nasa · Donnie-Ice · Sep 13, 2024 · Sep 9, 2024 · Sep 9, 2024 · Sep 9, 2024
diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c
@@ -1249,6 +1249,13 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8
 
     }
 
+    // check sa state before decrypting
+    if (sa_ptr->sa_state != SA_OPERATIONAL)
+    {
+        printf(KRED "Error: SA Not Operational \n" RESET);
+        return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL;
+    }
+
     if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE)
     {
 

diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c
@@ -1787,6 +1787,12 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_
         // Parse MAC, prepare AAD
         Crypto_TM_Parse_Mac_Prep_AAD(sa_service_type, p_ingest, mac_loc, sa_ptr, &aad_len, byte_idx, aad);
 
+        if (sa_ptr->sa_state != SA_OPERATIONAL)
+        {
+            printf(KRED "Error: SA Not Operational \n" RESET);
+            return CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL;
+        }
+
         status = Crypto_TM_Do_Decrypt(sa_service_type, sa_ptr, ecs_is_aead_algorithm, byte_idx, p_new_dec_frame, pdu_len, p_ingest, ekp, akp, iv_loc, mac_loc, aad_len, aad, pp_processed_frame, p_decrypted_length);
     } 
 

diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c
@@ -980,13 +980,13 @@ static int32_t sa_start(TC_t* tc_frame)
     // Read ingest
     spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1];
 
-    // Overwrite last PID
-    sa[spi].lpid =
-        (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
-
     // Check SPI exists and in 'Keyed' state
     if (spi < NUM_SA)
     {
+        // Overwrite last PID
+        sa[spi].lpid =
+            (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
+
         if (sa[spi].sa_state == SA_KEYED)
         {
             count = 2;
@@ -1109,13 +1109,13 @@ static int32_t sa_stop(void)
     spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1];
     printf("spi = %d \n", spi);
 
-    // Overwrite last PID
-    sa[spi].lpid =
-        (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
-
     // Check SPI exists and in 'Active' state
     if (spi < NUM_SA)
     {
+        // Overwrite last PID
+        sa[spi].lpid =
+            (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
+
         if (sa[spi].sa_state == SA_OPERATIONAL)
         {
             // Remove all GVC/GMAP IDs
@@ -1170,13 +1170,13 @@ static int32_t sa_rekey(void)
     spi = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1];
     count = count + 2;
 
-    // Overwrite last PID
-    sa[spi].lpid =
-        (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
-
     // Check SPI exists and in 'Unkeyed' state
     if (spi < NUM_SA)
     {
+        // Overwrite last PID
+        sa[spi].lpid =
+            (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
+
         if (sa[spi].sa_state == SA_UNKEYED)
         { // Encryption Key
             sa[spi].ekid = ((uint8_t)sdls_frame.pdu.data[count] << 8) | (uint8_t)sdls_frame.pdu.data[count + 1];
@@ -1248,13 +1248,13 @@ static int32_t sa_expire(void)
     spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1];
     printf("spi = %d \n", spi);
 
-    // Overwrite last PID
-    sa[spi].lpid =
-        (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
-
     // Check SPI exists and in 'Keyed' state
     if (spi < NUM_SA)
     {
+        // Overwrite last PID
+        sa[spi].lpid =
+            (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
+
         if (sa[spi].sa_state == SA_KEYED)
         { // Change to 'Unkeyed' state
             sa[spi].sa_state = SA_UNKEYED;
@@ -1290,57 +1290,65 @@ static int32_t sa_create(void)
     spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1];
     printf("spi = %d \n", spi);
 
-    // Overwrite last PID
-    sa[spi].lpid =
-        (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
-
-    // Write SA Configuration
-    sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7;
-    sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6;
-    sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F);
-    sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2;
-    sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03);
-    sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]);
-    sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]);
-    for (x = 0; x < sa[spi].ecs_len; x++)
-    {
-        sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]);
-    }
-    sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]);
-    for (x = 0; x < sa[spi].shivf_len; x++)
-    {
-        sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]);
-    }
-    sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]);
-    for (x = 0; x < sa[spi].acs_len; x++)
-    {
-        sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]);
-    }
-    sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]));
-    count = count + 2;
-    for (x = 0; x < sa[spi].abm_len; x++)
-    {
-        sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]);
-    }
-    sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]);
-    for (x = 0; x < sa[spi].arsn_len; x++)
-    {
-        *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]);
-    }
-    sa[spi].arsnw_len = ((uint8_t)sdls_frame.pdu.data[count++]);
-    for (x = 0; x < sa[spi].arsnw_len; x++)
+    // Check if valid SPI
+    if (spi < NUM_SA)
     {
-        sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_frame.pdu.data[count++]) << (sa[spi].arsnw_len - x));
-    }
+        // Overwrite last PID
+        sa[spi].lpid =
+            (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
+
+        // Write SA Configuration
+        sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7;
+        sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6;
+        sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F);
+        sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2;
+        sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03);
+        sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]);
+        sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]);
+        for (x = 0; x < sa[spi].ecs_len; x++)
+        {
+            sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]);
+        }
+        sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]);
+        for (x = 0; x < sa[spi].shivf_len; x++)
+        {
+            sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]);
+        }
+        sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]);
+        for (x = 0; x < sa[spi].acs_len; x++)
+        {
+            sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]);
+        }
+        sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1]));
+        count = count + 2;
+        for (x = 0; x < sa[spi].abm_len; x++)
+        {
+            sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]);
+        }
+        sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]);
+        for (x = 0; x < sa[spi].arsn_len; x++)
+        {
+            *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]);
+        }
+        sa[spi].arsnw_len = ((uint8_t)sdls_frame.pdu.data[count++]);
+        for (x = 0; x < sa[spi].arsnw_len; x++)
+        {
+            sa[spi].arsnw = sa[spi].arsnw | (((uint8_t)sdls_frame.pdu.data[count++]) << (sa[spi].arsnw_len - x));
+        }
 
-    // TODO: Checks for valid data
+        // TODO: Checks for valid data
 
-    // Set state to unkeyed
-    sa[spi].sa_state = SA_UNKEYED;
+        // Set state to unkeyed
+        sa[spi].sa_state = SA_UNKEYED;
 
 #ifdef PDU_DEBUG
-    Crypto_saPrint(&sa[spi]);
+        Crypto_saPrint(&sa[spi]);
 #endif
+    }
+    else
+    {
+        printf(KRED "ERROR: SPI %d cannot be created.\n" RESET, spi);
+    }
 
     return CRYPTO_LIB_SUCCESS;
 }
@@ -1358,13 +1366,13 @@ static int32_t sa_delete(void)
     spi = ((uint8_t)sdls_frame.pdu.data[0] << 8) | (uint8_t)sdls_frame.pdu.data[1];
     printf("spi = %d \n", spi);
 
-    // Overwrite last PID
-    sa[spi].lpid =
-        (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
-
     // Check SPI exists and in 'Unkeyed' state
     if (spi < NUM_SA)
     {
+        // Overwrite last PID
+        sa[spi].lpid =
+            (sdls_frame.pdu.type << 7) | (sdls_frame.pdu.uf << 6) | (sdls_frame.pdu.sg << 4) | sdls_frame.pdu.pid;
+
         if (sa[spi].sa_state == SA_UNKEYED)
         { // Change to 'None' state
             sa[spi].sa_state = SA_NONE;

diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c
@@ -144,6 +144,13 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF)
     int truth_aos_len = 0;
     hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len);
 
+    SecurityAssociation_t *sa_ptr = NULL;
+    SaInterface sa_if = get_sa_interface_inmemory();
+    sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10
+    sa_ptr->sa_state = SA_KEYED;
+    sa_if->sa_get_from_spi(9, &sa_ptr);  // Enable and setup 9
+    sa_ptr->sa_state = SA_OPERATIONAL;
+
     status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len);
     ASSERT_EQ(CRYPTO_LIB_SUCCESS, status);
     // Determine managed parameters by GVCID, which nominally happens in TO
@@ -253,6 +260,13 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT)
     int truth_aos_len = 0;
     hex_conversion(truth_aos_h, &truth_aos_b, &truth_aos_len);
 
+    SecurityAssociation_t *sa_ptr = NULL;
+    SaInterface sa_if = get_sa_interface_inmemory();
+    sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10
+    sa_ptr->sa_state = SA_KEYED;
+    sa_if->sa_get_from_spi(9, &sa_ptr);  // Enable and setup 9
+    sa_ptr->sa_state = SA_OPERATIONAL;
+
     status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len);
     ASSERT_EQ(CRYPTO_LIB_SUCCESS, status);
     // Determine managed parameters by GVCID, which nominally happens in TO
@@ -982,4 +996,43 @@ UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST)
     free(ptr_processed_frame);
 }
 
+UTEST(AOS_PROCESS, AOS_SA_NOT_OPERATIONAL)
+{
+    // Local Variables
+    int32_t status = CRYPTO_LIB_SUCCESS;
+    uint8_t* ptr_processed_frame = NULL;
+    uint16_t processed_aos_len;
+
+    // Configure Parameters
+    Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, 
+                            IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR,
+                            TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE,
+                            AOS_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE);
+    // AOS Tests
+    //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10);
+    GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 0, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1};  
+    Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters);
+    status = Crypto_Init();
+
+    // Test frame setup
+    char* framed_aos_h = "42C00000000000050000000000000000FFFF";
+    char* framed_aos_b = NULL;
+    int framed_aos_len = 0;
+    hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len);
+
+    SecurityAssociation_t *sa_ptr = NULL;
+    SaInterface sa_if = get_sa_interface_inmemory();
+    sa_if->sa_get_from_spi(10, &sa_ptr); //Disable SPI 10
+    sa_ptr->sa_state = SA_KEYED;
+    sa_if->sa_get_from_spi(5, &sa_ptr);  // Enable and setup 5
+    sa_ptr->sa_state = SA_NONE;
+
+    status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len);
+    ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status);
+
+    Crypto_Shutdown();
+    free(framed_aos_b);
+    free(ptr_processed_frame);
+}
+
 UTEST_MAIN();
diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c
@@ -149,6 +149,14 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF)
     int truth_tm_len = 0;
     hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len);
 
+    SecurityAssociation_t* sa_ptr;
+    // Deactivate SA 1
+    sa_if->sa_get_from_spi(1, &sa_ptr);
+    sa_ptr->sa_state = SA_NONE;
+    // Activate SA 5
+    sa_if->sa_get_from_spi(5, &sa_ptr);
+    sa_ptr->sa_state = SA_OPERATIONAL;
+
     status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len);
     ASSERT_EQ(CRYPTO_LIB_SUCCESS, status);
     // Determine managed parameters by GVCID, which nominally happens in TO
@@ -1131,6 +1139,7 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1)
 
     printf("\n\n");
 
+    Crypto_Shutdown();
     free(truth_tm_b);
     free(framed_tm_b);
     free(iv_b);
@@ -1148,15 +1157,15 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST)
                             IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR,
                             TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE,
                             TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE);
-    // AOS Tests
+    // TM Tests
     //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10);
-    GvcidManagedParameters_t AOS_Managed_Parameters = {1, 0x002c, 0, AOS_HAS_FECF, AOS_NO_FHEC, AOS_HAS_IZ, 10, AOS_SEGMENT_HDRS_NA, 1786, AOS_NO_OCF, 1};
-    Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_Managed_Parameters);
+    GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1};
+    Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters);
 
     status = Crypto_Init();
 
     // Test frame setup
-    char* framed_tm_h = "02c000001800FFFF";
+    char* framed_tm_h = "02c00000180000FFFFFF";
     char* framed_tm_b = NULL;
     int framed_tm_len = 0;
     hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len);
@@ -1169,4 +1178,39 @@ UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST)
     free(ptr_processed_frame);
 }
 
+UTEST(TM_PROCESS, TM_SA_NOT_OPERATIONAL)
+{
+    // Local Variables
+    int32_t status = CRYPTO_LIB_SUCCESS;
+    uint8_t* ptr_processed_frame = NULL;
+    uint16_t processed_tm_len;
+
+    // Configure Parameters
+    Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, 
+                            IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR,
+                            TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE,
+                            TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE);
+    // TM Tests
+    //Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0);
+    GvcidManagedParameters_t TM_UT_Managed_Parameters = {0, 0x002c, 0, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1};
+    Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters);
+
+    status = Crypto_Init();
+
+    TC_t* tc_sdls_processed_frame;
+    tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE);
+    memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE));
+
+    char* framed_tm_h = "02C000001800002C414243444546";
+    char* framed_tm_b = NULL;
+    int framed_tm_len = 0;
+    hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len);
+    status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len);
+
+    ASSERT_EQ(CRYPTO_LIB_ERR_SA_NOT_OPERATIONAL, status);
+    free(framed_tm_b);
+    free(tc_sdls_processed_frame);
+    Crypto_Shutdown();
+}
+
 UTEST_MAIN();