000000000000000000' -- ABM_SIZE=1024 + ,abm VARBINARY(1786) NOT NULL DEFAULT X'0000FC0000FFFF000000000000000000000000' -- ABM_SIZE=1786 ,arsn_len SMALLINT NOT NULL DEFAULT 0 ,arsn VARBINARY(20) NOT NULL DEFAULT X'0000000000000000000000000000000000000000' -- ARSN_SIZE=20 , TBD why so large... ,arsnw SMALLINT NOT NULL DEFAULT 0 -- ARSNW_SIZE=1 @@ -88,7 +88,7 @@ CREATE TABLE IF NOT EXISTS security_associations_aos ,acs_len SMALLINT NOT NULL DEFAULT 0 ,acs VARBINARY(4) NOT NULL DEFAULT X'00' ,abm_len MEDIUMINT - ,abm VARBINARY(1024) NOT NULL DEFAULT X'0000FC0000FFFF000000000000000000000000' -- ABM_SIZE=1024 + ,abm VARBINARY(1786) NOT NULL DEFAULT X'0000FC0000FFFF000000000000000000000000' -- ABM_SIZE=1786 ,arsn_len SMALLINT NOT NULL DEFAULT 0 ,arsn VARBINARY(20) NOT NULL DEFAULT X'0000000000000000000000000000000000000000' -- ARSN_SIZE=20 , TBD why so large... ,arsnw SMALLINT NOT NULL DEFAULT 0 -- ARSNW_SIZE=1 From e27cacb09bacc3af70fab56a6e0c839deafce2b8 Mon Sep 17 00:00:00 2001 From: Donovan Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Thu, 25 Sep 2025 10:06:03 -0400 Subject: [PATCH 19/37] Update pull_request_template.md contributing link --- .github/pull_request_template.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 231381cb..19e5e092 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,6 +1,6 @@ ### All Submissions: -* [ ] Have you followed the guidelines in our [Contributing](https://github.com/nasa/CryptoLib/blob/main/doc/CryptoLib_Indv_CLA.pdf) document? +* [ ] Have you followed the guidelines in our [Contributing](https://github.com/nasa/CryptoLib/blob/main/docs/CryptoLib_Indv_CLA.pdf) document? * [ ] Have you checked to ensure there aren't other open [Pull Requests](https://github.com/nasa/cryptolib/pulls) for the same update/change? ### New Feature Submissions: @@ -13,4 +13,3 @@ ### How do you test these changes? - \ No newline at end of file From 70e053f929a77a70ad36fd1f09679db2bf0d2d2f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 29 Sep 2025 14:37:35 +0000 Subject: [PATCH 20/37] Fix unsafe base64url decode --- src/crypto/kmc/base64url.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/src/crypto/kmc/base64url.c b/src/crypto/kmc/base64url.c index 553daec1..54299777 100644 --- a/src/crypto/kmc/base64url.c +++ b/src/crypto/kmc/base64url.c @@ -210,18 +210,23 @@ int32_t base64urlDecode(const char_t *input, size_t inputLen, void *output, size size_t n; uint8_t *p; - // This function does not handle equals signs at the end of base64 encoded output! - while (input[inputLen - 1] == '=') - { - inputLen--; - } - // Check parameters if (input == NULL && inputLen != 0) return ERROR_INVALID_PARAMETER; if (outputLen == NULL) return ERROR_INVALID_PARAMETER; + // Empty input is valid; produce empty output + if (inputLen == 0) { + *outputLen = 0; + return NO_ERROR; + } + + // Safely strip optional '=' padding + while (inputLen > 0 && input[inputLen - 1] == '=') { + inputLen--; + } + // Check the length of the input string if ((inputLen % 4) == 1) return ERROR_INVALID_LENGTH; From 9ed8baf203c18e751d5b3db9dc17bc7dc3fd8b5f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 11 Dec 2025 20:47:26 +0000 Subject: [PATCH 21/37] advisory fix 1 --- src/core/crypto_config.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 64870fff..7e65184c 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -805,7 +805,7 @@ int32_t Crypto_Config_Cam(uint8_t cam_enabled, char *cookie_file_path, char *key int32_t Crypto_Config_Add_Gvcid_Managed_Parameters(GvcidManagedParameters_t gvcid_managed_parameters_struct) { int32_t status = CRYPTO_LIB_SUCCESS; - if (gvcid_counter > GVCID_MAN_PARAM_SIZE) + if (gvcid_counter >= GVCID_MAN_PARAM_SIZE) { status = CRYPTO_LIB_ERR_EXCEEDS_MANAGED_PARAMETER_MAX_LIMIT; } From 5bade74e452640bb8488d0f7d96c378fd5167c6f Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 11 Dec 2025 22:33:49 +0000 Subject: [PATCH 22/37] add additional AOS Process length checks --- include/crypto_error.h | 3 +- include/crypto_structs.h | 2 +- src/core/crypto_aos.c | 20 ++++ src/core/crypto_error.c | 3 +- ...ryptography_interface_libgcrypt.template.c | 64 +++++----- test/unit/ut_aos_process.c | 110 +++++++++++++++++- 6 files changed, 166 insertions(+), 36 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index a528d0d3..f5d0f150 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -156,8 +156,9 @@ #define CRYPTO_LIB_ERR_TC_FRAME_LENGTH_MISMATCH (-82) #define CRYPTO_LIB_ERR_SHPLF_LEN_LESS_THAN_MIN_PAD_SIZE (-83) #define CRYPTO_LIB_ERR_INVALID_AOS_IZ_LENGTH (-84) +#define CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH (-85) -#define CRYPTO_CORE_ERROR_CODES_MAX -84 +#define CRYPTO_CORE_ERROR_CODES_MAX -85 // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 diff --git a/include/crypto_structs.h b/include/crypto_structs.h index 4342fb96..2a4bfe79 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -637,6 +637,6 @@ typedef struct } __attribute__((packed)) AOS_t; #define AOS_SIZE (sizeof(AOS_t)) -#define AOS_MIN_SIZE 7 +#define AOS_MIN_SIZE 6 #endif // CRYPTO_STRUCTS_H \ No newline at end of file diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index ec85b49f..d0a48bff 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -804,6 +804,20 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) return status; } +int32_t Crypto_AOS_Verify_Frame_Lengths(uint16_t len_ingest) +{ + uint8_t fhec_len = aos_current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC ? FHECF_SIZE : 0; + uint16_t iz_len = aos_current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ ? aos_current_managed_parameters_struct.aos_iz_len : 0; + uint8_t ocf_len = aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF ? OCF_SIZE : 0; + uint8_t fecf_len = aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF ? FECF_SIZE : 0; + uint16_t expected_frame_length = AOS_MIN_SIZE + fhec_len + SPI_LEN + iz_len + ocf_len + fecf_len; + if (len_ingest < expected_frame_length) + { + return CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH; + } + return CRYPTO_LIB_SUCCESS; +} + /** * @brief Function: Crypto_AOS_ProcessSecurity * @param ingest: uint8_t* @@ -889,6 +903,12 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t return status; } // Unable to get necessary Managed Parameters for AOS TF -- return with error. + status = Crypto_AOS_Verify_Frame_Lengths(len_ingest); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + // Increment to end of Primary Header start, depends on FHECF presence byte_idx = 6; if (aos_current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 83d9d4b6..d20c9c2d 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -114,7 +114,8 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_TM_SECONDARY_HDR_VN", (char *)"CRYPTO_LIB_ERR_TC_FRAME_LENGTH_MISMATCH", (char *)"CRYPTO_LIB_ERR_SHPLF_LEN_LESS_THAN_MIN_PAD_SIZE", - (char *)"CRYPTO_LIB_ERR_INVALID_AOS_IZ_LENGTH"}; + (char *)"CRYPTO_LIB_ERR_INVALID_AOS_IZ_LENGTH", + (char *)"CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH"}; char *crypto_enum_errlist_config[] = { (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index 1420cd2a..2fa5ee06 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -305,38 +305,38 @@ static int32_t cryptography_validate_authentication(uint8_t *data_out, size_t le #ifdef MAC_DEBUG // Commented out due to memory leaks with HMAC - uint32_t *tmac_size = &mac_size; - uint8_t tmac[*tmac_size]; - gcry_error = gcry_mac_read(tmp_mac_hd, - &tmac, // tag output - (size_t *)&mac_size // tag size - ); - if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) - { - printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); - status = CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR; - return status; - } - - printf("Calculated Mac Size: %d\n", *tmac_size); - printf("Calculated MAC (full length):\n\t"); - for (uint32_t i = 0; i < *tmac_size; i++) - { - printf("%02X", tmac[i]); - } - printf("\nCalculated MAC (truncated to sa_ptr->stmacf_len):\n\t"); - for (uint32_t i = 0; i < mac_size; i++) - { - printf("%02X", tmac[i]); - } - printf("\n"); - - printf("Received MAC:\n\t"); - for (uint32_t i = 0; i < mac_size; i++) - { - printf("%02X", mac[i]); - } - printf("\n"); + // uint32_t *tmac_size = &mac_size; + // uint8_t tmac[*tmac_size]; + // gcry_error = gcry_mac_read(tmp_mac_hd, + // &tmac, // tag output + // (size_t *)&mac_size // tag size + // ); + // if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) + // { + // printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); + // status = CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR; + // return status; + // } + + // printf("Calculated Mac Size: %d\n", *tmac_size); + // printf("Calculated MAC (full length):\n\t"); + // for (uint32_t i = 0; i < *tmac_size; i++) + // { + // printf("%02X", tmac[i]); + // } + // printf("\nCalculated MAC (truncated to sa_ptr->stmacf_len):\n\t"); + // for (uint32_t i = 0; i < mac_size; i++) + // { + // printf("%02X", tmac[i]); + // } + // printf("\n"); + + // printf("Received MAC:\n\t"); + // for (uint32_t i = 0; i < mac_size; i++) + // { + // printf("%02X", mac[i]); + // } + // printf("\n"); #endif // Compare computed mac with MAC in frame diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index 3c0706d8..0aec4805 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -1887,7 +1887,7 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); - ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); + ASSERT_EQ(CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH, status); Crypto_Shutdown(); free(framed_aos_b); @@ -2166,4 +2166,112 @@ UTEST(AOS_PROCESS, AOS_FHECF_TEST) free(aos_frame); } +UTEST(AOS_PROCESS, AOS_6BYTE_TEST) +{ + remove("sa_save_file.bin"); + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + + uint16_t processed_aos_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Test + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 6, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + status = Crypto_Init(); + + // Test frame setup + char *framed_aos_h = "40C0FEDCBA98"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; + hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + + SecurityAssociation_t *sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 + sa_ptr->sa_state = SA_KEYED; + sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->est = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->arsn_len = 0; + sa_ptr->shsnf_len = 0; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + ASSERT_EQ(CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH, status); + + Crypto_aosPrint(aos_frame); + + Crypto_Shutdown(); + free(framed_aos_b); + free(aos_frame); +} + +UTEST(AOS_PROCESS, AOS_8BYTE_TEST) +{ + remove("sa_save_file.bin"); + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + + uint16_t processed_aos_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Test + GvcidManagedParameters_t AOS_UT_Managed_Parameters = { + 1, 0x0003, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_IZ_NA, 0, AOS_SEGMENT_HDRS_NA, 8, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); + status = Crypto_Init(); + + // Test frame setup + char *framed_aos_h = "40C0FEDCBA987605"; + char *framed_aos_b = NULL; + int framed_aos_len = 0; + hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + + SecurityAssociation_t *sa_ptr = NULL; + SaInterface sa_if = get_sa_interface_inmemory(); + sa_if->sa_get_from_spi(10, &sa_ptr); // Disable SPI 10 + sa_ptr->sa_state = SA_KEYED; + sa_if->sa_get_from_spi(5, &sa_ptr); // Enable and setup 5 + sa_ptr->sa_state = SA_OPERATIONAL; + sa_ptr->est = 1; + sa_ptr->ecs = CRYPTO_CIPHER_AES256_GCM; + sa_ptr->arsn_len = 0; + sa_ptr->shsnf_len = 0; + + crypto_key_t *ekp = NULL; + ekp = key_if->get_key(sa_ptr->ekid); + ekp->key_state = KEY_ACTIVE; + + AOS_t *aos_frame; + aos_frame = malloc(sizeof(uint8_t) * AOS_SIZE); + memset(aos_frame, 0, (sizeof(uint8_t) * AOS_SIZE)); + + status = Crypto_AOS_ProcessSecurity((uint8_t *)framed_aos_b, framed_aos_len, aos_frame, &processed_aos_len); + ASSERT_EQ(CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH, status); + + Crypto_aosPrint(aos_frame); + + Crypto_Shutdown(); + free(framed_aos_b); + free(aos_frame); +} + UTEST_MAIN(); \ No newline at end of file From 6bede990154602977ab37fca2d925f5510639c66 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 23 Dec 2025 17:40:56 +0000 Subject: [PATCH 23/37] testing strtok NULL param --- .../cryptography_interface_kmc_crypto_service.template.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index 5b4b4f1b..6512a2e2 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -368,15 +368,15 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint char *line; char *token; char temp_buff[256]; - for (line = strtok(ciphertext_IV_base64, ","); line != NULL; line = strtok(line + strlen(line) + 1, ",")) + for (line = strtok(ciphertext_IV_base64, ","); line != NULL; line = strtok(NULL, ",")) { strncpy(temp_buff, line, sizeof(temp_buff)); - for (token = strtok(temp_buff, ":"); token != NULL; token = strtok(token + strlen(token) + 1, ":")) + for (token = strtok(temp_buff, ":"); token != NULL; token = strtok(NULL, ":")) { if (strcmp(token, "initialVector") == 0) { - token = strtok(token + strlen(token) + 1, ":"); + token = strtok(NULL, ":"); char *ciphertext_token_base64 = malloc(strlen(token)); size_t cipher_text_token_len = strlen(token); memcpy(ciphertext_token_base64, token, cipher_text_token_len); From 07128b19013738da94a559538a4298fc9b824008 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 23 Dec 2025 16:49:13 -0500 Subject: [PATCH 24/37] Resolve all detected memory leaks --- src/core/crypto_aos.c | 60 +++++++++++++++++++ src/core/crypto_config.c | 2 + src/core/crypto_tc.c | 8 +-- src/core/crypto_tm.c | 25 ++++++++ ...hy_interface_kmc_crypto_service.template.c | 13 +++- ...ryptography_interface_libgcrypt.template.c | 50 ++++++++-------- .../mariadb/sa_interface_mariadb.template.c | 19 ++++++ test/CMakeLists.txt | 6 +- test/kmc/ut_aos_kmc.c | 2 + test/kmc/ut_kmc_crypto.c | 6 +- test/kmc/ut_tc_kmc.c | 21 +++---- test/kmc/ut_tm_kmc.c | 4 ++ 12 files changed, 165 insertions(+), 51 deletions(-) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index ec85b49f..db4385da 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -957,6 +957,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -990,6 +994,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t #endif status = CRYPTO_LIB_ERROR; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1015,6 +1023,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t { status = CRYPTO_LIB_ERR_NO_ECS_SET_FOR_ENCRYPTION_MODE; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1040,6 +1052,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t { status = CRYPTO_LIB_ERR_AOS_FL_LT_MAX_FRAME_SIZE; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1064,6 +1080,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t #endif status = CRYPTO_LIB_ERR_INVALID_FECF; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } // Valid FECF, zero out the field @@ -1085,6 +1105,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t #endif status = CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_AOS_CONFIG; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1097,6 +1121,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t #endif status = CRYPTO_LIB_ERROR; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1206,6 +1234,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); free(p_new_dec_frame); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } if (ekp->key_state != KEY_ACTIVE) @@ -1213,6 +1245,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); free(p_new_dec_frame); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } } @@ -1227,6 +1263,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t status = CRYPTO_LIB_ERR_KEY_ID_ERROR; mc_if->mc_log(status); free(p_new_dec_frame); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } if (akp->key_state != KEY_ACTIVE) @@ -1234,6 +1274,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t status = CRYPTO_LIB_ERR_KEY_STATE_INVALID; mc_if->mc_log(status); free(p_new_dec_frame); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } } @@ -1270,6 +1314,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t aad_len); #endif mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1293,6 +1341,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t printf(KRED "Error: SA Not Operational \n" RESET); #endif free(p_new_dec_frame); // Add cleanup + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; } @@ -1369,6 +1421,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t free(p_new_dec_frame); // Add cleanup status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1502,6 +1558,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t (uint16_t)(p_new_dec_frame[byte_idx] << 8) | p_new_dec_frame[byte_idx + 1]; } free(p_new_dec_frame); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } #ifdef DEBUG printf(KYEL "----- Crypto_AOS_ProcessSecurity END -----\n" RESET); diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 64870fff..4809b278 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -760,10 +760,12 @@ int32_t Crypto_Config_Cam(uint8_t cam_enabled, char *cookie_file_path, char *key if (Crypto_is_safe_username(username) != CRYPTO_LIB_SUCCESS) { + free(cam_config); return CAM_CONFIG_NOT_SUPPORTED_ERROR; } if (Crypto_is_safe_path(keytab_file_path) != CRYPTO_LIB_SUCCESS) { + free(cam_config); return CAM_CONFIG_NOT_SUPPORTED_ERROR; } diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 1299f136..6ec026a1 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -2217,18 +2217,14 @@ static int32_t validate_sa_index(SecurityAssociation_t *sa) int32_t returnval = 0; SecurityAssociation_t *temp_sa; - if (crypto_config.sa_type == SA_TYPE_MARIADB) - { - mariadb_table_name = MARIADB_TC_TABLE_NAME; - } - sa_if->sa_get_from_spi(sa->spi, &temp_sa); - // Do not validate sa index on KMC if (crypto_config.sa_type == SA_TYPE_MARIADB) { return returnval; } + sa_if->sa_get_from_spi(sa->spi, &temp_sa); + int sa_index = -1; sa_index = (int)(sa - temp_sa); // Based on array memory location #ifdef DEBUG diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index e99a352d..91c8967e 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -1796,6 +1796,10 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * { status = CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1804,6 +1808,10 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * { status = CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1861,6 +1869,11 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * { status = CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); + free(p_new_dec_frame); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } @@ -1873,6 +1886,10 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * if (status != CRYPTO_LIB_SUCCESS) { free(p_new_dec_frame); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } } @@ -1892,6 +1909,10 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * printf(KRED "Error: SA Not Operational \n" RESET); #endif free(p_new_dec_frame); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL; } @@ -1900,6 +1921,10 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t * p_decrypted_length); } + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index 6512a2e2..a52432b0 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -1333,15 +1333,15 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, char *line; char *token; char temp_buff[256]; - for (line = strtok(ciphertext_IV_base64, ","); line != NULL; line = strtok(line + strlen(line) + 1, ",")) + for (line = strtok(ciphertext_IV_base64, ","); line != NULL; line = strtok(NULL, ",")) { strncpy(temp_buff, line, sizeof(temp_buff)); - for (token = strtok(temp_buff, ":"); token != NULL; token = strtok(token + strlen(token) + 1, ":")) + for (token = strtok(temp_buff, ":"); token != NULL; token = strtok(NULL, ":")) { if (strcmp(token, "initialVector") == 0) { - token = strtok(token + strlen(token) + 1, ":"); + token = strtok(NULL, ":"); char *ciphertext_token_base64 = malloc(strlen(token)); size_t cipher_text_token_len = strlen(token); memcpy(ciphertext_token_base64, token, cipher_text_token_len); @@ -1374,12 +1374,14 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, memcpy(data_out - sa_ptr->shsnf_len - sa_ptr->shivf_len - sa_ptr->shplf_len, iv_decoded, iv_decoded_len); } + free(iv_decoded); free(ciphertext_token_base64); break; } } } + free(ciphertext_IV_base64); json_idx++; continue; } @@ -1461,6 +1463,11 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, return status; } + if (encrypt_payload != NULL && aad_bool == CRYPTO_TRUE) + { + free(encrypt_payload); + } + /* JSON Response Handling End */ uint8_t *ciphertext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1); diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index 1420cd2a..ddffcea9 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -305,31 +305,31 @@ static int32_t cryptography_validate_authentication(uint8_t *data_out, size_t le #ifdef MAC_DEBUG // Commented out due to memory leaks with HMAC - uint32_t *tmac_size = &mac_size; - uint8_t tmac[*tmac_size]; - gcry_error = gcry_mac_read(tmp_mac_hd, - &tmac, // tag output - (size_t *)&mac_size // tag size - ); - if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) - { - printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); - status = CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR; - return status; - } - - printf("Calculated Mac Size: %d\n", *tmac_size); - printf("Calculated MAC (full length):\n\t"); - for (uint32_t i = 0; i < *tmac_size; i++) - { - printf("%02X", tmac[i]); - } - printf("\nCalculated MAC (truncated to sa_ptr->stmacf_len):\n\t"); - for (uint32_t i = 0; i < mac_size; i++) - { - printf("%02X", tmac[i]); - } - printf("\n"); + // uint32_t *tmac_size = &mac_size; + // uint8_t tmac[*tmac_size]; + // gcry_error = gcry_mac_read(tmp_mac_hd, + // &tmac, // tag output + // (size_t *)&mac_size // tag size + // ); + // if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) + // { + // printf(KRED "ERROR: gcry_mac_read error code %d\n" RESET, gcry_error & GPG_ERR_CODE_MASK); + // status = CRYPTO_LIB_ERR_MAC_RETRIEVAL_ERROR; + // return status; + // } + + // printf("Calculated Mac Size: %d\n", *tmac_size); + // printf("Calculated MAC (full length):\n\t"); + // for (uint32_t i = 0; i < *tmac_size; i++) + // { + // printf("%02X", tmac[i]); + // } + // printf("\nCalculated MAC (truncated to sa_ptr->stmacf_len):\n\t"); + // for (uint32_t i = 0; i < mac_size; i++) + // { + // printf("%02X", tmac[i]); + // } + // printf("\n"); printf("Received MAC:\n\t"); for (uint32_t i = 0; i < mac_size; i++) diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index 83861027..659d759c 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -308,6 +308,7 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se if (mysql_real_query(con, query, strlen(query))) { // query should be NUL terminated! status = finish_with_error_soft(&con, SADB_QUERY_FAILED); + free(sa); return status; } // todo - if query fails, need to push failure message to error stack instead of just return code. @@ -316,6 +317,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se if (result == NULL) { status = finish_with_error_soft(&con, SADB_QUERY_EMPTY_RESULTS); + free(sa); + mysql_free_result(result); return status; } @@ -323,6 +326,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se if (num_rows == 0) // No rows returned in query!! { status = finish_with_error_soft(&con, SADB_QUERY_EMPTY_RESULTS); + free(sa); + mysql_free_result(result); return status; } @@ -436,6 +441,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se { status = SADB_INVALID_SA_FIELD_VALUE; mc_if->mc_log(status); + free(sa); + mysql_free_result(result); return status; } continue; @@ -447,6 +454,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se { status = SADB_INVALID_SA_FIELD_VALUE; mc_if->mc_log(status); + free(sa); + mysql_free_result(result); return status; } continue; @@ -458,6 +467,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se { status = SADB_INVALID_SA_FIELD_VALUE; mc_if->mc_log(status); + free(sa); + mysql_free_result(result); return status; } continue; @@ -469,6 +480,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se { status = SADB_INVALID_SA_FIELD_VALUE; mc_if->mc_log(status); + free(sa); + mysql_free_result(result); return status; } continue; @@ -480,6 +493,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se { status = SADB_INVALID_SA_FIELD_VALUE; mc_if->mc_log(status); + free(sa); + mysql_free_result(result); return status; } continue; @@ -516,6 +531,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se { status = SADB_INVALID_SA_FIELD_VALUE; mc_if->mc_log(status); + free(sa); + mysql_free_result(result); return status; } continue; @@ -532,6 +549,8 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se { status = SADB_INVALID_SA_FIELD_VALUE; mc_if->mc_log(status); + free(sa); + mysql_free_result(result); return status; } continue; diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 874d7600..5a272f63 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -107,9 +107,9 @@ if((KMC_MDB_DB OR KMC_MDB_RH)) # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - add_test(NAME UT_KMC_CRYPTO - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + # add_test(NAME UT_KMC_CRYPTO + # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto + # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) # add_test(NAME UT_KMC_CRYPTO_WITH_MTLS_SADB # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_with_mtls_sadb diff --git a/test/kmc/ut_aos_kmc.c b/test/kmc/ut_aos_kmc.c index 7c99cc2d..6136acdb 100644 --- a/test/kmc/ut_aos_kmc.c +++ b/test/kmc/ut_aos_kmc.c @@ -250,6 +250,7 @@ UTEST(AOS_APPLY_KMC, HAPPY_PATH_ENC_AOS_CBC_KMC) } Crypto_Shutdown(); + free(truth_aos_b); free(raw_aos_sdls_ping_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); } @@ -380,6 +381,7 @@ UTEST(AOS_PROCESS_KMC, HAPPY_PATH_DEC_AOS_CBC_KMC) Crypto_aosPrint(ptr_processed_frame); Crypto_Shutdown(); + free(sa_ptr); free(truth_aos_b); free(ptr_processed_frame); free(raw_aos_sdls_ping_b); diff --git a/test/kmc/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c index 5120428c..822cd675 100644 --- a/test/kmc/ut_kmc_crypto.c +++ b/test/kmc/ut_kmc_crypto.c @@ -557,11 +557,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) status = Crypto_TC_ProcessSecurity((uint8_t *)enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); - if (status != CRYPTO_LIB_SUCCESS) - { - Crypto_Shutdown(); - } ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + printf("Processed PDU:\n"); for (int i = 0; i < tc_processed_frame->tc_pdu_len; i++) { @@ -575,6 +572,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) Crypto_Shutdown(); free(enc_tc_jpl_mmt_scid44_vcid1_expect); free(ptr_enc_frame); + free(tc_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } diff --git a/test/kmc/ut_tc_kmc.c b/test/kmc/ut_tc_kmc.c index 9af194ba..03d83ecf 100644 --- a/test/kmc/ut_tc_kmc.c +++ b/test/kmc/ut_tc_kmc.c @@ -196,6 +196,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } Crypto_Shutdown(); + free(truth_data_b); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); @@ -240,16 +241,15 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; - sa_if->sa_get_from_spi(11, &test_association); + // SecurityAssociation_t *test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + // // Expose the SADB Security Association for test edits. + // sa_if->sa_get_from_spi(1, &test_association); + // test_association->sa_state = SA_NONE; + // sa_if->sa_get_from_spi(11, &test_association); + // printf("SPI: %d\n", test_association->spi); + // test_association->sa_state = SA_OPERATIONAL; + // test_association->ast = 0; + // test_association->arsn_len = 0; return_val = Crypto_TC_ApplySecurity((uint8_t *)raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); @@ -268,6 +268,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) // printf("\n"); Crypto_Shutdown(); + free(truth_data_b); free(raw_tc_sdls_ping_b); free(ptr_enc_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); diff --git a/test/kmc/ut_tm_kmc.c b/test/kmc/ut_tm_kmc.c index 03ee98da..e62114b0 100644 --- a/test/kmc/ut_tm_kmc.c +++ b/test/kmc/ut_tm_kmc.c @@ -247,6 +247,7 @@ UTEST(TM_APPLY_KMC, HAPPY_PATH_ENC_TM_GCM_KMC) } Crypto_Shutdown(); + free(truth_tm_b); free(raw_tm_sdls_ping_b); } @@ -368,6 +369,9 @@ UTEST(TM_PROCESS_KMC, HAPPY_PATH_DEC_TM_GCM_KMC) } Crypto_Shutdown(); + free(sa_ptr); + free(tm_frame); + free(truth_tm_b); free(raw_tm_sdls_ping_b); } From ca91dc19a7ece79cdd8e038d562c5fa3cc563a9e Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Wed, 24 Dec 2025 09:48:52 -0500 Subject: [PATCH 25/37] set cam_config to NULL on error --- src/core/crypto_config.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 4809b278..b5b64fde 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -751,8 +751,8 @@ int32_t Crypto_Config_Cam(uint8_t cam_enabled, char *cookie_file_path, char *key char *access_manager_uri, char *username, char *cam_home) { int32_t status = CRYPTO_LIB_SUCCESS; - cam_config = (CamConfig_t *)calloc(1, CAM_CONFIG_SIZE); + cam_config = (CamConfig_t *)calloc(1, CAM_CONFIG_SIZE); if (cam_config == NULL) { return CRYPTO_LIB_ERROR; @@ -761,11 +761,14 @@ int32_t Crypto_Config_Cam(uint8_t cam_enabled, char *cookie_file_path, char *key if (Crypto_is_safe_username(username) != CRYPTO_LIB_SUCCESS) { free(cam_config); + cam_config = NULL; return CAM_CONFIG_NOT_SUPPORTED_ERROR; } + if (Crypto_is_safe_path(keytab_file_path) != CRYPTO_LIB_SUCCESS) { free(cam_config); + cam_config = NULL; return CAM_CONFIG_NOT_SUPPORTED_ERROR; } From 653ebb8019d7c8abf0ba3a5ef02108ba16b6b4bf Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 30 Dec 2025 15:38:07 -0500 Subject: [PATCH 26/37] add missing kmc/tc frees, add kmc_crypto UTs back --- src/core/crypto_tc.c | 7 ++ ...hy_interface_kmc_crypto_service.template.c | 81 +++++++++++++++---- test/CMakeLists.txt | 6 +- test/kmc/ut_kmc_crypto.c | 22 +++-- 4 files changed, 91 insertions(+), 25 deletions(-) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 6ec026a1..5d07c9e2 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -488,6 +488,7 @@ int32_t Crypto_TC_Encrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr { Crypto_TC_Safe_Free_Ptr(*aad); status = CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + free(p_new_enc_frame); mc_if->mc_log(status); return status; } @@ -577,6 +578,7 @@ int32_t Crypto_TC_Encrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr if (status != CRYPTO_LIB_SUCCESS) { Crypto_TC_Safe_Free_Ptr(*aad); + free(p_new_enc_frame); mc_if->mc_log(status); return status; // Cryptography IF call failed, return. } @@ -1158,6 +1160,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t *p_in_frame, const uint16_t in if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); + free(p_new_enc_frame); return status; } @@ -1272,6 +1275,10 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t *p_in_frame, const uint16_t in if (status != CRYPTO_LIB_SUCCESS) { mc_if->mc_log(status); + if (crypto_config.sa_type == SA_TYPE_MARIADB) + { + free(sa_ptr); + } return status; } diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index a52432b0..98d7ebce 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -271,6 +271,7 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint if (sa_ptr->ek_ref[0] == '\0') { status = CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA; + free(iv_base64); return status; } @@ -289,18 +290,20 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint snprintf(encrypt_endpoint_final, len_encrypt_endpoint, encrypt_endpoint, sa_ptr->ek_ref, AES_CBC_TRANSFORMATION, iv_base64); } + free(iv_base64); encrypt_uri = (char *)malloc(strlen(kmc_root_uri) + len_encrypt_endpoint); encrypt_uri[0] = '\0'; strcat(encrypt_uri, kmc_root_uri); strcat(encrypt_uri, encrypt_endpoint_final); + free(encrypt_endpoint_final); #ifdef DEBUG printf("Encrypt URI: %s\n", encrypt_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, encrypt_uri); - curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); + free(encrypt_uri); memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); @@ -332,8 +335,11 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); if (status != CRYPTO_LIB_SUCCESS) { + free(chunk_read); + free(chunk_write); return status; } + free(chunk_read); /* JSON Response Handling */ @@ -349,6 +355,7 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); + free(chunk_write); return status; } @@ -404,11 +411,12 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint iv_decoded_len); } free(ciphertext_token_base64); + free(iv_decoded); break; } } } - + free(ciphertext_IV_base64); json_idx++; continue; } @@ -451,6 +459,8 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; fprintf(stderr, "KMC Crypto Failure Response:\n%s\n", chunk_write->response); + free(chunk_write); + free(http_code_str); return status; } free(http_code_str); @@ -461,6 +471,7 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint if (ciphertext_found == CRYPTO_FALSE) { status = CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE; + free(chunk_write); return status; } @@ -482,6 +493,8 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint // Crypto Service returns aad - cipher_text - tag memcpy(data_out, ciphertext_decoded, ciphertext_decoded_len); + free(chunk_write); + free(ciphertext_decoded); return status; } @@ -520,6 +533,7 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint if (sa_ptr->ek_ref[0] == '\0') { status = CRYPTOGRAHPY_KMC_NULL_ENCRYPTION_KEY_REFERENCE_IN_SA; + free(iv_base64); return status; } @@ -531,16 +545,19 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint snprintf(decrypt_endpoint_final, len_decrypt_endpoint, decrypt_endpoint, key_len_in_bits_str, sa_ptr->ek_ref, AES_CBC_TRANSFORMATION, iv_base64, AES_CRYPTO_ALGORITHM); + free(iv_base64); free(key_len_in_bits_str); decrypt_uri = (char *)malloc(strlen(kmc_root_uri) + len_decrypt_endpoint); decrypt_uri[0] = '\0'; strcat(decrypt_uri, kmc_root_uri); strcat(decrypt_uri, decrypt_endpoint_final); + free(decrypt_endpoint_final); #ifdef DEBUG printf("Decrypt URI: %s\n", decrypt_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, decrypt_uri); + free(decrypt_uri); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); @@ -575,6 +592,8 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); if (status != CRYPTO_LIB_SUCCESS) { + free(chunk_read); + free(chunk_write); return status; } @@ -592,6 +611,8 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); + free(chunk_read); + free(chunk_write); return status; } @@ -638,6 +659,13 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; fprintf(stderr, "KMC Crypto Failure Response:\n%s\n", chunk_write->response); + free(chunk_read); + free(chunk_write); + free(http_code_str); + if (ciphertext_found) + { + free(cleartext_base64); + } return status; } free(http_code_str); @@ -648,6 +676,8 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint if (ciphertext_found == CRYPTO_FALSE) { status = CRYPTOGRAHPY_KMC_CIPHER_TEXT_NOT_FOUND_IN_JSON_RESPONSE; + free(chunk_read); + free(chunk_write); return status; } @@ -668,6 +698,7 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint // Copy the decrypted data to the output stream // Crypto Service returns aad - clear_text memcpy(data_out, cleartext_decoded, len_data_out); + free(cleartext_decoded); return status; } @@ -733,11 +764,13 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, auth_uri[0] = '\0'; strcat(auth_uri, kmc_root_uri); strcat(auth_uri, auth_endpoint_final); + free(auth_endpoint_final); #ifdef DEBUG printf("Authentication URI: %s\n", auth_uri); #endif curl_easy_setopt(curl, CURLOPT_URL, auth_uri); + free(auth_uri); curl_easy_setopt(curl, CURLOPT_HTTPHEADER, http_headers_list); @@ -772,6 +805,8 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, status = curl_perform_with_cam_retries(curl, chunk_write, chunk_read); if (status != CRYPTO_LIB_SUCCESS) { + free(chunk_read); + free(chunk_write); return status; } @@ -789,6 +824,8 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, { status = CRYPTOGRAHPY_KMC_CRYPTO_JSON_PARSE_ERROR; printf("Failed to parse JSON: %d\n", parse_result); + free(chunk_read); + free(chunk_write); return status; } @@ -835,9 +872,14 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, if (metadata >= metadata_end) { status = CRYPTOGRAHPY_KMC_ICV_NOT_FOUND_IN_JSON_RESPONSE; + free(chunk_read); + free(chunk_write); + free(metadata); + free(key); return status; } } + free(key); } metadata += colon_idx + 1; @@ -850,6 +892,9 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, #endif json_idx++; icvtext_found = CRYPTO_TRUE; + free(chunk_read); + free(chunk_write); + free(metadata); continue; } @@ -872,6 +917,9 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, { status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; fprintf(stderr, "KMC Crypto Failure Response:\n%s\n", chunk_write->response); + free(chunk_read); + free(chunk_write); + free(icv_base64); return status; } json_idx++; @@ -882,6 +930,9 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, if (icvtext_found == CRYPTO_FALSE) { status = CRYPTOGRAHPY_KMC_ICV_NOT_FOUND_IN_JSON_RESPONSE; + free(chunk_read); + free(chunk_write); + free(icv_base64); return status; } @@ -891,6 +942,7 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, uint8_t *icv_decoded = calloc(1, B64DECODE_OUT_SAFESIZE(strlen(icv_base64)) + 1); size_t icv_decoded_len = 0; base64urlDecode(icv_base64, strlen(icv_base64), icv_decoded, &icv_decoded_len); + free(icv_base64); #ifdef DEBUG printf("Mac size: %d\n", mac_size); printf("Decoded ICV Length: %ld\n", icv_decoded_len); @@ -903,6 +955,9 @@ static int32_t cryptography_authenticate(uint8_t *data_out, size_t len_data_out, #endif memcpy(mac, icv_decoded, mac_size); + free(chunk_read); + free(chunk_write); + free(icv_decoded); return status; } @@ -1241,7 +1296,7 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, memory_write *chunk_write = (memory_write *)calloc(1, MEMORY_WRITE_SIZE); memory_read *chunk_read = (memory_read *)calloc(1, MEMORY_READ_SIZE); - ; + /* Configure CURL for POST */ curl_easy_setopt(curl, CURLOPT_POST, 1L); /* send all data to this function */ @@ -1287,6 +1342,7 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, free(chunk_read); if (encrypt_payload != NULL && aad_bool == CRYPTO_TRUE) // only needs freed if it has aad free(encrypt_payload); + return status; } @@ -1843,16 +1899,12 @@ static size_t write_callback(void *data, size_t size, size_t nmemb, void *userp) size_t realsize = size * nmemb; memory_write *mem = (memory_write *)userp; - char *ptr; - if (mem->response != NULL) - { - ptr = realloc(mem->response, mem->size + realsize + 1); - } - else + if (realsize > CURL_MAX_WRITE_SIZE) { - ptr = malloc(realsize + 1); + return 0; } + char *ptr = realloc(mem->response, mem->size + realsize + 1); if (ptr == NULL) return 0; /* out of memory! */ @@ -2156,16 +2208,17 @@ int32_t curl_response_error_check(CURL *curl_handle, char *response) } } +#ifdef DEBUG + printf("\ncURL Response Body:\n\t %s\n", response); +#endif + if (response_code != 200) // unhandled error case { response_status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE; + free(response); return response_status; } -#ifdef DEBUG - printf("\ncURL Response Body:\n\t %s\n", response); -#endif - if (response == NULL) // No response, possibly because service is CAM secured. { response_status = CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE; diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 5a272f63..874d7600 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -107,9 +107,9 @@ if((KMC_MDB_DB OR KMC_MDB_RH)) # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - # add_test(NAME UT_KMC_CRYPTO - # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto - # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + add_test(NAME UT_KMC_CRYPTO + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) # add_test(NAME UT_KMC_CRYPTO_WITH_MTLS_SADB # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_with_mtls_sadb diff --git a/test/kmc/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c index 822cd675..63c973a8 100644 --- a/test/kmc/ut_kmc_crypto.c +++ b/test/kmc/ut_kmc_crypto.c @@ -239,6 +239,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) Crypto_Shutdown(); free(raw_tc_jpl_mmt_scid44_vcid1_expect); free(ptr_enc_frame); + free(truth_data_b); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } @@ -309,6 +310,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) Crypto_Shutdown(); free(enc_tc_jpl_mmt_scid44_vcid1_expect); free(ptr_enc_frame); + free(tc_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); } @@ -566,8 +568,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) } printf("\n"); - ASSERT_EQ(0x00, tc_processed_frame->tc_pdu[0]); - ASSERT_EQ(0x00, tc_processed_frame->tc_pdu[1]); + // ASSERT_EQ(0x00, tc_processed_frame->tc_pdu[0]); + // ASSERT_EQ(0x00, tc_processed_frame->tc_pdu[1]); Crypto_Shutdown(); free(enc_tc_jpl_mmt_scid44_vcid1_expect); @@ -654,6 +656,7 @@ UTEST(KMC_CRYPTO, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) 0, 0x002c, 12, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_NO_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); int32_t status = Crypto_Init(); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); char *raw_tc_jpl_mmt_scid44_vcid1 = "202c3008000001bd37"; char *raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; @@ -665,8 +668,6 @@ UTEST(KMC_CRYPTO, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - printf("Frame before encryption:\n"); for (int i = 0; i < raw_tc_jpl_mmt_scid44_vcid1_expect_len; i++) { @@ -676,12 +677,17 @@ UTEST(KMC_CRYPTO, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) status = Crypto_TC_ApplySecurity((uint8_t *)raw_tc_jpl_mmt_scid44_vcid1_expect, raw_tc_jpl_mmt_scid44_vcid1_expect_len, &ptr_enc_frame, &enc_frame_len); - if (status != CRYPTO_LIB_SUCCESS) + + if (status == SADB_INVALID_SA_FIELD_VALUE) { - Crypto_Shutdown(); + printf(KRED "ERROR: crypto_config.h must have MAC_SIZE >= 32 for the \"else\" unit test\n" RESET); + ASSERT_EQ(SADB_INVALID_SA_FIELD_VALUE, status); + } + else + { + // we expect an InvalidAlgorithmParameterException for macLength of that size. + ASSERT_EQ(CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE, status); } - // we expect an InvalidAlgorithmParameterException for macLength of that size. - ASSERT_EQ(CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE, status); Crypto_Shutdown(); free(raw_tc_jpl_mmt_scid44_vcid1_expect); From 6f13696e0e8932bd1e4e5d6b46030cb47c74ba5c Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 2 Jan 2026 15:54:34 -0500 Subject: [PATCH 27/37] Add max bounding to write_callback --- ...hy_interface_kmc_crypto_service.template.c | 32 +++++++++++++++---- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index 98d7ebce..354bc421 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -30,12 +30,14 @@ #include "jsmn.h" #define CAM_MAX_AUTH_RETRIES 4 +#define KMC_MAX_RESPONSE_BYTES (1024 * 1024) // 1MB // libcurl call-back response handling Structures typedef struct { char *response; size_t size; + size_t max_size; } memory_write; #define MEMORY_WRITE_SIZE (sizeof(memory_write)) typedef struct @@ -1896,17 +1898,33 @@ static int32_t get_auth_algorithm_from_acs(uint8_t acs_enum, const char **algo_p // libcurl local functions static size_t write_callback(void *data, size_t size, size_t nmemb, void *userp) { - size_t realsize = size * nmemb; - memory_write *mem = (memory_write *)userp; + memory_write *mem = (memory_write *)userp; + size_t realsize = 0; + char *ptr; - if (realsize > CURL_MAX_WRITE_SIZE) - { + if (nmemb != 0 && size > SIZE_MAX / nmemb) + return 0; + realsize = size * nmemb; + + if (mem->max_size == 0) + mem->max_size = KMC_MAX_RESPONSE_BYTES; + + if (mem->size >= mem->max_size) + return 0; + + if (realsize > SIZE_MAX - mem->size - 1) + return 0; + + if (realsize > mem->max_size - mem->size - 1) return 0; - } - char *ptr = realloc(mem->response, mem->size + realsize + 1); + if (mem->response != NULL) + ptr = realloc(mem->response, mem->size + realsize + 1); + else + ptr = malloc(realsize + 1); + if (ptr == NULL) - return 0; /* out of memory! */ + return 0; mem->response = ptr; memcpy(&(mem->response[mem->size]), data, realsize); From 9c34b6e2b2bd3b3b210f61b75617296b990d9711 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 5 Jan 2026 15:17:42 -0500 Subject: [PATCH 28/37] hexstring to byte array bounds checks and UTs --- .../mariadb/sa_interface_mariadb.template.c | 66 +++++++++++++------ test/CMakeLists.txt | 6 +- test/core/shared_util.c | 19 +++--- test/include/ut_mariadb.h | 1 - test/kmc/ut_mariadb.c | 65 ++++++++++++++++-- 5 files changed, 119 insertions(+), 38 deletions(-) diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index 659d759c..6d119300 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -66,7 +66,7 @@ static const char *SQL_SADB_UPDATE_IV_ARC_BY_SPI = // sa_if mariaDB private helper functions static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **security_association); -static int32_t convert_hexstring_to_byte_array(char *hexstr, uint8_t *byte_array); +static int32_t convert_hexstring_to_byte_array(char *source_str, uint8_t *dest_buffer, uint16_t max_len); static void convert_byte_array_to_hexstring(void *src_buffer, size_t buffer_length, char *dest_str); /* @@ -571,17 +571,34 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se if (iv_byte_str != NULL) { if (sa->iv_len > 0) - convert_hexstring_to_byte_array(iv_byte_str, sa->iv); + { + status = convert_hexstring_to_byte_array(iv_byte_str, sa->iv, sa->iv_len); + } } if (sa->arsn_len > 0) - convert_hexstring_to_byte_array(arc_byte_str, sa->arsn); + { + status = convert_hexstring_to_byte_array(arc_byte_str, sa->arsn, sa->arsn_len); + } if (sa->abm_len > 0) - convert_hexstring_to_byte_array(abm_byte_str, sa->abm); + { + status = convert_hexstring_to_byte_array(abm_byte_str, sa->abm, sa->abm_len); + } if (sa->ecs_len > 0) - convert_hexstring_to_byte_array(ecs_byte_str, &sa->ecs); + { + status = convert_hexstring_to_byte_array(ecs_byte_str, &sa->ecs, sa->ecs_len); + } if (sa->acs_len > 0) - convert_hexstring_to_byte_array(acs_byte_str, &sa->acs); + { + status = convert_hexstring_to_byte_array(acs_byte_str, &sa->acs, sa->acs_len); + } + + if (status != CRYPTO_LIB_SUCCESS) + { + status = SADB_INVALID_SA_FIELD_VALUE; + mc_if->mc_log(status); + return status; + } // arsnw_len is not necessary for mariadb interface, putty dummy/default value for prints. sa->arsnw_len = 1; @@ -596,20 +613,31 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se return status; } -static int32_t convert_hexstring_to_byte_array(char *source_str, uint8_t *dest_buffer) -{ // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 - char *line = source_str; - char *data = line; - int offset; - unsigned int read_byte; - uint32_t data_len = 0; - while (sscanf(data, " %02x%n", &read_byte, &offset) == 1) - { - dest_buffer[data_len++] = read_byte; - data += offset; - } - return data_len; +static int32_t convert_hexstring_to_byte_array(char *source_str, uint8_t *dest_buffer, uint16_t max_len) +{ // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 + int offset; + unsigned int read_byte; + uint32_t data_len = 0; + + if (dest_buffer == NULL || source_str == NULL) + { + return CRYPTO_LIB_ERROR; + } + + uint32_t source_len = (strlen(source_str) / 2); + if (source_len > max_len) + { + return CRYPTO_LIB_ERROR; + } + + while (sscanf(source_str, " %02x%n", &read_byte, &offset) == 1) + { + dest_buffer[data_len++] = read_byte; + source_str += offset; + } + + return CRYPTO_LIB_SUCCESS; } static void convert_byte_array_to_hexstring(void *src_buffer, size_t buffer_length, char *dest_str) diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 874d7600..39c228c5 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -103,9 +103,9 @@ if((KMC_MDB_DB OR KMC_MDB_RH)) # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mysql_m_tls_connection # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - # add_test(NAME UT_MARIADB - # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb - # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + add_test(NAME UT_MARIADB + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) add_test(NAME UT_KMC_CRYPTO COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto diff --git a/test/core/shared_util.c b/test/core/shared_util.c index 0f5111b4..29fc56b2 100644 --- a/test/core/shared_util.c +++ b/test/core/shared_util.c @@ -65,18 +65,16 @@ char *c_read_file(const char *f_name, long *f_size) * @param dest_buffer: uint8*, The destination char array from which the hex array will be converted to bytes * @return int length of dest_buffer **/ -int convert_hexstring_to_byte_array(char *source_str, char *dest_buffer) -{ - char *line = source_str; - char *data = line; - int offset; - int read_byte; - int data_len = 0; +int32_t convert_hexstring_to_byte_array(char *source_str, char *dest_buffer) +{ // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 + int offset; + unsigned int read_byte; + uint32_t data_len = 0; - while (sscanf(data, " %02x%n", &read_byte, &offset) == 1) + while (sscanf(source_str, " %02x%n", &read_byte, &offset) == 1) { dest_buffer[data_len++] = read_byte; - data += offset; + source_str += offset; } return data_len; } @@ -93,7 +91,8 @@ int convert_hexstring_to_byte_array(char *source_str, char *dest_buffer) void hex_conversion(char *buffer_h, char **buffer_b, int *buffer_b_length) { // Convert input plaintext - *buffer_b = (char *)malloc((strlen(buffer_h) / 2) * sizeof(char)); + uint16_t dest_len = (strlen(buffer_h) / 2); + *buffer_b = (char *)malloc(dest_len * sizeof(char)); *buffer_b_length = convert_hexstring_to_byte_array(buffer_h, *buffer_b); } diff --git a/test/include/ut_mariadb.h b/test/include/ut_mariadb.h index aaeb37a6..11d23e2c 100644 --- a/test/include/ut_mariadb.h +++ b/test/include/ut_mariadb.h @@ -25,7 +25,6 @@ extern "C" #endif #include "crypto.h" -#include "shared_util.h" #include #ifdef __cplusplus diff --git a/test/kmc/ut_mariadb.c b/test/kmc/ut_mariadb.c index 830ca65c..35ee29ab 100644 --- a/test/kmc/ut_mariadb.c +++ b/test/kmc/ut_mariadb.c @@ -20,13 +20,68 @@ * Unit Tests that make use of Maria DB **/ #include "ut_mariadb.h" -#include "crypto_error.h" -#include "sa_interface.h" #include "utest.h" -#include "crypto.h" -#include "shared_util.h" -#include +// local copy of function from mariadb interface +static int32_t convert_hexstring_to_byte_array(char *source_str, uint8_t *dest_buffer, uint16_t max_len) +{ // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 + int offset; + unsigned int read_byte; + uint32_t data_len = 0; + + if (dest_buffer == NULL || source_str == NULL) + { + return CRYPTO_LIB_ERROR; + } + + uint32_t source_len = (strlen(source_str) / 2); + if (source_len > max_len) + { + return CRYPTO_LIB_ERROR; + } + + while (sscanf(source_str, " %02x%n", &read_byte, &offset) == 1) + { + dest_buffer[data_len++] = read_byte; + source_str += offset; + } + + return CRYPTO_LIB_SUCCESS; +} + +UTEST(CRYPTO_MDB, HEXSTRING_TO_BYTE_ARRAY) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t max_len = IV_SIZE; + uint8_t *dest_buffer = malloc(IV_SIZE); + uint8_t *dest_buffer_null = NULL; + + // Failure Case, wrong source length + char *source_str = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); + printf("Status: %d\n", status); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + + // Failure Case, null dest_buffer + source_str = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + status = convert_hexstring_to_byte_array(source_str, dest_buffer_null, max_len); + printf("Status: %d\n", status); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + + // Failure Case, null source_str + source_str = NULL; + status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); + printf("Status: %d\n", status); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + + // Success case, correct length source string and max + source_str = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); + printf("Status: %d\n", status); + ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + + free(dest_buffer); +} // #ifdef KMC_MDB_RH // #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" From b993d49d56a828314d3070beaf33454adc70a400 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Tue, 6 Jan 2026 14:55:36 -0500 Subject: [PATCH 29/37] Base64 decode buffer length checking --- include/crypto_error.h | 3 +- src/core/crypto_error.c | 1 + src/crypto/kmc/base64.c | 14 +- src/crypto/kmc/base64.h | 2 +- ...hy_interface_kmc_crypto_service.template.c | 36 ++- test/CMakeLists.txt | 4 + test/include/ut_b64.h | 34 +++ test/kmc/ut_b64.c | 243 ++++++++++++++++++ 8 files changed, 328 insertions(+), 9 deletions(-) create mode 100644 test/include/ut_b64.h create mode 100644 test/kmc/ut_b64.c diff --git a/include/crypto_error.h b/include/crypto_error.h index f5d0f150..2966643d 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -58,6 +58,7 @@ #define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE 513 #define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR 514 #define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR 515 +#define CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR 516 #define CAM_CONFIG_NOT_SUPPORTED_ERROR 600 #define CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL 601 @@ -165,7 +166,7 @@ #define CAM_ERROR_CODES_MAX 610 #define KMC_ERROR_CODES 500 -#define KMC_ERROR_CODES_MAX 515 +#define KMC_ERROR_CODES_MAX 516 #define CRYPTO_INTERFACE_ERROR_CODES 400 #define CRYPTO_INTERFACE_ERROR_CODES_MAX 402 diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index d20c9c2d..a4655cb1 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -155,6 +155,7 @@ char *crypto_enum_errlist_crypto_kmc[] = { (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE", (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR", (char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR", + (char *)"CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR", }; char *crypto_enum_errlist_crypto_cam[] = { diff --git a/src/crypto/kmc/base64.c b/src/crypto/kmc/base64.c index e2670c07..f6fbf648 100644 --- a/src/crypto/kmc/base64.c +++ b/src/crypto/kmc/base64.c @@ -174,7 +174,7 @@ void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *ou * @return Error code **/ -int32_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t *outputLen) +int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, size_t *outputLen) { int32_t error; uint32_t value; @@ -194,6 +194,18 @@ int32_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t // Initialize status code error = NO_ERROR; + // Check expected output buffer size is large enough for decoded input + uint16_t outputLen_expected = 0; + uint8_t padding = 0; + if (inputLen >= 1 && input[inputLen-1] == '=') + padding++; + if (inputLen >= 2 && input[inputLen-2] == '=') + padding++; + outputLen_expected = ((inputLen * 3) / 4) - padding; + + if (decoded_buffer_size < outputLen_expected) + return ERROR_INVALID_LENGTH; + // Point to the buffer where to write the decoded data p = (uint8_t *)output; diff --git a/src/crypto/kmc/base64.h b/src/crypto/kmc/base64.h index ca7407f0..5a886b74 100644 --- a/src/crypto/kmc/base64.h +++ b/src/crypto/kmc/base64.h @@ -47,7 +47,7 @@ extern "C" // Base64 encoding related functions void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *outputLen); - int32_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t *outputLen); + int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, size_t *outputLen); #define ERROR_INVALID_PARAMETER 21 #define ERROR_INVALID_LENGTH 22 diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index 354bc421..483f89cb 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -479,9 +479,15 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint /* JSON Response Handling End */ - uint8_t *ciphertext_decoded = malloc((len_data_out)*2 + 1); + uint16_t decoded_buffer_size = (len_data_out)*2 + 1; + uint8_t *ciphertext_decoded = malloc(decoded_buffer_size); size_t ciphertext_decoded_len = 0; - base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, &ciphertext_decoded_len); + if (base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len) != 0) + { + free(chunk_write); + free(ciphertext_decoded); + return CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR; + } #ifdef DEBUG printf("Decoded Cipher Text Length: %ld\n", ciphertext_decoded_len); printf("Decoded Cipher Text: \n"); @@ -685,9 +691,15 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint /* JSON Response Handling End */ - uint8_t *cleartext_decoded = malloc((len_data_out)*2 + 1); + uint16_t decoded_buffer_size = (len_data_out)*2 + 1; + uint8_t *cleartext_decoded = malloc(decoded_buffer_size); size_t cleartext_decoded_len = 0; - base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, &cleartext_decoded_len); + if (base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, decoded_buffer_size, &cleartext_decoded_len) != 0) + { + free(chunk_write); + free(cleartext_decoded); + return CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR; + } #ifdef DEBUG printf("Decoded Cipher Text Length: %ld\n", cleartext_decoded_len); printf("Decoded Cipher Text: \n"); @@ -1528,9 +1540,15 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, /* JSON Response Handling End */ + uint16_t decoded_buffer_size = (len_data_out + mac_size + aad_len) * 2 + 1; uint8_t *ciphertext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1); size_t ciphertext_decoded_len = 0; - base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, &ciphertext_decoded_len); + if (base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len) != 0) + { + free(chunk_write); + free(ciphertext_base64); + return CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR; + } #ifdef DEBUG printf("Mac size: %d\n", mac_size); printf("Decoded Cipher Text Length: %ld\n", ciphertext_decoded_len); @@ -1836,9 +1854,15 @@ static int32_t cryptography_aead_decrypt(uint8_t *data_out, size_t len_data_out, /* JSON Response Handling End */ + uint16_t decoded_buffer_size = (len_data_out + mac_size + aad_len) * 2 + 1; uint8_t *cleartext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1); size_t cleartext_decoded_len = 0; - base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, &cleartext_decoded_len); + if (base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, decoded_buffer_size, &cleartext_decoded_len) != 0) + { + free(chunk_write); + free(cleartext_base64); + return CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR; + } #ifdef DEBUG printf("Decoded Cipher Text Length: %ld\n", cleartext_decoded_len); printf("Decoded Cipher Text: \n"); diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 39c228c5..a409c461 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -106,6 +106,10 @@ if((KMC_MDB_DB OR KMC_MDB_RH)) add_test(NAME UT_MARIADB COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + + add_test(NAME UT_B64 + COMMAND ${PROJECT_BINARY_DIR}/bin/ut_b64 + WORKING_DIRECTORY ${PROJECT_TEST_DIR}) add_test(NAME UT_KMC_CRYPTO COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto diff --git a/test/include/ut_b64.h b/test/include/ut_b64.h new file mode 100644 index 00000000..452e89ac --- /dev/null +++ b/test/include/ut_b64.h @@ -0,0 +1,34 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +#ifndef CRYPTOLIB_UT_B64_H +#define CRYPTOLIB_UT_B64_H + +#ifdef __cplusplus +extern "C" +{ +#endif + +#include "crypto.h" +#include + +#ifdef __cplusplus +} /* Close scope of 'extern "C"' declaration which encloses file. */ +#endif + +#endif // CRYPTOLIB_UT_B64_H \ No newline at end of file diff --git a/test/kmc/ut_b64.c b/test/kmc/ut_b64.c new file mode 100644 index 00000000..c0a26b4c --- /dev/null +++ b/test/kmc/ut_b64.c @@ -0,0 +1,243 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +/** + * Unit Tests that make use of Maria DB + **/ +#include "ut_b64.h" +#include "utest.h" + +typedef char char_t; +typedef unsigned int uint_t; + +// Base64 encoding table +// static const char_t base64EncTable[64] = { +// 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', +// 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', +// 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'}; + +// Base64 decoding table +static const uint8_t base64DecTable[128] = { + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x3E, 0xFF, 0xFF, 0xFF, 0x3F, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A, 0x3B, 0x3C, + 0x3D, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, + 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0xFF, 0xFF, 0xFF, 0xFF, + 0xFF, 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, + 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; + + +#define ERROR_INVALID_PARAMETER 21 +#define ERROR_INVALID_LENGTH 22 +#define ERROR_INVALID_CHARACTER 23 +#define NO_ERROR 0 + +// local copy of function from base64.c +int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, size_t *outputLen) +{ + int32_t error; + uint32_t value; + uint_t c; + size_t i; + size_t j; + size_t n; + size_t padLen; + uint8_t *p; + + // Check parameters + if (input == NULL && inputLen != 0) + return ERROR_INVALID_PARAMETER; + if (outputLen == NULL) + return ERROR_INVALID_PARAMETER; + + // Initialize status code + error = NO_ERROR; + + // Check expected output buffer size is large enough for decoded input + uint16_t outputLen_expected = 0; + uint8_t padding = 0; + if (inputLen >= 1 && input[inputLen-1] == '=') + padding++; + if (inputLen >= 2 && input[inputLen-2] == '=') + padding++; + outputLen_expected = ((inputLen * 3) / 4) - padding; + + // Special debug prints for UT + printf("InputLen: %ld\n \ + Expected Dec Buf Length: %d\n \ + Passed In Dec Length: %d\n", inputLen, outputLen_expected, decoded_buffer_size); + + if (decoded_buffer_size < outputLen_expected) + return ERROR_INVALID_LENGTH; + + // Point to the buffer where to write the decoded data + p = (uint8_t *)output; + + // Initialize variables + j = 0; + n = 0; + value = 0; + padLen = 0; + + // Process the Base64-encoded string + for (i = 0; i < inputLen && !error; i++) + { + // Get current character + c = (uint_t)input[i]; + + // Check the value of the current character + if (c == '\r' || c == '\n') + { + // CR and LF characters should be ignored + } + else if (c == '=') + { + // Increment the number of pad characters + padLen++; + } + else if (c < 128 && base64DecTable[c] < 64 && padLen == 0) + { + // Decode the current character + value = (value << 6) | base64DecTable[c]; + + // Divide the input stream into blocks of 4 characters + if (++j == 4) + { + // Map each 4-character block to 3 bytes + if (p != NULL) + { + p[n] = (value >> 16) & 0xFF; + p[n + 1] = (value >> 8) & 0xFF; + p[n + 2] = value & 0xFF; + } + + // Adjust the length of the decoded data + n += 3; + + // Decode next block + j = 0; + value = 0; + } + } + else + { + // Implementations must reject the encoded data if it contains + // characters outside the base alphabet (refer to RFC 4648, + // section 3.3) + error = ERROR_INVALID_CHARACTER; + } + } + + // Check status code + if (!error) + { + // Check the number of pad characters + if (padLen == 0 && j == 0) + { + // No pad characters in this case + } + else if (padLen == 1 && j == 3) + { + // The "=" sequence indicates that the last block contains only 2 bytes + if (p != NULL) + { + // Decode the last two bytes + p[n] = (value >> 10) & 0xFF; + p[n + 1] = (value >> 2) & 0xFF; + } + + // Adjust the length of the decoded data + n += 2; + } + else if (padLen == 2 && j == 2) + { + // The "==" sequence indicates that the last block contains only 1 byte + if (p != NULL) + { + // Decode the last byte + p[n] = (value >> 4) & 0xFF; + } + + // Adjust the length of the decoded data + n++; + // Skip trailing pad characters + i++; + } + else + { + // The length of the input string must be a multiple of 4 + error = ERROR_INVALID_LENGTH; + } + } + + // Total number of bytes that have been written + *outputLen = n; + + // Return status code + return error; +} + +UTEST(CRYPTO_B64, OVERSIZE_DECODE) +{ + int32_t status = CRYPTO_LIB_ERROR; + + // Success Case, This_one_is_just_the_right_size (len = 31) + char *ciphertext_base64 = "VGhpc19vbmVfaXNfanVzdF90aGVfcmlnaHRfc2l6ZQ=="; + uint8_t len_data_out = 15; + uint16_t decoded_buffer_size = (len_data_out)*2 + 1; // 31 + uint8_t *ciphertext_decoded = malloc(decoded_buffer_size); + size_t ciphertext_decoded_len = 0; + status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len); + printf("Status: %d\n\n", status); + free(ciphertext_decoded); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Success Case, This_one_allocates_too_much (len = 27) + ciphertext_base64 = "VGhpc19vbmVfYWxsb2NhdGVzX3Rvb19tdWNo"; + len_data_out = 15; + decoded_buffer_size = (len_data_out)*2 + 1; // 31 + ciphertext_decoded = malloc(decoded_buffer_size); + ciphertext_decoded_len = 0; + status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len); + printf("Status: %d\n\n", status); + free(ciphertext_decoded); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + // Failure Case, This_one_is_2_too_short (len = 23) + ciphertext_base64 = "VGhpc19vbmVfaXNfMl90b29fc2hvcnQ="; + len_data_out = 10; + decoded_buffer_size = (len_data_out)*2 + 1; + ciphertext_decoded = malloc(decoded_buffer_size); + ciphertext_decoded_len = 0; + status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len); + printf("Status: %d\n\n", status); + free(ciphertext_decoded); + ASSERT_EQ(ERROR_INVALID_LENGTH, status); + + // Failure Case, This_one_is_1_tooo_short (len = 24) + ciphertext_base64 = "VGhpc19vbmVfaXNfMV90b29vX3Nob3J0"; + len_data_out = 11; + decoded_buffer_size = (len_data_out)*2 + 1; + ciphertext_decoded = malloc(decoded_buffer_size); + ciphertext_decoded_len = 0; + status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len); + printf("Status: %d\n\n", status); + free(ciphertext_decoded); + ASSERT_EQ(ERROR_INVALID_LENGTH, status); +} +UTEST_MAIN() \ No newline at end of file From bcaebc1b863282766deb785b431839907477c893 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Wed, 7 Jan 2026 14:51:52 +0000 Subject: [PATCH 30/37] style: auto-format via clang-format --- src/core/crypto_aos.c | 12 +- src/core/crypto_config.c | 4 +- src/crypto/kmc/base64url.c | 6 +- ...hy_interface_kmc_crypto_service.template.c | 10 +- .../mariadb/sa_interface_mariadb.template.c | 44 ++++---- test/core/shared_util.c | 4 +- test/kmc/ut_mariadb.c | 105 +++++++++--------- 7 files changed, 95 insertions(+), 90 deletions(-) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index fb398ba8..0d6aa8f0 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -806,10 +806,12 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) int32_t Crypto_AOS_Verify_Frame_Lengths(uint16_t len_ingest) { - uint8_t fhec_len = aos_current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC ? FHECF_SIZE : 0; - uint16_t iz_len = aos_current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ ? aos_current_managed_parameters_struct.aos_iz_len : 0; - uint8_t ocf_len = aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF ? OCF_SIZE : 0; - uint8_t fecf_len = aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF ? FECF_SIZE : 0; + uint8_t fhec_len = aos_current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC ? FHECF_SIZE : 0; + uint16_t iz_len = aos_current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ + ? aos_current_managed_parameters_struct.aos_iz_len + : 0; + uint8_t ocf_len = aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF ? OCF_SIZE : 0; + uint8_t fecf_len = aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF ? FECF_SIZE : 0; uint16_t expected_frame_length = AOS_MIN_SIZE + fhec_len + SPI_LEN + iz_len + ocf_len + fecf_len; if (len_ingest < expected_frame_length) { @@ -908,7 +910,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t { return status; } - + // Increment to end of Primary Header start, depends on FHECF presence byte_idx = 6; if (aos_current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index a0627622..0d46955c 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -752,7 +752,7 @@ int32_t Crypto_Config_Cam(uint8_t cam_enabled, char *cookie_file_path, char *key { int32_t status = CRYPTO_LIB_SUCCESS; - cam_config = (CamConfig_t *)calloc(1, CAM_CONFIG_SIZE); + cam_config = (CamConfig_t *)calloc(1, CAM_CONFIG_SIZE); if (cam_config == NULL) { return CRYPTO_LIB_ERROR; @@ -764,7 +764,7 @@ int32_t Crypto_Config_Cam(uint8_t cam_enabled, char *cookie_file_path, char *key cam_config = NULL; return CAM_CONFIG_NOT_SUPPORTED_ERROR; } - + if (Crypto_is_safe_path(keytab_file_path) != CRYPTO_LIB_SUCCESS) { free(cam_config); diff --git a/src/crypto/kmc/base64url.c b/src/crypto/kmc/base64url.c index 54299777..589157c5 100644 --- a/src/crypto/kmc/base64url.c +++ b/src/crypto/kmc/base64url.c @@ -217,13 +217,15 @@ int32_t base64urlDecode(const char_t *input, size_t inputLen, void *output, size return ERROR_INVALID_PARAMETER; // Empty input is valid; produce empty output - if (inputLen == 0) { + if (inputLen == 0) + { *outputLen = 0; return NO_ERROR; } // Safely strip optional '=' padding - while (inputLen > 0 && input[inputLen - 1] == '=') { + while (inputLen > 0 && input[inputLen - 1] == '=') + { inputLen--; } diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index 354bc421..34632c27 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -29,7 +29,7 @@ // JSON marshalling libraries #include "jsmn.h" -#define CAM_MAX_AUTH_RETRIES 4 +#define CAM_MAX_AUTH_RETRIES 4 #define KMC_MAX_RESPONSE_BYTES (1024 * 1024) // 1MB // libcurl call-back response handling Structures @@ -1344,7 +1344,7 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, free(chunk_read); if (encrypt_payload != NULL && aad_bool == CRYPTO_TRUE) // only needs freed if it has aad free(encrypt_payload); - + return status; } @@ -1898,9 +1898,9 @@ static int32_t get_auth_algorithm_from_acs(uint8_t acs_enum, const char **algo_p // libcurl local functions static size_t write_callback(void *data, size_t size, size_t nmemb, void *userp) { - memory_write *mem = (memory_write *)userp; - size_t realsize = 0; - char *ptr; + memory_write *mem = (memory_write *)userp; + size_t realsize = 0; + char *ptr; if (nmemb != 0 && size > SIZE_MAX / nmemb) return 0; diff --git a/src/sa/mariadb/sa_interface_mariadb.template.c b/src/sa/mariadb/sa_interface_mariadb.template.c index 6d119300..b1bd58e2 100644 --- a/src/sa/mariadb/sa_interface_mariadb.template.c +++ b/src/sa/mariadb/sa_interface_mariadb.template.c @@ -616,28 +616,28 @@ static int32_t parse_sa_from_mysql_query(char *query, SecurityAssociation_t **se static int32_t convert_hexstring_to_byte_array(char *source_str, uint8_t *dest_buffer, uint16_t max_len) { // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 - int offset; - unsigned int read_byte; - uint32_t data_len = 0; - - if (dest_buffer == NULL || source_str == NULL) - { - return CRYPTO_LIB_ERROR; - } - - uint32_t source_len = (strlen(source_str) / 2); - if (source_len > max_len) - { - return CRYPTO_LIB_ERROR; - } - - while (sscanf(source_str, " %02x%n", &read_byte, &offset) == 1) - { - dest_buffer[data_len++] = read_byte; - source_str += offset; - } - - return CRYPTO_LIB_SUCCESS; + int offset; + unsigned int read_byte; + uint32_t data_len = 0; + + if (dest_buffer == NULL || source_str == NULL) + { + return CRYPTO_LIB_ERROR; + } + + uint32_t source_len = (strlen(source_str) / 2); + if (source_len > max_len) + { + return CRYPTO_LIB_ERROR; + } + + while (sscanf(source_str, " %02x%n", &read_byte, &offset) == 1) + { + dest_buffer[data_len++] = read_byte; + source_str += offset; + } + + return CRYPTO_LIB_SUCCESS; } static void convert_byte_array_to_hexstring(void *src_buffer, size_t buffer_length, char *dest_str) diff --git a/test/core/shared_util.c b/test/core/shared_util.c index 29fc56b2..67588c6d 100644 --- a/test/core/shared_util.c +++ b/test/core/shared_util.c @@ -92,8 +92,8 @@ void hex_conversion(char *buffer_h, char **buffer_b, int *buffer_b_length) { // Convert input plaintext uint16_t dest_len = (strlen(buffer_h) / 2); - *buffer_b = (char *)malloc(dest_len * sizeof(char)); - *buffer_b_length = convert_hexstring_to_byte_array(buffer_h, *buffer_b); + *buffer_b = (char *)malloc(dest_len * sizeof(char)); + *buffer_b_length = convert_hexstring_to_byte_array(buffer_h, *buffer_b); } #ifdef DEBUG diff --git a/test/kmc/ut_mariadb.c b/test/kmc/ut_mariadb.c index 35ee29ab..715e7f3f 100644 --- a/test/kmc/ut_mariadb.c +++ b/test/kmc/ut_mariadb.c @@ -25,62 +25,63 @@ // local copy of function from mariadb interface static int32_t convert_hexstring_to_byte_array(char *source_str, uint8_t *dest_buffer, uint16_t max_len) { // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 - int offset; - unsigned int read_byte; - uint32_t data_len = 0; - - if (dest_buffer == NULL || source_str == NULL) - { - return CRYPTO_LIB_ERROR; - } - - uint32_t source_len = (strlen(source_str) / 2); - if (source_len > max_len) - { - return CRYPTO_LIB_ERROR; - } - - while (sscanf(source_str, " %02x%n", &read_byte, &offset) == 1) - { - dest_buffer[data_len++] = read_byte; - source_str += offset; - } - - return CRYPTO_LIB_SUCCESS; + int offset; + unsigned int read_byte; + uint32_t data_len = 0; + + if (dest_buffer == NULL || source_str == NULL) + { + return CRYPTO_LIB_ERROR; + } + + uint32_t source_len = (strlen(source_str) / 2); + if (source_len > max_len) + { + return CRYPTO_LIB_ERROR; + } + + while (sscanf(source_str, " %02x%n", &read_byte, &offset) == 1) + { + dest_buffer[data_len++] = read_byte; + source_str += offset; + } + + return CRYPTO_LIB_SUCCESS; } UTEST(CRYPTO_MDB, HEXSTRING_TO_BYTE_ARRAY) { - int32_t status = CRYPTO_LIB_SUCCESS; - uint16_t max_len = IV_SIZE; - uint8_t *dest_buffer = malloc(IV_SIZE); - uint8_t *dest_buffer_null = NULL; - - // Failure Case, wrong source length - char *source_str = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; - status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); - printf("Status: %d\n", status); - ASSERT_EQ(status, CRYPTO_LIB_ERROR); - - // Failure Case, null dest_buffer - source_str = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; - status = convert_hexstring_to_byte_array(source_str, dest_buffer_null, max_len); - printf("Status: %d\n", status); - ASSERT_EQ(status, CRYPTO_LIB_ERROR); - - // Failure Case, null source_str - source_str = NULL; - status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); - printf("Status: %d\n", status); - ASSERT_EQ(status, CRYPTO_LIB_ERROR); - - // Success case, correct length source string and max - source_str = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; - status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); - printf("Status: %d\n", status); - ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); - - free(dest_buffer); + int32_t status = CRYPTO_LIB_SUCCESS; + uint16_t max_len = IV_SIZE; + uint8_t *dest_buffer = malloc(IV_SIZE); + uint8_t *dest_buffer_null = NULL; + + // Failure Case, wrong source length + char *source_str = + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); + printf("Status: %d\n", status); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + + // Failure Case, null dest_buffer + source_str = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + status = convert_hexstring_to_byte_array(source_str, dest_buffer_null, max_len); + printf("Status: %d\n", status); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + + // Failure Case, null source_str + source_str = NULL; + status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); + printf("Status: %d\n", status); + ASSERT_EQ(status, CRYPTO_LIB_ERROR); + + // Success case, correct length source string and max + source_str = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"; + status = convert_hexstring_to_byte_array(source_str, dest_buffer, max_len); + printf("Status: %d\n", status); + ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); + + free(dest_buffer); } // #ifdef KMC_MDB_RH From 6115e36e2f7972a057d37af221be55726d0e15a1 Mon Sep 17 00:00:00 2001 From: zlynch2 Date: Wed, 7 Jan 2026 10:55:53 -0500 Subject: [PATCH 31/37] [nasa/nos3#816] cryptolib license update --- LICENSE | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/LICENSE b/LICENSE index adc436e7..597552aa 100644 --- a/LICENSE +++ b/LICENSE @@ -19,7 +19,7 @@ Government Agency Original Software Title: User Registration Requested. Please Visit https://github.com/nasa/CryptoLib Government Agency Point of Contact for Original Software: - John.P.Lucas@nasa.gov + Justin.R.Morris@nasa.gov 1. DEFINITIONS @@ -260,4 +260,4 @@ Recipient hereby agrees to all terms and conditions herein. F. Point of Contact: Any Recipient contact with Government Agency is to be directed to the designated representative as follows: - John.P.Lucas@nasa.gov \ No newline at end of file + Justin.R.Morris@nasa.gov \ No newline at end of file From 89aea1476fee81c805aacdf3cee3ee02526c85d0 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 8 Jan 2026 10:24:49 -0500 Subject: [PATCH 32/37] Update codeql actions to v4 --- .github/workflows/codeql.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 174b2a1d..04121ce9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -55,7 +55,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -66,7 +66,7 @@ jobs: bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{matrix.language}}" @@ -107,7 +107,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -118,7 +118,7 @@ jobs: bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{matrix.language}}" @@ -185,7 +185,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -196,7 +196,7 @@ jobs: bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{matrix.language}}" @@ -237,7 +237,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -248,7 +248,7 @@ jobs: bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{matrix.language}}" @@ -289,7 +289,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -300,6 +300,6 @@ jobs: bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{matrix.language}}" \ No newline at end of file From 788be4a924a390634b94279aec4e853409ec6fe0 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Thu, 8 Jan 2026 10:33:45 -0500 Subject: [PATCH 33/37] Update codeql container image --- .github/workflows/codeql.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 04121ce9..70c55c39 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,7 +22,7 @@ jobs: name: Analyze Build_Internal runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20250108 + image: ivvitc/cryptolib:dev permissions: # required for all workflows security-events: write @@ -74,7 +74,7 @@ jobs: name: Analyze Build_Minimal runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20250108 + image: ivvitc/cryptolib:dev permissions: # required for all workflows security-events: write @@ -126,7 +126,7 @@ jobs: name: Analyze Build_Wolf runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20250108 + image: ivvitc/cryptolib:dev permissions: # required for all workflows security-events: write @@ -204,7 +204,7 @@ jobs: name: Analyze Build_RHEL runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20250108 + image: ivvitc/cryptolib:dev permissions: # required for all workflows security-events: write @@ -256,7 +256,7 @@ jobs: name: Analyze Build_EP runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} container: - image: ivvitc/cryptolib:20250108 + image: ivvitc/cryptolib:dev permissions: # required for all workflows security-events: write From 2da19fd931d13d09f132bd80dbd1d04926f88108 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Fri, 9 Jan 2026 15:06:48 +0000 Subject: [PATCH 34/37] style: auto-format via clang-format --- src/crypto/kmc/base64.c | 9 ++--- src/crypto/kmc/base64.h | 3 +- ...hy_interface_kmc_crypto_service.template.c | 20 ++++++----- test/kmc/ut_b64.c | 35 +++++++++++-------- 4 files changed, 39 insertions(+), 28 deletions(-) diff --git a/src/crypto/kmc/base64.c b/src/crypto/kmc/base64.c index f6fbf648..277ce9c2 100644 --- a/src/crypto/kmc/base64.c +++ b/src/crypto/kmc/base64.c @@ -174,7 +174,8 @@ void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *ou * @return Error code **/ -int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, size_t *outputLen) +int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, + size_t *outputLen) { int32_t error; uint32_t value; @@ -196,10 +197,10 @@ int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_ // Check expected output buffer size is large enough for decoded input uint16_t outputLen_expected = 0; - uint8_t padding = 0; - if (inputLen >= 1 && input[inputLen-1] == '=') + uint8_t padding = 0; + if (inputLen >= 1 && input[inputLen - 1] == '=') padding++; - if (inputLen >= 2 && input[inputLen-2] == '=') + if (inputLen >= 2 && input[inputLen - 2] == '=') padding++; outputLen_expected = ((inputLen * 3) / 4) - padding; diff --git a/src/crypto/kmc/base64.h b/src/crypto/kmc/base64.h index 5a886b74..35369326 100644 --- a/src/crypto/kmc/base64.h +++ b/src/crypto/kmc/base64.h @@ -47,7 +47,8 @@ extern "C" // Base64 encoding related functions void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *outputLen); - int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, size_t *outputLen); + int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, + size_t *outputLen); #define ERROR_INVALID_PARAMETER 21 #define ERROR_INVALID_LENGTH 22 diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index 5010264d..a4468c28 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -479,10 +479,11 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint /* JSON Response Handling End */ - uint16_t decoded_buffer_size = (len_data_out)*2 + 1; + uint16_t decoded_buffer_size = (len_data_out)*2 + 1; uint8_t *ciphertext_decoded = malloc(decoded_buffer_size); size_t ciphertext_decoded_len = 0; - if (base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len) != 0) + if (base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, + &ciphertext_decoded_len) != 0) { free(chunk_write); free(ciphertext_decoded); @@ -691,10 +692,11 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint /* JSON Response Handling End */ - uint16_t decoded_buffer_size = (len_data_out)*2 + 1; + uint16_t decoded_buffer_size = (len_data_out)*2 + 1; uint8_t *cleartext_decoded = malloc(decoded_buffer_size); size_t cleartext_decoded_len = 0; - if (base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, decoded_buffer_size, &cleartext_decoded_len) != 0) + if (base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, decoded_buffer_size, + &cleartext_decoded_len) != 0) { free(chunk_write); free(cleartext_decoded); @@ -1540,10 +1542,11 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out, /* JSON Response Handling End */ - uint16_t decoded_buffer_size = (len_data_out + mac_size + aad_len) * 2 + 1; + uint16_t decoded_buffer_size = (len_data_out + mac_size + aad_len) * 2 + 1; uint8_t *ciphertext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1); size_t ciphertext_decoded_len = 0; - if (base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len) != 0) + if (base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, + &ciphertext_decoded_len) != 0) { free(chunk_write); free(ciphertext_base64); @@ -1854,10 +1857,11 @@ static int32_t cryptography_aead_decrypt(uint8_t *data_out, size_t len_data_out, /* JSON Response Handling End */ - uint16_t decoded_buffer_size = (len_data_out + mac_size + aad_len) * 2 + 1; + uint16_t decoded_buffer_size = (len_data_out + mac_size + aad_len) * 2 + 1; uint8_t *cleartext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1); size_t cleartext_decoded_len = 0; - if (base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, decoded_buffer_size, &cleartext_decoded_len) != 0) + if (base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, decoded_buffer_size, + &cleartext_decoded_len) != 0) { free(chunk_write); free(cleartext_base64); diff --git a/test/kmc/ut_b64.c b/test/kmc/ut_b64.c index c0a26b4c..5c696256 100644 --- a/test/kmc/ut_b64.c +++ b/test/kmc/ut_b64.c @@ -41,14 +41,14 @@ static const uint8_t base64DecTable[128] = { 0xFF, 0xFF, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; - #define ERROR_INVALID_PARAMETER 21 #define ERROR_INVALID_LENGTH 22 #define ERROR_INVALID_CHARACTER 23 #define NO_ERROR 0 // local copy of function from base64.c -int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, size_t *outputLen) +int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, + size_t *outputLen) { int32_t error; uint32_t value; @@ -70,17 +70,18 @@ int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_ // Check expected output buffer size is large enough for decoded input uint16_t outputLen_expected = 0; - uint8_t padding = 0; - if (inputLen >= 1 && input[inputLen-1] == '=') + uint8_t padding = 0; + if (inputLen >= 1 && input[inputLen - 1] == '=') padding++; - if (inputLen >= 2 && input[inputLen-2] == '=') + if (inputLen >= 2 && input[inputLen - 2] == '=') padding++; outputLen_expected = ((inputLen * 3) / 4) - padding; // Special debug prints for UT printf("InputLen: %ld\n \ Expected Dec Buf Length: %d\n \ - Passed In Dec Length: %d\n", inputLen, outputLen_expected, decoded_buffer_size); + Passed In Dec Length: %d\n", + inputLen, outputLen_expected, decoded_buffer_size); if (decoded_buffer_size < outputLen_expected) return ERROR_INVALID_LENGTH; @@ -194,26 +195,28 @@ int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_ UTEST(CRYPTO_B64, OVERSIZE_DECODE) { - int32_t status = CRYPTO_LIB_ERROR; + int32_t status = CRYPTO_LIB_ERROR; // Success Case, This_one_is_just_the_right_size (len = 31) - char *ciphertext_base64 = "VGhpc19vbmVfaXNfanVzdF90aGVfcmlnaHRfc2l6ZQ=="; - uint8_t len_data_out = 15; + char *ciphertext_base64 = "VGhpc19vbmVfaXNfanVzdF90aGVfcmlnaHRfc2l6ZQ=="; + uint8_t len_data_out = 15; uint16_t decoded_buffer_size = (len_data_out)*2 + 1; // 31 uint8_t *ciphertext_decoded = malloc(decoded_buffer_size); size_t ciphertext_decoded_len = 0; - status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len); + status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, + &ciphertext_decoded_len); printf("Status: %d\n\n", status); free(ciphertext_decoded); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Success Case, This_one_allocates_too_much (len = 27) - ciphertext_base64 = "VGhpc19vbmVfYWxsb2NhdGVzX3Rvb19tdWNo"; - len_data_out = 15; + ciphertext_base64 = "VGhpc19vbmVfYWxsb2NhdGVzX3Rvb19tdWNo"; + len_data_out = 15; decoded_buffer_size = (len_data_out)*2 + 1; // 31 ciphertext_decoded = malloc(decoded_buffer_size); ciphertext_decoded_len = 0; - status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len); + status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, + &ciphertext_decoded_len); printf("Status: %d\n\n", status); free(ciphertext_decoded); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -224,7 +227,8 @@ UTEST(CRYPTO_B64, OVERSIZE_DECODE) decoded_buffer_size = (len_data_out)*2 + 1; ciphertext_decoded = malloc(decoded_buffer_size); ciphertext_decoded_len = 0; - status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len); + status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, + &ciphertext_decoded_len); printf("Status: %d\n\n", status); free(ciphertext_decoded); ASSERT_EQ(ERROR_INVALID_LENGTH, status); @@ -235,7 +239,8 @@ UTEST(CRYPTO_B64, OVERSIZE_DECODE) decoded_buffer_size = (len_data_out)*2 + 1; ciphertext_decoded = malloc(decoded_buffer_size); ciphertext_decoded_len = 0; - status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len); + status = base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, + &ciphertext_decoded_len); printf("Status: %d\n\n", status); free(ciphertext_decoded); ASSERT_EQ(ERROR_INVALID_LENGTH, status); From 4935b62141c5a893b2ad490ca32ea013f699a99b Mon Sep 17 00:00:00 2001 From: Donovan Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Fri, 9 Jan 2026 10:12:38 -0500 Subject: [PATCH 35/37] Update version number --- include/crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 70c87a7d..599edaf5 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -51,7 +51,7 @@ */ #define CRYPTO_LIB_MAJOR_VERSION 1 #define CRYPTO_LIB_MINOR_VERSION 4 -#define CRYPTO_LIB_REVISION 1 +#define CRYPTO_LIB_REVISION 3 #define CRYPTO_LIB_MISSION_REV 0 #define GVCID_MAX_PARAM_SIZE 250 @@ -376,4 +376,4 @@ static const uint8_t crypto_gf_log[GF_SIZE] = {0, 0, 1, 4, 2, 8, 5, 10, 3, 14, 9 // Generator polynomial coefficients for g(x) = x^4 + a^3x^3 + ax^2 + a^3x + 1 static const uint8_t crypto_gen_poly[RS_PARITY + 1] = {1, 8, 2, 8, 1}; -#endif // CRYPTO_H \ No newline at end of file +#endif // CRYPTO_H From 6ee728c78cc1f5400e709abdf60ec0f3c15db861 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Fri, 9 Jan 2026 11:12:11 -0500 Subject: [PATCH 36/37] remove aos_frame global --- src/core/crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 0833b726..6dfe76a0 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -50,7 +50,7 @@ CCSDS_t sdls_frame; TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // AOS -uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame +// uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication // OCF From 7223bb925012bf6341aaa7853ac2beef138b8281 Mon Sep 17 00:00:00 2001 From: Donnie-Ice <77851621+Donnie-Ice@users.noreply.github.com> Date: Fri, 9 Jan 2026 16:12:46 +0000 Subject: [PATCH 37/37] style: auto-format via clang-format --- src/core/crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 6dfe76a0..f452a0a4 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -51,8 +51,8 @@ TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplicatio TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication // AOS // uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame -AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication -AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication +AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication +AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication // OCF uint8_t ocf = 0; Telemetry_Frame_Ocf_Fsr_t report;